Exemple #1
0
    public Task <ActionResult <bool> > SendPasswordRecovery([FromBody] string email)
    {
        return(MatchExceptions(async() =>
        {
            if (config.ConfirmationType == InstantConfirmation)
            {
                throw new RequestException("User account creation is instant, meaning there is no email system in place and no way to recover passwords!");
            }

            var userId = await userService.GetUserIdFromEmailAsync(email);
            var tempPassword = userService.GetTemporaryPassword(userId);
            var user = await CachedSearcher.GetById <UserView>(RequestType.user, userId);
            var utcExpire = tempPassword.ExpireDate.ToUniversalTime();

            if (config.ConfirmationType.StartsWith(RestrictedConfirmation))
            {
                var message = new EmailMessage();
                message.Recipients = GetRestrictedEmails();
                message.Title = $"User {user.username} is trying to recover their account";
                message.Body = $"User {user.username} is trying to recover their account using email {email} on {Request.Host}\n\nIf this looks acceptable, please send them " +
                               $"an email stating they have a ONE TIME USE temporary password that will last until {utcExpire} UTC ({StaticUtils.HumanTime(utcExpire - DateTime.UtcNow)}):\n\n{tempPassword.Key}";

                //TODO: language? Configuration? I don't know
                await emailer.SendEmailAsync(message);
            }
            else
            {
                //TODO: language? Configuration? I don't know
                await emailer.SendEmailAsync(new EmailMessage(email, "Account Recovery",
                                                              $"You can temporarily access your account on '{Request.Host}' for another {StaticUtils.HumanTime(utcExpire - DateTime.UtcNow)} using the ONE TIME USE temporary password:\n\n{tempPassword.Key}"));
            }

            return true;
        }));
    }
Exemple #2
0
 public Task <ActionResult <UserView> > GetMe()
 {
     return(MatchExceptions(() =>
     {
         var uid = GetUserIdStrict();
         return CachedSearcher.GetById <UserView>(RequestType.user, uid, true);
     }));
 }
Exemple #3
0
    public Task <ActionResult <bool> > SendRegistrationCode([FromBody] string email)
    {
        return(MatchExceptions(async() =>
        {
            if (config.ConfirmationType == InstantConfirmation)
            {
                throw new RequestException("User account creation is instant, there is no registration code");
            }

            var userId = await userService.GetUserIdFromEmailAsync(email);
            var registrationCode = await userService.GetRegistrationKeyAsync(userId);
            var user = await CachedSearcher.GetById <UserView>(RequestType.user, userId);

            if (string.IsNullOrWhiteSpace(registrationCode))
            {
                throw new RequestException("Couldn't find registration code for this email! Probably already registered!");
            }

            if (config.ConfirmationType.StartsWith(RestrictedConfirmation))
            {
                var message = new EmailMessage();
                message.Recipients = GetRestrictedEmails();
                message.Title = $"User {user.username} would like to create an account";
                message.Body = $"User {user.username} is trying to create an account using email {email} on {Request.Host}\n\nIf this looks acceptable, please send them " +
                               $"an email with instructions on how to create an account, using registration code:\n\n{registrationCode}";

                //TODO: language? Configuration? I don't know
                await emailer.SendEmailAsync(message);
            }
            else
            {
                //TODO: language? Configuration? I don't know
                await emailer.SendEmailAsync(new EmailMessage(email, "Registration instructions",
                                                              $"Your registration code for '{Request.Host}' is:\n\n{registrationCode}"));
            }

            return true;
        }));
    }
Exemple #4
0
    public Task <ActionResult <UserView> > Register([FromBody] UserCredentials credentials)
    {
        //Like all controllers, we want ALL of the work possible to be inside a service, not the controller.
        //A service which can be tested!
        return(MatchExceptions <UserView>(async() =>
        {
            if (!config.AccountCreationEnabled)
            {
                throw new ForbiddenException("We're sorry, account creation is disabled at this time");
            }

            var userId = await userService.CreateNewUser(credentials.username, credentials.password, credentials.email);
            var result = await CachedSearcher.GetById <UserView>(RequestType.user, userId);

            if (config.ConfirmationType == InstantConfirmation)
            {
                services.logger.LogDebug("Instant user account creation set, completing registration immediately");
                var token = await userService.CompleteRegistration(userId, await userService.GetRegistrationKeyAsync(userId));
                result.special = token;
            }

            return result;
        }));
    }
Exemple #5
0
    protected async Task <UserView> GetUserViewStrictAsync()
    {
        var userId = GetUserIdStrict();

        return(await CachedSearcher.GetById <UserView>(RequestType.user, userId) ?? throw new RequestException($"Couldn't find user with id {userId}"));
    }