public ValidateResult Validate([FromBody] ValidateInput authInput) { if (this.ModelState.IsValid) { if (authInput == null) { throw HttpStatusCode.BadRequest.AsException(); } var client = new RestClient(Config.SystemBehaviorConfig.ResgridBaseUrl); var request = new RestRequest($"/CoreBridge/ValidateLogIn", Method.POST); request.AddJsonBody(authInput); var response = client.Execute <Model.Results.ValidateLogInResult>(request); if (response.Data == null || !response.Data.Successful) { throw HttpStatusCode.Unauthorized.AsException(); } var user = _usersService.GetUserByName(authInput.Usr); Department department = _departmentsService.GetDepartmentForUser(authInput.Usr); var result = new ValidateResult { Eml = user.Email, Uid = user.Id, Dnm = department.Name, Did = department.DepartmentId }; if (department.CreatedOn.HasValue) { result.Dcd = (department.CreatedOn.Value - new DateTime(1970, 1, 1).ToLocalTime()).TotalSeconds.ToString(); } else { result.Dcd = new DateTime(1970, 1, 1).ToLocalTime().ToString(); } result.Tkn = V3AuthToken.Create(authInput.Usr, department.DepartmentId); result.Txd = DateTime.UtcNow.AddMonths(Config.SystemBehaviorConfig.APITokenMonthsTTL).ToShortDateString(); var profile = _userProfileService.GetProfileByUserId(user.Id); result.Nme = profile.FullName.AsFirstNameLastName; return(result); } throw HttpStatusCode.BadRequest.AsException(); }
public async Task <IActionResult> ForgotPassword(ForgotPasswordViewModel model) { if (ModelState.IsValid) { var user = await _userManager.FindByEmailAsync(model.Email); if (user == null || !(await _userManager.IsEmailConfirmedAsync(user))) { // Don't reveal that the user does not exist or is not confirmed return(View("ForgotPasswordConfirmation")); } var profile = _userProfileService.GetProfileByUserId(user.Id); var department = _departmentsService.GetDepartmentForUser(user.UserName); var token = await _userManager.GeneratePasswordResetTokenAsync(user); var newPassword = RandomGenerator.GenerateRandomString(6, 10, false, false, true, true, false, true, null); var result = await _userManager.ResetPasswordAsync(user, token, newPassword); if (result.Succeeded) { _emailService.SendPasswordResetEmail(user.Email, profile.FullName.AsFirstNameLastName, user.UserName, newPassword, department.Name); } return(View("ForgotPasswordConfirmation")); // For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=532713 // Send an email with this link //var code = await _userManager.GeneratePasswordResetTokenAsync(user); //var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme); //await _emailSender.SendEmailAsync(model.Email, "Reset Password", // $"Please reset your password by clicking here: <a href='{callbackUrl}'>link</a>"); //return View("ForgotPasswordConfirmation"); } // If we got this far, something failed, redisplay form return(View(model)); }
public override async Task <ClaimsPrincipal> CreateAsync(TUser user) { if (user == null) { throw new ArgumentNullException("user"); } var userId = await UserManager.GetUserIdAsync(user); var userName = await UserManager.GetUserNameAsync(user); var profile = _userProfileService.GetProfileByUserId(userId); var id = new ClaimsIdentity( options.Cookies.ApplicationCookie.AuthenticationScheme, Options.ClaimsIdentity.UserNameClaimType, Options.ClaimsIdentity.RoleClaimType ); id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId)); id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName)); if (UserManager.SupportsUserSecurityStamp) { id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType, await UserManager.GetSecurityStampAsync(user))); } if (UserManager.SupportsUserRole) { var roles = await _claimsRepository.GetRolesAsync(user); // UserManager.GetRolesAsync(user); foreach (var roleName in roles) { id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName)); } } ClaimsPrincipal