Example #1
0
        public async Task<IHttpActionResult> Register(UserModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                    return BadRequest(ModelState);

                using (AuthRepository repo = new AuthRepository())
                {
                    IdentityResult result = await repo.RegisterUser(model);

                    if (!result.Succeeded)
                    {
                        foreach (string error in result.Errors)
                            ModelState.AddModelError(string.Empty, error);

                        return BadRequest(ModelState);
                    }
                }
            }
            catch (Exception ex)
            {
                ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }

            return Ok();
        }
Example #2
0
        public async Task<HttpResponseMessage> ConfirmEmail(string aspUserId, string code)
        {
            AuthRepository repo = new AuthRepository();

            try
            {
                if (aspUserId != null && code != null)
                {
                    IdentityResult result = await repo.ConfirmEmail(aspUserId, code);

                    if (result.Succeeded)
                    {
                        //If email confirmation succeeds, automatically give the a 2FA token
                        ApplicationUser user = await repo.FindAspUserByUserId(aspUserId);
                        var userIdentity = await user.GenerateUserIdentityAsync(UserManager);

                        string pinCode = await repo.GetTwoFactorCode(aspUserId);
                        await repo.VerifyTwoFactorToken(aspUserId, pinCode);

                        var rememberBrowserIdentity = repo.authManager.CreateTwoFactorRememberBrowserIdentity(user.Id);
                        repo.authManager.SignIn(new AuthenticationProperties { IsPersistent = true }, userIdentity, rememberBrowserIdentity);

                        var response = Request.CreateResponse(HttpStatusCode.Moved);
                        response.Headers.Location = new Uri(Config.BaseWWClientURL + "#/registerConfirm");

                        return response;
                    }
                }

                var errorResponse = Request.CreateResponse(HttpStatusCode.Moved);
                errorResponse.Headers.Location = new Uri(Config.BaseWWClientURL + "/#/registerError?id=" + aspUserId);
                return errorResponse;
            }
            catch (Exception ex)
            {
                ErrorLogging.LogError(ex);

                var errorResponse = Request.CreateResponse(HttpStatusCode.Moved);
                errorResponse.Headers.Location = new Uri(Config.BaseWWClientURL + "/#/registerError?id=" + aspUserId);
                return errorResponse;
            }
            finally
            {
                repo.Dispose();
            }
        }
Example #3
0
        public async Task<IHttpActionResult> DemographicUserUpdate(UpdatedDemographicModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return BadRequest(ModelState);
                }

                using (AuthRepository repo = new AuthRepository())
                {
                    await repo.UpdateUserAsync(model);
                    
                    return Ok();
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }

        }
Example #4
0
        public async Task<IHttpActionResult> ChangeEmail(ChangeEmailModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return BadRequest(ModelState);
                }

                using (AuthRepository repo = new AuthRepository())
                {
                    ApplicationUser user = await repo.FindAspUserByUserId(HttpContext.Current.User.Identity.Name);


                    if (user != null)
                    {
                        IdentityResult updatedEmail = await repo.ChangeEmailAsync(user, model.Email, user.Email);

                        if (!updatedEmail.Succeeded)
                        {
                            foreach (string error in updatedEmail.Errors)
                                ModelState.AddModelError(ModelStateType.ErrorList, error);

                            return BadRequest(ModelState);
                        }

                        return Ok(user);
                    }
                    else
                    {
                        // Don't reveal that the user does not exist
                        ModelState.AddModelError(string.Empty, "Sorry, there was an error.");
                        return BadRequest(ModelState);
                    }
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }
Example #5
0
        public async Task<IHttpActionResult> ResetPassword(string email, string password, string code)
        {
            try
            {
                using (AuthRepository _repo = new AuthRepository())
                {
                    code = code.Replace(" ", "+");

