private async void VerifyUserEmailAsync(ApplicationUser user) { //Verify email address is confirmed with identity var emailConfirmed = userManager.IsEmailConfirmedAsync(user).Result; if (!emailConfirmed) { string emailVerificationToken = userManager.GenerateEmailConfirmationTokenAsync(user).Result; var result = userManager.ConfirmEmailAsync(user, emailVerificationToken).Result; if (result.Succeeded) { var emailVerification = emailVerificationRepository.Find(null, p => p.PersonId == user.PersonId && p.IsVerified != true)?.Items?.FirstOrDefault(); if (emailVerification != null) { var verifiedEmailAddress = personEmailRepository.Find(null, p => p.Address.Equals(emailVerification.Address, StringComparison.OrdinalIgnoreCase))?.Items?.FirstOrDefault(); if (verifiedEmailAddress == null) { var personEmail = new PersonEmail() { EmailVerificationId = emailVerification.Id, IsPrimaryEmail = true, PersonId = emailVerification.PersonId, Address = emailVerification.Address }; personEmailRepository.Add(personEmail); } //Verification completed emailVerification.IsVerified = true; emailVerificationRepository.Update(emailVerification); } } } }
public async Task <IActionResult> InviteUser(string organizationId, [FromBody] InviteUserViewModel value) { OrganizationMember teamMember; value.OrganizationId = new Guid(organizationId); var user = new ApplicationUser(); //add person to organization only if you are admin or add it to access request table var requestingUser = repository.Find(null, a => a.PersonId == SecurityContext.PersonId && a.OrganizationId == Guid.Parse(organizationId))?.Items.FirstOrDefault(); var isRequestingUserAdministrator = requestingUser.IsAdministrator.GetValueOrDefault(false); //if the requesting user is NOT an administrator then the user cannot skip email verification //only administrators can allow that; however, this can be skipped for now //if (value.SkipEmailVerification && !isRequestingUserAdministrator) // value.SkipEmailVerification = false; try { bool IsEmailAllowed = _emailSender.IsEmailAllowed(); var organizationMember = repository.Find(null, a => a.PersonId == SecurityContext.PersonId && a.OrganizationId == Guid.Parse(organizationId))?.Items.FirstOrDefault(); if (organizationMember == null) { throw new UnauthorizedAccessException(); } //this is to check if the user is already in the system and where is part of the organization teamMember = _membershipManager.InviteUser(value, SecurityContext); if (teamMember == null) { user.UserName = value.Email; user.Email = value.Email; string passwordString = value.Password; if (IsEmailAllowed) { if (string.IsNullOrEmpty(passwordString)) { RandomPassword randomPass = new RandomPassword(); passwordString = randomPass.GenerateRandomPassword(); } } else { if (string.IsNullOrEmpty(passwordString)) { ModelState.AddModelError("Invite User", "Email is disabled. Must provide a password."); return(BadRequest(ModelState)); } } var loginResult = await _userManager.CreateAsync(user, passwordString).ConfigureAwait(false); if (!loginResult.Succeeded) { return(GetErrorResult(loginResult)); } else { //add person email var emailIds = new List <EmailVerification>(); var personEmail = new EmailVerification() { PersonId = Guid.Empty, Address = value.Email, IsVerified = false }; if (value.SkipEmailVerification) { personEmail.IsVerified = true; } emailIds.Add(personEmail); Person newPerson = new Person() { Company = value.Company, Department = value.Department, Name = value.Name, EmailVerifications = emailIds }; var person = _personRepository.Add(newPerson); if (!value.SkipEmailVerification) { if (IsEmailAllowed) { string code = await _userManager.GenerateEmailConfirmationTokenAsync(user).ConfigureAwait(false); EmailMessage emailMessage = new EmailMessage(); emailMessage.Body = SendConfirmationEmail(code, user.Id, passwordString, "en"); emailMessage.Subject = "Confirm your account at " + Constants.PRODUCT; await _emailSender.SendEmailAsync(emailMessage, null, null, "Outgoing").ConfigureAwait(false); } else { value.SkipEmailVerification = true; ModelState.AddModelError("Email", "Email is disabled. Verification email was not sent."); } } //update the user if (person != null) { var registeredUser = _userManager.FindByNameAsync(user.UserName).Result; registeredUser.PersonId = person.Id.GetValueOrDefault(); registeredUser.ForcedPasswordChange = true; await _userManager.UpdateAsync(registeredUser).ConfigureAwait(false); //add person to organization only if you are admin or add it to access request table if (isRequestingUserAdministrator) { OrganizationMember newOrgMember = new OrganizationMember() { PersonId = person.Id, OrganizationId = Guid.Parse(organizationId), IsAutoApprovedByEmailAddress = true, IsInvited = true }; await base.PostEntity(newOrgMember).ConfigureAwait(false); } else { //add it to access requests AccessRequest accessRequest = new AccessRequest() { OrganizationId = Guid.Parse(organizationId), PersonId = person.Id, IsAccessRequested = true, AccessRequestedOn = DateTime.UtcNow }; _accessRequestManager.AddAccessRequest(accessRequest); } } } } if (IsEmailAllowed) { return(Ok()); } else { return(Ok(ModelState)); } } catch (Exception ex) { return(ex.GetActionResult()); } }