Example #1
0
        protected override async Task <OperationResult> DoExecute(RemindLoginDto request)
        {
            User user;

            if (string.IsNullOrEmpty(request.Pesel))
            {
                user = await _dbContext.Users.FirstOrDefaultAsync(u => u.Email == request.Email &&
                                                                  u.EmailVerified == true &&
                                                                  u.Pesel == null &&
                                                                  u.Name == request.Name &&
                                                                  u.Surname == request.Surname);
            }
            else
            {
                user = await _dbContext.Users.FirstOrDefaultAsync(u => u.Email == request.Email &&
                                                                  u.EmailVerified == true &&
                                                                  u.Pesel == request.Pesel);
            }

            if (user == null)
            {
                //Security issue: always return 200 even if user was no found
                return(new OperationSucceded());
            }

            _sendEmailCommand.Execute(new EmailDto()
            {
                To    = user.Email,
                Title = EmailContentConfiguration.LoginRemindedTitle,
                Body  = EmailContentConfiguration.LoginRemindedBody(user.CandidateId)
            });
            return(new OperationSucceded());
        }
Example #2
0
        public override async Task <OperationResult> Execute(ResetPasswordDto request)
        {
            if (string.IsNullOrWhiteSpace(request.Login))
            {
                return(new OperationSucceded());
            }

            User user = await _dbContext.Users.SingleAsync(u => u.EmailVerified && u.CandidateId == request.Login);

            var passwordReset = new PasswordReset()
            {
                UserId         = user.Id,
                Id             = Guid.NewGuid(),
                InsertDateTime = DateTime.UtcNow
            };

            _dbContext.PasswordResets.Add(passwordReset);
            await _dbContext.SaveChangesAsync();

            _sendEmailCommand.Execute(new EmailDto()
            {
                To    = user.Email,
                Title = EmailContentConfiguration.ResetPasswordTitle,
                Body  = EmailContentConfiguration.ResetPasswordBody(_endpointConfig.SetNewPassword(passwordReset.Id.ToString()))
            });

            return(new OperationSucceded());
        }
        public override async Task <string> Execute(Guid request)
        {
            var email = _dbContext.ConfirmationEmails
                        .Include(ce => ce.User)
                        .FirstOrDefault(ce => ce.Id == request);

            if (email == null)
            {
                throw new EmailVerificationTokenNotFoundException();
            }

            if (email.Used)
            {
                return(email.User.CandidateId);
            }

            email.Used = true;

            var user = email.User;

            user.EmailVerified = true;
            await AssignCandidateId(user);

            await _dbContext.SaveChangesAsync();

            _sendEmailCommand.Execute(new EmailDto()
            {
                To    = user.Email,
                Title = EmailContentConfiguration.EmailVerifiedTitle,
                Body  = EmailContentConfiguration.EmailVerifiedBody(user.CandidateId)
            });

            return(user.CandidateId);
        }
        protected async override Task <int> DoExecute(RegisterDto request)
        {
            int alreaddyRegisteredUsers = _dbContext.Users.Count(u => u.Email == request.Email);

            if (alreaddyRegisteredUsers >= _businessConfiguration.AllowedAccountsWithSameEmail)
            {
                throw new ValidationFailedException()
                      {
                          ValidationResult = new ValidationResult("Na ten email zarejestrowanych jest już za dużo użytkowników")
                      };
            }

            var user = new User
            {
                Email         = request.Email,
                Name          = request.Name,
                Surname       = request.Surname,
                Pesel         = request.Pesel,
                CandidateId   = null,
                PasswordHash  = _passwordHasher.HashPassword(request.Password),
                EmailVerified = false,
                BirthDate     = request.BirthDate.Value
            };

            EntityEntry <User> result = _dbContext.Users.Add(user);
            await _dbContext.SaveChangesAsync();


            if (!result.IsKeySet)
            {
                throw new Exception("Registration Failed");
            }

            Guid token = await GenerateEmailConfirmationToken(result.Entity.Id);

            _sendEmailCommand.Execute(new EmailDto()
            {
                Body  = EmailContentConfiguration.RegisteredBody(_endpointConfig.ConfirmEmail(token.ToString())),
                Title = EmailContentConfiguration.RegisteredTitle,
                To    = user.Email
            });
            return(result.Entity.Id);
        }