public IActionResult VerifyPhoneNumber([Required] string id, [FromBody] VerifyPhoneNumberRequest request)
{
Authorize.TokenAgainstResource(HttpContext.User, id);
_customerService.VerifyPhoneNumber(id, request.VerificationCode);
return(Ok());
}
public Task <VerifyPhoneNumberResponse> VerifyPhoneNumberAsync(
VerifyPhoneNumberRequest request,
CancellationToken cancellationToken)
{
return(SendPostRequestAsync <VerifyPhoneNumberResponse>(
"/verify-phone-number",
request,
cancellationToken));
}
/**
* Set user address.
*/
private async Task <APIGatewayProxyResponse> VerifyPhoneNumber(IDataStores dataStores,
IDictionary <string, string> requestHeaders,
JObject requestBody)
{
Debug.Untested();
Debug.AssertValid(dataStores);
Debug.AssertValid(requestHeaders);
Debug.AssertValidOrNull(requestBody);
try {
// Log call
LoggingHelper.LogMessage($"UserIdentityService::VerifyPhoneNumber()");
// Get the NoSQL DB client
AmazonDynamoDBClient dbClient = (AmazonDynamoDBClient)dataStores.GetNoSQLDataStore().GetDBClient();
Debug.AssertValid(dbClient);
// Check inputs
VerifyPhoneNumberRequest verifyPhoneNumberRequest = UserIdentityService_VerifyPhoneNumber_LogicLayer.CheckValidVerifyPhoneNumberRequest(requestBody);
Debug.AssertValid(verifyPhoneNumberRequest);
// Check authenticated endpoint security
string loggedInUserId = await APIHelper.CheckLoggedIn(dbClient, requestHeaders);
Debug.AssertID(loggedInUserId);
// Perform logic
await UserIdentityService_VerifyPhoneNumber_LogicLayer.VerifyPhoneNumber(dbClient, loggedInUserId, verifyPhoneNumberRequest);
// Respond
return(new APIGatewayProxyResponse {
StatusCode = APIHelper.STATUS_CODE_NO_CONTENT
});
} catch (Exception exception) {
Debug.Tested();
if (exception.Message == IdentityServiceLogicLayer.ERROR_INCORRECT_PASSWORD)
{
Debug.Untested();
//??-- ObjectResult result = new ObjectResult(new GeneralErrorResponse { error = IdentityServiceLogicLayer.INCORRECT_PASSWORD });
// result.StatusCode = APIHelper.STATUS_CODE_UNAUTHORIZED;
// return result;
return(new APIGatewayProxyResponse {
StatusCode = APIHelper.STATUS_CODE_UNAUTHORIZED,
Body = $"{{ error = \"{IdentityServiceLogicLayer.INCORRECT_PASSWORD}\" }}"
});
}
else
{
Debug.Tested();
return(APIHelper.ResponseFromException(exception));
}
}
}
public async Task <BaseResponse> ResendVerificationCode(VerifyPhoneNumberRequest request)
{
// Get the user
var user = await userManager.FindByIdAsync(hasher.Decrypt(request.UserId));
// Generate verification code
var verificationCode = await userManager.GenerateChangePhoneNumberTokenAsync(user, hasher.Decrypt(request.PhoneNumber));
// Send the verification code email
var result = await messager.SendAccountVerificationEmail(user.Email, verificationCode, user.DefaultLang);
if (!result.Success)
{
return(new BaseResponse(true, 700, result.Message));
}
return(new BaseResponse(true, (int)HttpStatusCode.OK, localizer["VerificationCodeSuccessfully"]));
}
public async Task <TokenResponse> VerifyPhoneNumberAsync(VerifyPhoneNumberRequest verifyRequest)
{
var user = await userManager.FindByIdAsync(hasher.Decrypt(verifyRequest.UserId));
var roles = await userManager.GetRolesAsync(user);
var result = await userManager.ChangePhoneNumberAsync(user, hasher.Decrypt(verifyRequest.PhoneNumber), verifyRequest.Code);
if (!result.Succeeded)
{
return(new TokenResponse(null, hasher.Encrypt(user.Id), hasher.Encrypt(user.PhoneNumber), false, 400, localizer["RegisterAccountVerifyTokenErrMsg"], result.Errors.Select(p => new ValidationError {
Name = p.Description, Description = p.Description
}).ToList()));
}
// phone activate successfully.
// generate token
var token = tokenHandler.CreateAccessToken(user, null);
return(new TokenResponse(token, hasher.Encrypt(user.Id), hasher.Encrypt(user.PhoneNumber), true, 200, localizer["LoginResponseSuccessMsg"]));
}
/**
* Verify phone number.
*/
public static async Task VerifyPhoneNumber(AmazonDynamoDBClient dbClient, string loggedInUserId, VerifyPhoneNumberRequest verifyPhoneNumberRequest)
{
Debug.Tested();
Debug.AssertValid(dbClient);
Debug.AssertID(loggedInUserId);
Debug.AssertValid(verifyPhoneNumberRequest);
Debug.AssertString(verifyPhoneNumberRequest.oneTimePassword);
// Find valid link
Link link = await FindValidLinkByUserID(dbClient, loggedInUserId, IdentityServiceLogicLayer.LINK_TYPE_VERIFY_PHONE_NUMBER);
Debug.AssertValidOrNull(link);
if (link != null)
{
// Valid link exists
Debug.Tested();
Debug.AssertString(link.OneTimePassword);
if (link.OneTimePassword == verifyPhoneNumberRequest.oneTimePassword)
{
// One-time password matches
Debug.Tested();
// Load the user
User user = await IdentityServiceLogicLayer.FindUserByID(dbClient, loggedInUserId);
Debug.AssertValid(user);
Debug.AssertValidOrNull(user.PhoneNumberVerified);
if (user.PhoneNumberVerified == null)
{
// User's phone number not verified
Debug.Untested();
// Change the user and revoke the link
await DoVerifyPhoneNumber(dbClient, user, link);
}
else
{
Debug.Untested();
throw new Exception(IdentityServiceLogicLayer.ERROR_PHONE_NUMBER_VERIFIED, new Exception(IdentityServiceLogicLayer.PHONE_NUMBER_VERIFIED));
}
}
else
{
Debug.Tested();
throw new Exception(IdentityServiceLogicLayer.ERROR_INCORRECT_PASSWORD, new Exception(IdentityServiceLogicLayer.INCORRECT_PASSWORD));
}
}
else
{
Debug.Tested();
throw new Exception(SharedLogicLayer.ERROR_INVALID_LINK, new Exception(SharedLogicLayer.ERROR_INVALID_LINK));
}
}