                    ApplicationUser user = await _repo.FindUserByName(email);
                    if (user == null)
                    {
                        // Don't reveal that the user does not exist
                        ModelState.AddModelError(string.Empty, "Sorry, there was an error.");
                        return BadRequest(ModelState);
                    }
                    IdentityResult result = await _repo.ResetPasswordAsync(user.Id, code, password);
                    if (!result.Succeeded)
                    {
                        foreach (string error in result.Errors)
                            ModelState.AddModelError(ModelStateType.ErrorList, error);
                        return BadRequest(ModelState);
                    }

                    return Ok();
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }
Example #6
0
        public async Task<IHttpActionResult> DemographicUserGet()
        {
            try
            {
                using (AuthRepository repo = new AuthRepository())
                {
                    UpdatedDemographicModel model = await repo.DemographicUserGetAsync(HttpContext.Current.User.Identity.Name);

                    if (model == null)
                        return BadRequest("Could Not Find Demographics");

                    return Ok(model);
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }

        }
Example #7
0
        public async Task<IHttpActionResult> ForgotPassword(string email)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return BadRequest(ModelState);
                }

                using (AuthRepository _repo = new AuthRepository())
                {
                    ApplicationUser initialUser = await _repo.FindUserByName(email);
                    if (initialUser == null)
                    {
                        // Don't reveal that the user does not exist
                        ModelState.AddModelError(ModelStateType.ErrorList, "Sorry, there was an error.");
                        return BadRequest(ModelState);
                    }
                    var confirmed = await _repo.VerifyEmailConfirmed(initialUser.Id);
                    if (!confirmed)
                    {
                        ModelState.AddModelError(ModelStateType.ErrorList, "eMailNotConfirmed");
                        return BadRequest(ModelState);
                    }

                    await _repo.SendChangePasswordConfirmation(initialUser.Id, email);

                    return Ok();
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }
Example #8
0
        public async Task<IHttpActionResult> ChangePassword(ChangePasswordModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return BadRequest(ModelState);
                }

                using (AuthRepository repo = new AuthRepository())
                {
                    ApplicationUser appUser = await repo.FindAspUserByUserId(User.Identity.Name);
                    var user = await repo.CheckCredentials(appUser.UserName, model.OldPassword);

                    if (user == null)
                    {
                        // Don't reveal that the user does not exist
                        ModelState.AddModelError(ModelStateType.ErrorList, "The current password is incorrect");
                        return BadRequest(ModelState);
                    }

                    IdentityResult result = await repo.ChangePasswordAsync(user, model.OldPassword, model.NewPassword);
                    if (!result.Succeeded)
                    {
                        foreach (string error in result.Errors)
                            ModelState.AddModelError(ModelStateType.ErrorList, error);

                        return BadRequest(ModelState);
                    }
                    return Ok();
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }
Example #9
0
        public async Task<IHttpActionResult> ResendTFAEmail(ResendTFAEmailModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                    return BadRequest(ModelState);

                using (AuthRepository repo = new AuthRepository())
                {
                    ApplicationUser currentUser = await repo.CheckCredentials(model.HiddenUserName, model.HiddenPassword);
                    if (currentUser != null)
                    {
                        await repo.SendTwoFactorAuthentionToken(currentUser.Id);
                    }
                }

                return Ok();
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }
Example #10
0
 public async Task<IHttpActionResult> ResendEmailVerification(string aspUserId)
 {
     try
     {
         using (AuthRepository repo = new AuthRepository())
         {
             await repo.SendConfirmationEmail(aspUserId, WWBusiness.Helper.EmailMessage.EmailNotVerifiedConfirmation);
         }
         return Ok();
     }
     catch (Exception ex)
     {
         Helper.ErrorLogging.LogError(ex);
         return InternalServerError(ex);
     }
 }
Example #11
0
        public async Task<IHttpActionResult> Verify2FACode(string userName, string pinCode)
        {
            try
            {
                using (AuthRepository repo = new AuthRepository())
                {
                    ApplicationUser user = await repo.FindUserByName(userName);
                    bool isCodeValid = await repo.VerifyTwoFactorToken(user.Id, pinCode);

                    ClaimsIdentity userIdentity = await user.GenerateUserIdentityAsync(UserManager);

                    if (isCodeValid)
                    {
                        var rememberBrowserIdentity = repo.authManager.CreateTwoFactorRememberBrowserIdentity(user.Id);
                        repo.authManager.SignIn(new AuthenticationProperties { IsPersistent = true }, userIdentity, rememberBrowserIdentity);
                    }
                    else
                    {
                        return BadRequest("Sorry, that is not a valid code.");
                    }

                }
                return Ok();
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }