private async Task SendRecoverEmail(string email, string userName)
{
var expires = DateTime.Now.AddHours(2);
var issuer = _configuration["Issuer"];
var securityKey = _awsSecretManagerService.GetSecret(_configuration["SecretName_RecoverEmail"]);
var claims = new[]
{
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Sub, email),
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
new System.Security.Claims.Claim(JwtRegisteredClaimNames.UniqueName, email)
};
var serializedToken = _securityTokenHandler.WriteToken(email, claims, issuer, securityKey, expires);
var url = _configuration["PLAYERS2_URL"] + "newpassword?u17=";
var template = ForgotPasswordTemplate.GetForgotPasswordBody(url + serializedToken);
var emailTopic = _configuration["EMAIL_TOPIC"];
var message = new Message()
{
From = "*****@*****.**",
Body = template,
To = email,
Subject = $"{userName}, change your password of PLAYER2 here!"
};
await _snsClient.Send(emailTopic, JsonConvert.SerializeObject(new
{
Message = message
})).ConfigureAwait(false);
}
private async Task SendConfirmationEmail(string email, string userName)
{
var expires = DateTime.Now.AddDays(30);
var issuer = _configuration["Issuer"];
var securityKey = _awsSecretManagerService.GetSecret(_configuration["SecretName_ConfirmEmail"]);
var claims = new[]
{
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Sub, email),
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
new System.Security.Claims.Claim(JwtRegisteredClaimNames.UniqueName, email)
};
var serializedToken = _securityTokenHandler.WriteToken(email, claims, issuer, securityKey, expires);
var url = _configuration["PLAYERS2_URL"] + "confirm.html?u19=";
var template = CreateAccountTemplate.GetAcocuntsBody(url + serializedToken);
var emailTopic = _configuration["EMAIL_TOPIC"];
var message = new Message()
{
From = "*****@*****.**",
Body = template,
To = email,
Subject = $"Welcome to PLAYER2 {userName}! Please confirm your e-mail here"
};
await _snsClient.Send(emailTopic, JsonConvert.SerializeObject(new
{
Message = message
})).ConfigureAwait(false);
}
internal override HandleResponse HandleIt(SecretManagerCommand request, CancellationToken cancellationToken)
{
var result = _awsSecretManagerService.GetSecret(request.Secret);
return(new HandleResponse()
{
Content = result
});
}
public MySqlConnHelper(IConfiguration configuration,
IAwsSecretManagerService awsSecretManagerService)
{
var secret = JsonConvert.DeserializeObject <SecretDb>(awsSecretManagerService.GetSecret(configuration["CONN_STRING"]));
_connectionString = $@"server={secret.Host};
userid={secret.Username};
password={secret.Password};
database=Vanlune;
Pooling=True;
Min Pool Size=0;
Max Pool Size=5;
Connection Lifetime=60;
default command timeout=300;";
}
internal override HandleResponse HandleIt(AuthenticateUserCommand request, CancellationToken cancellationToken)
{
var email = request.Email;
_logger.Info($"Trying loggin for user {email}");
var isFacebook = request.FacebookLogin != null &&
!string.IsNullOrEmpty(request.FacebookLogin.Email) &&
!string.IsNullOrEmpty(request.FacebookLogin.AccessToken);
if (isFacebook)
{
var isValid = InvokeFunction(LAMBDA_FACEBOOK_VALIDATED, new { request.FacebookLogin }).Result;
if (!isValid)
{
return new HandleResponse()
{
Error = "Invalid token!"
}
}
;
email = request.FacebookLogin.Email;
}
var isGoogle = request.GoogleLogin != null &&
!string.IsNullOrEmpty(request.GoogleLogin.AccessToken) &&
!string.IsNullOrEmpty(request.GoogleLogin.ProfileObj.Email);
if (isGoogle)
{
var isValid = InvokeFunction(LAMBDA_GOOGLE_VALIDATED, new { request.GoogleLogin }).Result;
if (!isValid)
{
return new HandleResponse()
{
Error = "Invalid token!"
}
}
;
email = request.GoogleLogin.ProfileObj.Email;
}
var user = _accountRepository.GetAccountByEmail(email).Result;
if (user == null)
{
_logger.Info($"User {email} was not found on database.");
return(new HandleResponse()
{
Error = $"Invalid credentials, User {email} was not found"
});
}
if (!isFacebook && !isGoogle)
{
var isPasswordValid = _passwordHasher.Verify(request.Password, user.PasswordHash);
if (!isPasswordValid)
{
return new HandleResponse()
{
Error = $"Invalid credentials invalid password"
}
}
;
if (!user.IsActive)
{
return new HandleResponse()
{
Error = "You must verificated your e-mai. Please, check your inbox messages."
}
}
;
}
var roleClaims = user.Roles.Select(e => e.Role.Claims.Select(c => c.Claim));
var customClaims = new List <System.Security.Claims.Claim>();
foreach (var roleClaim in roleClaims)
{
foreach (var claim in roleClaim)
{
var customClaim = new System.Security.Claims.Claim(claim.ClaimType, claim.ClaimValue);
var existent = customClaims.FirstOrDefault(c => c.Type.Equals(customClaim.Type,
StringComparison.InvariantCultureIgnoreCase) &&
c.Value.Equals(customClaim.Value, StringComparison.InvariantCultureIgnoreCase));
if (existent == null)
{
customClaims.Add(customClaim);
}
}
}
var roleId = user.Roles.FirstOrDefault()?.Role?.Id ?? 0;
var claims = new[]
{
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Sub, roleId.ToString()),
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
new System.Security.Claims.Claim(JwtRegisteredClaimNames.UniqueName, email),
new System.Security.Claims.Claim(JwtRegisteredClaimNames.Sid, user.Id.ToString()),
}.Union(customClaims);
var expires = DateTime.Now.AddHours(2);
var issuer = _configuration["Issuer"];
var securityKey = _awsSecretManagerService.GetSecret(_configuration["SecretName"]);
var serializedToken = _securityTokenHandler.WriteToken(email, claims, issuer, securityKey, expires);
var userDto = _mapper.Map <UserDto>(user);
return(new HandleResponse()
{
Content = new
{
access_token = serializedToken,
token_type = "Bearer",
user = userDto
}
});
}