principal = new ClaimsPrincipal(id); if (principal.Identity is ClaimsIdentity) { ClaimsIdentity identity = (ClaimsIdentity)principal.Identity; if (profile != null) { Claim displayNameClaim = new Claim("DisplayName", profile.FullName.AsFirstNameLastName); if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value)) { identity.AddClaim(displayNameClaim); } } Claim emailClaim = new Claim(ClaimTypes.Email, user.Email); if (!identity.HasClaim(emailClaim.Type, emailClaim.Value)) { identity.AddClaim(emailClaim); } if (_usersService.IsUserInRole(user.Id, _usersService.AdminRoleId)) { ClaimsLogic.AddSystemAdminClaims(id, userName, user.Id, "System Admin"); } else if (_usersService.IsUserInRole(user.Id, _usersService.AffiliateRoleId)) { ClaimsLogic.AddAffiliteClaims(id, userName, user.Id, profile.FullName.AsFirstNameLastName); } else { var department = _departmentsService.GetDepartmentForUser(userName); if (department == null) { return(null); } var group = _departmentGroupsService.GetGroupForUser(user.Id, department.DepartmentId); var departmentAdmin = department.IsUserAnAdmin(user.Id); var permissions = _permissionsService.GetAllPermissionsForDepartment(department.DepartmentId); var roles = _personnelRolesService.GetRolesForUser(user.Id, department.DepartmentId); ClaimsLogic.AddDepartmentClaim(id, department.DepartmentId, departmentAdmin); //ClaimsLogic.DepartmentName = department.Name; DateTime signupDate; if (department.CreatedOn.HasValue) { signupDate = department.CreatedOn.Value; } else { signupDate = DateTime.UtcNow; } //ClaimsLogic.DepartmentId = department.DepartmentId; var name = user.UserName; if (profile != null && !String.IsNullOrWhiteSpace(profile.LastName)) { name = profile.FullName.AsFirstNameLastName; } ClaimsLogic.AddGeneralClaims(id, userName, user.Id, name, department.DepartmentId, department.Name, user.Email, signupDate); bool isGroupAdmin = false; if (group != null) { isGroupAdmin = group.IsUserGroupAdmin(user.Id); } if (departmentAdmin) { var groups = _departmentGroupsService.GetAllGroupsForDepartment(department.DepartmentId); if (groups != null) { foreach (var departmentGroup in groups) { ClaimsLogic.AddGroupClaim(id, departmentGroup.DepartmentGroupId, true); } } } else { if (group != null) { ClaimsLogic.AddGroupClaim(id, group.DepartmentGroupId, isGroupAdmin); } } ClaimsLogic.AddCallClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddActionClaims(id); ClaimsLogic.AddLogClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddStaffingClaims(id); ClaimsLogic.AddPersonnelClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddUnitClaims(id, departmentAdmin); ClaimsLogic.AddUnitLogClaims(id); ClaimsLogic.AddMessageClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddRoleClaims(id, departmentAdmin); ClaimsLogic.AddProfileClaims(id); ClaimsLogic.AddReportsClaims(id); ClaimsLogic.AddGenericGroupClaims(id, departmentAdmin); ClaimsLogic.AddDocumentsClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddNotesClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddScheduleClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddShiftClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddTrainingClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddPIIClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddInventoryClaims(id, departmentAdmin, permissions, isGroupAdmin, roles); ClaimsLogic.AddConnectClaims(id, departmentAdmin); ClaimsLogic.AddCommandClaims(id, departmentAdmin); ClaimsLogic.AddProtocolClaims(id, departmentAdmin); } } return(principal); }
