private async void VerifyUserEmailAsync(ApplicationUser user)
{
//Verify email address is confirmed with identity
var emailConfirmed = userManager.IsEmailConfirmedAsync(user).Result;
if (!emailConfirmed)
{
string emailVerificationToken = userManager.GenerateEmailConfirmationTokenAsync(user).Result;
var result = userManager.ConfirmEmailAsync(user, emailVerificationToken).Result;
if (result.Succeeded)
{
var emailVerification = emailVerificationRepository.Find(null, p => p.PersonId == user.PersonId && p.IsVerified != true)?.Items?.FirstOrDefault();
if (emailVerification != null)
{
var verifiedEmailAddress = personEmailRepository.Find(null, p => p.Address.Equals(emailVerification.Address, StringComparison.OrdinalIgnoreCase))?.Items?.FirstOrDefault();
if (verifiedEmailAddress == null)
{
var personEmail = new PersonEmail()
{
EmailVerificationId = emailVerification.Id,
IsPrimaryEmail = true,
PersonId = emailVerification.PersonId,
Address = emailVerification.Address
};
personEmailRepository.Add(personEmail);
}
//Verification completed
emailVerification.IsVerified = true;
emailVerificationRepository.Update(emailVerification);
}
}
}
}
public async Task <IActionResult> InviteUser(string organizationId, [FromBody] InviteUserViewModel value)
{
OrganizationMember teamMember;
value.OrganizationId = new Guid(organizationId);
var user = new ApplicationUser();
//add person to organization only if you are admin or add it to access request table
var requestingUser = repository.Find(null, a => a.PersonId == SecurityContext.PersonId && a.OrganizationId == Guid.Parse(organizationId))?.Items.FirstOrDefault();
var isRequestingUserAdministrator = requestingUser.IsAdministrator.GetValueOrDefault(false);
//if the requesting user is NOT an administrator then the user cannot skip email verification
//only administrators can allow that; however, this can be skipped for now
//if (value.SkipEmailVerification && !isRequestingUserAdministrator)
// value.SkipEmailVerification = false;
try
{
bool IsEmailAllowed = _emailSender.IsEmailAllowed();
var organizationMember = repository.Find(null, a => a.PersonId == SecurityContext.PersonId && a.OrganizationId == Guid.Parse(organizationId))?.Items.FirstOrDefault();
if (organizationMember == null)
{
throw new UnauthorizedAccessException();
}
//this is to check if the user is already in the system and where is part of the organization
teamMember = _membershipManager.InviteUser(value, SecurityContext);
if (teamMember == null)
{
user.UserName = value.Email;
user.Email = value.Email;
string passwordString = value.Password;
if (IsEmailAllowed)
{
if (string.IsNullOrEmpty(passwordString))
{
RandomPassword randomPass = new RandomPassword();
passwordString = randomPass.GenerateRandomPassword();
}
}
else
{
if (string.IsNullOrEmpty(passwordString))
{
ModelState.AddModelError("Invite User", "Email is disabled. Must provide a password.");
return(BadRequest(ModelState));
}
}
var loginResult = await _userManager.CreateAsync(user, passwordString).ConfigureAwait(false);
if (!loginResult.Succeeded)
{
return(GetErrorResult(loginResult));
}
else
{
//add person email
var emailIds = new List <EmailVerification>();
var personEmail = new EmailVerification()
{
PersonId = Guid.Empty,
Address = value.Email,
IsVerified = false
};
if (value.SkipEmailVerification)
{
personEmail.IsVerified = true;
}
emailIds.Add(personEmail);
Person newPerson = new Person()
{
Company = value.Company,
Department = value.Department,
Name = value.Name,
EmailVerifications = emailIds
};
var person = _personRepository.Add(newPerson);
if (!value.SkipEmailVerification)
{
if (IsEmailAllowed)
{
string code = await _userManager.GenerateEmailConfirmationTokenAsync(user).ConfigureAwait(false);
EmailMessage emailMessage = new EmailMessage();
emailMessage.Body = SendConfirmationEmail(code, user.Id, passwordString, "en");
emailMessage.Subject = "Confirm your account at " + Constants.PRODUCT;
await _emailSender.SendEmailAsync(emailMessage, null, null, "Outgoing").ConfigureAwait(false);
}
else
{
value.SkipEmailVerification = true;
ModelState.AddModelError("Email", "Email is disabled. Verification email was not sent.");
}
}
//update the user
if (person != null)
{
var registeredUser = _userManager.FindByNameAsync(user.UserName).Result;
registeredUser.PersonId = person.Id.GetValueOrDefault();
registeredUser.ForcedPasswordChange = true;
await _userManager.UpdateAsync(registeredUser).ConfigureAwait(false);
//add person to organization only if you are admin or add it to access request table
if (isRequestingUserAdministrator)
{
OrganizationMember newOrgMember = new OrganizationMember()
{
PersonId = person.Id,
OrganizationId = Guid.Parse(organizationId),
IsAutoApprovedByEmailAddress = true,
IsInvited = true
};
await base.PostEntity(newOrgMember).ConfigureAwait(false);
}
else
{
//add it to access requests
AccessRequest accessRequest = new AccessRequest()
{
OrganizationId = Guid.Parse(organizationId),
PersonId = person.Id,
IsAccessRequested = true,
AccessRequestedOn = DateTime.UtcNow
};
_accessRequestManager.AddAccessRequest(accessRequest);
}
}
}
}
if (IsEmailAllowed)
{
return(Ok());
}
else
{
return(Ok(ModelState));
}
}
catch (Exception ex)
{
return(ex.GetActionResult());
}
}
