public virtual async Task <ActionResult> ChangeEmail(AccountViewModel model)
{
if (!ModelState.IsValidField("ChangeEmail.NewEmail"))
{
return(AccountView(model));
}
var user = GetCurrentUser();
if (user.HasPassword())
{
if (!ModelState.IsValidField("ChangeEmail.Password"))
{
return(AccountView(model));
}
var authUser = await AuthService.Authenticate(User.Identity.Name, model.ChangeEmail.Password);
if (authUser == null)
{
ModelState.AddModelError("ChangeEmail.Password", Strings.CurrentPasswordIncorrect);
return(AccountView(model));
}
}
// No password? We can't do any additional verification...
if (String.Equals(model.ChangeEmail.NewEmail, user.LastSavedEmailAddress, StringComparison.OrdinalIgnoreCase))
{
// email address unchanged - accept
return(RedirectToAction(actionName: "Account", controllerName: "Users"));
}
try
{
await UserService.ChangeEmailAddress(user, model.ChangeEmail.NewEmail);
}
catch (EntityException e)
{
ModelState.AddModelError("ChangeEmail.NewEmail", e.Message);
return(AccountView(model));
}
if (user.Confirmed)
{
var confirmationUrl = Url.ConfirmationUrl(
"Confirm", "Users", user.Username, user.EmailConfirmationToken);
MessageService.SendEmailChangeConfirmationNotice(new MailAddress(user.UnconfirmedEmailAddress, user.Username), confirmationUrl);
TempData["Message"] = Strings.EmailUpdated_ConfirmationRequired;
}
else
{
TempData["Message"] = Strings.EmailUpdated;
}
return(RedirectToAction(actionName: "Account", controllerName: "Users"));
}
public virtual async Task <ActionResult> ChangeEmail(TAccountViewModel model)
{
var account = GetAccount(model.AccountName);
if (account == null ||
ActionsRequiringPermissions.ManageAccount.CheckPermissions(GetCurrentUser(), account)
!= PermissionsCheckResult.Allowed)
{
return(new HttpStatusCodeResult(HttpStatusCode.Forbidden, Strings.Unauthorized));
}
if (!ModelState.IsValidField("ChangeEmail.NewEmail"))
{
return(AccountView(account, model));
}
if (account.HasPasswordCredential())
{
if (!ModelState.IsValidField("ChangeEmail.Password"))
{
return(AccountView(account, model));
}
if (!AuthenticationService.ValidatePasswordCredential(account.Credentials, model.ChangeEmail.Password, out var _))
{
ModelState.AddModelError("ChangeEmail.Password", Strings.CurrentPasswordIncorrect);
return(AccountView(account, model));
}
}
// No password? We can't do any additional verification...
if (string.Equals(model.ChangeEmail.NewEmail, account.LastSavedEmailAddress, StringComparison.OrdinalIgnoreCase))
{
// email address unchanged - accept
return(RedirectToAction(AccountAction));
}
try
{
await UserService.ChangeEmailAddress(account, model.ChangeEmail.NewEmail);
}
catch (EntityException e)
{
ModelState.AddModelError("ChangeEmail.NewEmail", e.Message);
return(AccountView(account, model));
}
if (account.Confirmed && !string.IsNullOrEmpty(account.UnconfirmedEmailAddress))
{
await SendEmailChangedConfirmationNoticeAsync(account);
}
return(RedirectToAction(AccountAction));
}
public virtual ActionResult ChangeEmail(ChangeEmailRequestModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
User user = UserService.FindByUsernameAndPassword(Identity.Name, model.Password);
if (user == null)
{
ModelState.AddModelError("Password", Strings.CurrentPasswordIncorrect);
return(View(model));
}
if (String.Equals(model.NewEmail, user.LastSavedEmailAddress, StringComparison.OrdinalIgnoreCase))
{
// email address unchanged - accept
return(RedirectToAction(MVC.Users.Edit()));
}
try
{
UserService.ChangeEmailAddress(user, model.NewEmail);
}
catch (EntityException e)
{
ModelState.AddModelError("NewEmail", e.Message);
return(View(model));
}
if (user.Confirmed)
{
var confirmationUrl = Url.ConfirmationUrl(
MVC.Users.Confirm(), user.Username, user.EmailConfirmationToken, protocol: Request.Url.Scheme);
MessageService.SendEmailChangeConfirmationNotice(new MailAddress(user.UnconfirmedEmailAddress, user.Username), confirmationUrl);
TempData["Message"] =
"Your email address has been changed! We sent a confirmation email to verify your new email. When you confirm the new email address, it will take effect and we will forget the old one.";
}
else
{
TempData["Message"] = "Your new email address was saved!";
}
return(RedirectToAction(MVC.Users.Edit()));
}