private ClaimsPrincipal DressUpPrincipal(String userName) { if (String.IsNullOrWhiteSpace(userName)) { return(null); } var identiy = new ResgridIdentity(); _usersService = ServiceLocator.Current.GetInstance <IUsersService>(); var user = _usersService.GetUserByName(userName); if (user == null) { return(null); } _departmentsService = ServiceLocator.Current.GetInstance <IDepartmentsService>(); _departmentGroupsService = ServiceLocator.Current.GetInstance <IDepartmentGroupsService>(); _userProfileService = ServiceLocator.Current.GetInstance <IUserProfileService>(); _permissionsService = ServiceLocator.Current.GetInstance <IPermissionsService>(); _personnelRolesService = ServiceLocator.Current.GetInstance <IPersonnelRolesService>(); var profile = _userProfileService.GetProfileByUserId(user.UserId); string fullName = String.Empty; if (profile == null || String.IsNullOrWhiteSpace(profile.FirstName)) { var pfile = ProfileBase.Create(user.UserName, true); fullName = pfile.GetPropertyValue("Name").ToString(); } else { fullName = string.Format("{0} {1}", profile.FirstName, profile.LastName); } identiy.FullName = fullName; identiy.UserName = userName; identiy.UserId = user.UserId; if (_usersService.IsUserInRole(user.UserId, _usersService.AdminRoleId)) { identiy.AddSystemAdminClaims(userName, user.UserId, fullName); } else if (_usersService.IsUserInRole(user.UserId, _usersService.AffiliateRoleId)) { identiy.AddAffiliteClaims(userName, user.UserId, fullName); } else { var department = _departmentsService.GetDepartmentForUser(userName); if (department == null) { return(null); } var group = _departmentGroupsService.GetGroupForUser(user.UserId, department.DepartmentId); var departmentAdmin = department.IsUserAnAdmin(user.UserId); var permissions = _permissionsService.GetAllPermissionsForDepartment(department.DepartmentId); var roles = _personnelRolesService.GetRolesForUser(user.UserId, department.DepartmentId); identiy.AddDepartmentClaim(department.DepartmentId, departmentAdmin); identiy.DepartmentName = department.Name; DateTime signupDate; if (department.CreatedOn.HasValue) { signupDate = department.CreatedOn.Value; } else { signupDate = DateTime.UtcNow; } identiy.DepartmentId = department.DepartmentId; string email = String.Empty; if (profile != null && !String.IsNullOrWhiteSpace(profile.MembershipEmail)) { email = profile.MembershipEmail; } else if (!String.IsNullOrWhiteSpace(user.Email)) { email = user.Email; } identiy.AddGeneralClaims(userName, user.UserId, fullName, department.DepartmentId, department.Name, email, signupDate); bool isGroupAdmin = false; if (group != null) { isGroupAdmin = group.IsUserGroupAdmin(user.UserId); } if (departmentAdmin) { var groups = _departmentGroupsService.GetAllGroupsForDepartment(department.DepartmentId); if (groups != null) { foreach (var departmentGroup in groups) { identiy.AddGroupClaim(departmentGroup.DepartmentGroupId, true); } } } else { if (group != null) { identiy.AddGroupClaim(group.DepartmentGroupId, isGroupAdmin); } } identiy.AddCallClaims(departmentAdmin, permissions, isGroupAdmin, roles); identiy.AddActionClaims(); identiy.AddLogClaims(departmentAdmin, permissions, isGroupAdmin, roles); identiy.AddStaffingClaims(); identiy.AddPersonnelClaims(departmentAdmin); identiy.AddUnitClaims(departmentAdmin); identiy.AddUnitLogClaims(); identiy.AddMessageClaims(); identiy.AddRoleClaims(departmentAdmin); identiy.AddProfileClaims(); identiy.AddReportsClaims(); identiy.AddGenericGroupClaims(departmentAdmin); identiy.AddDocumentsClaims(departmentAdmin, permissions, isGroupAdmin, roles); identiy.AddNotesClaims(departmentAdmin, permissions, isGroupAdmin, roles); identiy.AddScheduleClaims(departmentAdmin, permissions, isGroupAdmin, roles); identiy.AddShiftClaims(departmentAdmin, permissions, isGroupAdmin, roles); identiy.AddTrainingClaims(departmentAdmin, permissions, isGroupAdmin, roles); identiy.AddPIIClaims(departmentAdmin, permissions, isGroupAdmin, roles); identiy.AddInventoryClaims(departmentAdmin, permissions, isGroupAdmin, roles); } return(new ClaimsPrincipal(identiy)); }