/// <summary>
/// Send Reset password email
/// </summary>
public static void SendResetPasswordMail(string toFullName, string toEmail, string link)
{
SettingsMailServer settings = MailSettingsHelper.GetSettings();
try
{
if (!settings.Enabled)
{
throw new InvalidOperationException("Mail service not enabled in the configuration.");
}
MailAddress fromAddress = new MailAddress(settings.Username, "Starcounter App");
MailAddress toAddress = new MailAddress(toEmail);
const string subject = "Starcounter App, Reset password request";
string body = string.Format(
"Hi {0}<br><br>" +
"We received a request to reset your password<br><br>" +
"Click <a href='{1}'>here</a> to set a new password<br><br>" +
"Thanks<br>",
toFullName, link);
var smtp = new SmtpClient
{
Host = settings.Host,
Port = settings.Port,
EnableSsl = settings.EnableSsl,
DeliveryMethod = SmtpDeliveryMethod.Network,
UseDefaultCredentials = false,
Credentials = new NetworkCredential(fromAddress.Address, settings.Password)
};
using (var message = new MailMessage(fromAddress, toAddress)
{
Subject = subject,
IsBodyHtml = true,
Body = body
})
{
smtp.Send(message);
}
}
catch (Exception e)
{
throw e;
// TODO:
//LogWriter.WriteLine(string.Format("ERROR: Failed to send registration email event. {0}", e.Message));
}
}
protected void SendNewPassword(string Name, string Username, string NewPassword, string Email)
{
SettingsMailServer settings = MailSettingsHelper.GetSettings();
MailMessage mail = new MailMessage(settings.Username, Email);
SmtpClient client = new SmtpClient();
client.Port = settings.Port;
client.DeliveryMethod = SmtpDeliveryMethod.Network;
client.UseDefaultCredentials = false;
client.Credentials = new NetworkCredential(settings.Username, settings.Password);
client.Host = settings.Host;
client.EnableSsl = settings.EnableSsl;
mail.Subject = "Restore password";
mail.Body =
string.Format(
"<h1>Hello {0}</h1><p>You have requested a new password for your <b>{1}</b> account.</p><p>Your new password is: <b>{2}</b>.</p>",
Name, Username, NewPassword);
mail.IsBodyHtml = true;
client.Send(mail);
}
protected void ResetUserPassword()
{
string link = null;
string fullName = string.Empty;
var mailSettings = MailSettingsHelper.GetSettings();
if (mailSettings.Enabled == false)
{
this.Message = "Mail Server not enabled in the settings.";
return;
}
if (string.IsNullOrEmpty(mailSettings.SiteHost))
{
this.Message = "Invalid settings, check site host name / port";
return;
}
var emailAddress = Utils.GetUserEmailAddress(this.Data);
var email = emailAddress.EMail;
if (!Utils.IsValidEmail(email))
{
this.Message = "Username is not an email address";
return;
}
var transaction = this.Transaction;
transaction.Scope(() =>
{
SystemUser systemUser = this.Data;
// Generate Password Reset token
ResetPassword resetPassword = new ResetPassword()
{
User = systemUser,
Token = HttpUtility.UrlEncode(Guid.NewGuid().ToString()),
Expire = DateTime.UtcNow.AddMinutes(1440)
};
// Get FullName
if (systemUser.WhoIs != null)
{
fullName = systemUser.WhoIs.FullName;
}
else
{
fullName = systemUser.Username;
}
// Build reset password link
UriBuilder uri = new UriBuilder();
uri.Host = mailSettings.SiteHost;
uri.Port = (int)mailSettings.SitePort;
uri.Path = "signin/user/resetpassword";
uri.Query = "token=" + resetPassword.Token;
link = uri.ToString();
});
transaction.Commit();
try
{
this.Message = string.Format("Sending mail sent to {0}...", email);
Utils.SendResetPasswordMail(fullName, email, link);
this.Message = "Mail sent.";
}
catch (Exception e)
{
this.Message = e.Message;
}
}
public void Register()
{
Application.Current.Use(new HtmlFromJsonProvider());
Application.Current.Use(new PartialToStandaloneHtmlProvider());
//Testing JWT
/*Handle.GET("/signin/jwt/{?}/{?}", (string Username, string Password) => {
* string message;
* SystemUserSession session = SignInOut.SignInSystemUser(Username, Password, null, out message);
*
* if (session != null) {
