public async Task UpdateAsync(IEmployeeCredentials employeeCredentials) { IEmployeeCredentials credentials = await _repository.GetAsync(employeeCredentials.Email); if (credentials == null) { throw new InvalidOperationException("Employee does not exist."); } string salt = employeeCredentials.Email; string hash = CalculateHash(employeeCredentials.Password, salt); await _repository.InsertOrReplaceAsync(new EmployeeCredentials { MerchantId = employeeCredentials.MerchantId, EmployeeId = employeeCredentials.EmployeeId, Email = employeeCredentials.Email, Password = hash, Salt = salt, ForcePasswordUpdate = false, ForcePinUpdate = false, ForceEmailConfirmation = credentials.ForceEmailConfirmation }); _log.Info("Employee credentials updated.", employeeCredentials.MerchantId .ToContext(nameof(employeeCredentials.MerchantId)) .ToContext(nameof(employeeCredentials.EmployeeId), employeeCredentials.EmployeeId) .ToContext(nameof(employeeCredentials.Email), employeeCredentials.Email.SanitizeEmail())); }
public async Task <IEmployeeCredentials> ValidatePinAsync(string email, string pin) { IEmployeeCredentials credentials = await _repository.GetAsync(email); if (string.IsNullOrEmpty(credentials?.PinCode)) { return(null); } bool passed = credentials.PinCode.Equals(pin) || credentials.PinCode.Equals(CalculateHash(pin, credentials.Salt)); return(passed ? credentials : null); }
public async Task InsertOrReplaceAsync(IEmployeeCredentials credentials) { await _storage.InsertOrReplaceAsync(new EmployeeCredentialsEntity { PartitionKey = GetPartitionKey(credentials.Email), RowKey = GetRowKey(), MerchantId = credentials.MerchantId, EmployeeId = credentials.EmployeeId, Email = credentials.Email, Password = credentials.Password, Salt = credentials.Salt, PinCode = credentials.PinCode, ForcePasswordUpdate = credentials.ForcePasswordUpdate, ForcePinUpdate = credentials.ForcePinUpdate, ForceEmailConfirmation = credentials.ForceEmailConfirmation }); }
public async Task <IActionResult> ValidatePin([FromQuery] PinValidationModel model) { IEmployeeCredentials employeeCredentials = await _employeeCredentialsService.ValidatePinAsync(model.Email, model.Pin); if (employeeCredentials == null) { return(Ok(new CredentialsValidationResultModel(false))); } return(Ok(new CredentialsValidationResultModel(true) { MerchantId = employeeCredentials.MerchantId, EmployeeId = employeeCredentials.EmployeeId, ForcePasswordUpdate = employeeCredentials.ForcePasswordUpdate, ForcePinUpdate = employeeCredentials.ForcePinUpdate })); }
public async Task EnforceCredentialsUpdateAsync(string email) { IEmployeeCredentials credentials = await _repository.GetAsync(email); if (credentials == null) { throw new InvalidOperationException("Employee does not exist."); } var newCredentials = Mapper.Map <EmployeeCredentials>(credentials); newCredentials.ForcePasswordUpdate = true; newCredentials.ForcePinUpdate = true; await _repository.InsertOrReplaceAsync(newCredentials); _log.Info("Employee first time login flag set.", credentials.MerchantId .ToContext(nameof(credentials.MerchantId)) .ToContext(nameof(credentials.EmployeeId), credentials.EmployeeId) .ToContext(nameof(credentials.Email), credentials.Email.SanitizeEmail())); }
public async Task UpdatePinHashAsync(string email, string hash) { IEmployeeCredentials credentials = await _repository.GetAsync(email); if (credentials == null) { throw new InvalidOperationException("Employee does not exist."); } var newCredentials = Mapper.Map <EmployeeCredentials>(credentials); newCredentials.ForcePinUpdate = false; newCredentials.PinCode = hash; await _repository.InsertOrReplaceAsync(newCredentials); _log.Info("Employee pin updated.", credentials.MerchantId .ToContext(nameof(credentials.MerchantId)) .ToContext(nameof(credentials.EmployeeId), credentials.EmployeeId) .ToContext(nameof(credentials.Email), credentials.Email.SanitizeEmail())); }