* string jwt = JWT.JsonWebToken.Encode(new { Username = Username, Issuer = "Polyjuice.SignIn" }, session.Token.User.Password, JWT.JwtHashAlgorithm.HS256);
* Handle.AddOutgoingHeader("x-jwt", jwt);
* }
*
* return 200;
* });*/
Application.Current.Use((Request req) =>
{
Cookie cookie = GetSignInCookie();
if (cookie != null)
{
if (Session.Current == null)
{
Session.Current = new Session(SessionOptions.PatchVersioning);
}
SystemUserSession session = SystemUser.SignInSystemUser(cookie.Value);
if (session != null)
{
RefreshAuthCookie(session);
}
}
return(null);
});
Handle.GET("/signin/user", () =>
{
MasterPage master = this.GetMaster();
if (master.SignInPage != null)
{
return(master.SignInPage);
}
Cookie cookie = GetSignInCookie();
SignInPage page = new SignInPage()
{
Data = null
};
master.SignInPage = page;
if (cookie != null)
{
SystemUser.SignInSystemUser(cookie.Value);
master.RefreshSignInState();
}
//Testing JWT
/*if (Handle.IncomingRequest.HeadersDictionary.ContainsKey("x-jwt")) {
* System.Web.Script.Serialization.JavaScriptSerializer serializer = new System.Web.Script.Serialization.JavaScriptSerializer();
* string jwt = Handle.IncomingRequest.HeadersDictionary["x-jwt"];
* Dictionary<string, string> payload = JWT.JsonWebToken.DecodeToObject<Dictionary<string, string>>(jwt, string.Empty, false);
* string username = payload["Username"];
* SystemUser user = Db.SQL<SystemUser>("SELECT su FROM Simplified.Ring3.SystemUser su WHERE su.Username = ?", username).First;
*
* try {
* JWT.JsonWebToken.DecodeToObject<Dictionary<string, string>>(jwt, user.Password, true);
* page.SetAuthorizedState(SignInOut.SignInSystemUser(user));
* } catch (JWT.SignatureVerificationException) {
* }
* }*/
return(page);
});
Handle.GET("/signin/partial/signout", HandleSignOut, new HandlerOptions()
{
SkipRequestFilters = true
});
Handle.GET("/signin/signinuser", HandleSignInForm);
Handle.GET <string>("/signin/signinuser?{?}", HandleSignInForm);
Handle.GET("/signin/profile", () =>
{
MasterPage master = this.GetMaster();
master.RequireSignIn = true;
master.Open("/signin/partial/profile-form");
return(master);
});
Handle.GET("/signin/partial/signin-form", () => new SignInFormPage()
{
Data = null
}, new HandlerOptions()
{
SelfOnly = true
});
Handle.GET("/signin/partial/alreadyin-form", () => new AlreadyInPage()
{
Data = null
},
new HandlerOptions()
{
SelfOnly = true
});
Handle.GET("/signin/partial/restore-form", () => new RestorePasswordFormPage(),
new HandlerOptions()
{
SelfOnly = true
});
Handle.GET("/signin/partial/profile-form", () => new ProfileFormPage()
{
Data = null
},
new HandlerOptions()
{
SelfOnly = true
});
Handle.GET("/signin/partial/accessdenied-form", () => new AccessDeniedPage(),
new HandlerOptions()
{
SelfOnly = true
});
Handle.GET("/signin/partial/main-form", () => new MainFormPage()
{
Data = null
},
new HandlerOptions()
{
SelfOnly = true
});
Handle.GET("/signin/partial/user/image", () => new UserImagePage());
Handle.GET("/signin/partial/user/image/{?}", (string objectId) => new Json(),
new HandlerOptions {
SelfOnly = true
});
Handle.GET("/signin/generateadminuser", (Request request) =>
{
if (Db.SQL("SELECT o FROM Simplified.Ring3.SystemUser o").First != null)
{
Handle.SetOutgoingStatusCode(403);
return("Unable to generate admin user: database is not empty!");
}
string ip = request.ClientIpAddress.ToString();
if (ip == "127.0.0.1" || ip == "localhost")
{
SignInOut.AssureAdminSystemUser();
return("Default admin user has been successfully generated.");
}
Handle.SetOutgoingStatusCode(403);
return("Access denied.");
}, new HandlerOptions()
{
SkipRequestFilters = true
});
Handle.POST("/signin/partial/signin", (Request request) =>
{
NameValueCollection values = HttpUtility.ParseQueryString(request.Body);
string username = values["username"];
string password = values["password"];
string rememberMe = values["rememberMe"];
HandleSignIn(username, password, rememberMe);
Session.Current.CalculatePatchAndPushOnWebSocket();
return(200);
}, new HandlerOptions()
{
SkipRequestFilters = true
});
Handle.GET("/signin/admin/settings", (Request request) =>
{
Json page;
if (!AuthorizationHelper.TryNavigateTo("/signin/admin/settings", request, out page))
{
return(page);
}
return(Db.Scope(() =>
{
var settingsPage = new SettingsPage
{
Html = "/SignIn/viewmodels/SettingsPage.html",
Uri = request.Uri,
Data = MailSettingsHelper.GetSettings()
};
return settingsPage;
}));
});
// Reset password
Handle.GET("/signin/user/resetpassword?{?}", (string query, Request request) =>
{
NameValueCollection queryCollection = HttpUtility.ParseQueryString(query);
string token = queryCollection.Get("token");
MasterPage master = this.GetMaster();
if (token == null)
{
// TODO:
master.Partial = null; // (ushort)System.Net.HttpStatusCode.NotFound;
return(master);
}
// Retrive the resetPassword instance
ResetPassword resetPassword = Db.SQL <ResetPassword>("SELECT o FROM Simplified.Ring6.ResetPassword o WHERE o.Token=? AND o.Expire>?", token, DateTime.UtcNow).First;
if (resetPassword == null)
{
// TODO: Show message "Reset token already used or expired"
master.Partial = null; // (ushort)System.Net.HttpStatusCode.NotFound;
return(master);
}
if (resetPassword.User == null)
{
// TODO: Show message "User deleted"
master.Partial = null; // (ushort)System.Net.HttpStatusCode.NotFound;
return(master);
}
SystemUser systemUser = resetPassword.User;
ResetPasswordPage page = new ResetPasswordPage()
{
Html = "/SignIn/viewmodels/ResetPasswordPage.html",
Uri = "/signin/user/resetpassword"
//Uri = request.Uri // TODO:
};
page.ResetPassword = resetPassword;
if (systemUser.WhoIs != null)
{
page.FullName = systemUser.WhoIs.FullName;
}
else
{
page.FullName = systemUser.Username;
}
master.Partial = page;
return(master);
});
Handle.GET("/signin/user/authentication/settings/{?}", (string userid, Request request) =>
{
Json page;
if (!AuthorizationHelper.TryNavigateTo("/signin/user/authentication/settings/{?}", request, out page))
{
return(new Json());
}
// Get system user
SystemUser user = Db.SQL <SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.ObjectID = ?", userid).FirstOrDefault();
if (user == null)
{
// TODO: Return a "User not found" page
return(new Json());
//return (ushort)System.Net.HttpStatusCode.NotFound;
}
SystemUser systemUser = SystemUser.GetCurrentSystemUser();
SystemUserGroup adminGroup = Db.SQL <SystemUserGroup>("SELECT o FROM Simplified.Ring3.SystemUserGroup o WHERE o.Name = ?",
AuthorizationHelper.AdminGroupName).FirstOrDefault();
// Check if current user has permission to get this user instance
if (AuthorizationHelper.IsMemberOfGroup(systemUser, adminGroup))
{
if (user.WhoIs is Person)
{
page = Db.Scope(() => new SystemUserAuthenticationSettings
{
Html = "/SignIn/viewmodels/SystemUserAuthenticationSettings.html",
Uri = request.Uri,
Data = user,
UserPassword = Self.GET("/signin/user/authentication/password/" + user.GetObjectID())
});
return(page);
}
}
return(new Json());
}, new HandlerOptions {
SelfOnly = true
});
Handle.GET("/signin/user/authentication/password/{?}", (string userid, Request request) =>
{
// Get system user
SystemUser user = Db.SQL <SystemUser>("SELECT o FROM Simplified.Ring3.SystemUser o WHERE o.ObjectID = ?", userid).FirstOrDefault();
if (user == null)
{
return(new Json());
}
Json page = Db.Scope(() => new SetPasswordPage
{
Html = "/SignIn/viewmodels/SetPasswordPage.html",
Data = user
});
return(page);
}, new HandlerOptions {
SelfOnly = true
});
Blender.MapUri("/signin/user", "user"); //expandable icon; used in Launcher
Blender.MapUri("/signin/signinuser", "userform"); //inline form; used in RSE Launcher
Blender.MapUri("/signin/signinuser?{?}", "userform-return"); //inline form; used in UserAdmin
Blender.MapUri("/signin/admin/settings", "settings");
Blender.MapUri("/signin/user/authentication/password/{?}", "authentication-password");
Blender.MapUri("/signin/user/authentication/settings/{?}", "authentication-settings");
Blender.MapUri("/signin/partial/user/image", "userimage-default"); // default user image
}