public async Task <bool> UpdateProfileAsync(IFormCollection formData)
{
var loggedInUserId = GetLoggedInUserId();
var user = await _userManager.FindByIdAsync(loggedInUserId);
if (user == null)
{
return(false);
}
if (user.UserName != _cookieService.Get("username") ||
user.UserName != formData["username"].ToString() ||
user.Email != formData["email"].ToString())
{
return(false);
}
try
{
ActivityEntities activityEntities = new ActivityEntities {
UserId = user.Id
};
await UpdateProfilePicAsync(formData, user);
user.Firstname = formData["firstname"];
user.Birthday = formData["birthdate"];
user.Lastname = formData["lastname"];
user.Middlename = formData["middlename"];
user.DisplayName = formData["displayname"];
user.PhoneNumber = formData["phone"];
user.Gender = formData["gender"];
user.TwoFactorEnabled = Convert.ToBoolean(formData["IsTwoFactorOn"]);
await _userManager.UpdateAsync(user);
activityEntities.Date = DateTime.UtcNow;
activityEntities.IpAddress = _cookieService.GetUserIP();
activityEntities.Location = _cookieService.GetUserCountry();
activityEntities.OperatingSystem = _cookieService.GetUserOS();
activityEntities.Type = "Profile update successful";
activityEntities.Icon = "fas fa-thumbs-up";
activityEntities.Color = "success";
await _activityService.AddUserActivity(activityEntities);
return(true);
}
catch (Exception ex)
{
Log.Error("An error occurred while updating profile {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
}
return(false);
}
public async Task <IActionResult> ChangePassword([FromBody] ResetPasswordViewModel model)
{
if (string.IsNullOrEmpty(model.OldPassword))
{
return(BadRequest("Old Password must be supplied for password change."));
}
if (!ModelState.IsValid)
{
return(BadRequest(model));
}
var user = await _userService.GetUserProfileByEmailAsync(model.Email);
if (user == null)
{
// Don't reveal that the user does not exist
return(Ok(new { message = "Password changed Successfully" }));
}
if (!await _userService.CheckPasswordAsync(user, model.OldPassword))
{
// Notify attempt was made - to change password failed
ActivityEntities activityEntities = new ActivityEntities
{
UserId = user.UserId,
Date = DateTime.UtcNow,
IpAddress = _cookieService.GetUserIP(),
Location = _cookieService.GetUserCountry(),
OperatingSystem = _cookieService.GetUserOS(),
Type = "Profile update failed - Invalid Old Password",
Icon = "fas fa-exclamation-triangle",
Color = "warning"
};
var activityAdd = await _userService.AddUserActivity(activityEntities);
return(BadRequest(new { message = "Invalid Old Password" }));
}
var result = await _userService.ChangePasswordAsync(user, model.Password);
if (result)
{
return(Ok(new { message = "Password changed Successfully" }));
}
return(BadRequest(new { message = "Password could not be Changed. Try again later" }));
}
public async Task <bool> AddUserActivity(ActivityEntities model)
{
try
{
await _activityService.AddUserActivity(model);
return(true);
}
catch (Exception ex)
{
Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
}
return(false);
}
public async Task <bool> ChangePasswordAsync(ProfileModel model, string newPassword)
{
bool result;
try
{
ActivityEntities activityEntities = new ActivityEntities();
activityEntities.Date = DateTime.UtcNow;
activityEntities.IpAddress = _cookieService.GetUserIP();
activityEntities.Location = _cookieService.GetUserCountry();
activityEntities.OperatingSystem = _cookieService.GetUserOS();
var loggedInUserId = GetLoggedInUserId();
var user = await _userManager.FindByIdAsync(loggedInUserId);
if (user != null)
{
user.PasswordHash = _userManager.PasswordHasher.HashPassword(user, newPassword);
var updateResult = await _userManager.UpdateAsync(user);
result = updateResult.Succeeded;
activityEntities.UserId = user.Id;
activityEntities.Type = "Password Changed successful";
activityEntities.Icon = "fas fa-thumbs-up";
activityEntities.Color = "success";
await _activityService.AddUserActivity(activityEntities);
}
else
{
result = false;
}
}
catch (Exception ex)
{
result = false;
Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
}
return(result);
}
public async Task AddUserActivity(ActivityEntities model)
{
await using var dbContextTransaction = await _db.Database.BeginTransactionAsync();
try
{
await _db.Activities.AddAsync(model);
await _db.SaveChangesAsync();
await dbContextTransaction.CommitAsync();
}
catch (Exception ex)
{
Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
await dbContextTransaction.RollbackAsync();
}
}
public async Task <TokenResponseModel> Auth(LoginViewModel model)
{
ActivityEntities activityModel = new ActivityEntities();
activityModel.Date = DateTime.UtcNow;
activityModel.IpAddress = _cookieService.GetUserIP();
activityModel.Location = _cookieService.GetUserCountry();
activityModel.OperatingSystem = _cookieService.GetUserOS();
try
{
// Get the User from Database
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
// Get the role of the user - validate if he is admin - dont bother to go ahead if returned false
var roles = await _userManager.GetRolesAsync(user);
if (roles.FirstOrDefault() != "Administrator")
{
activityModel.UserId = user.Id;
activityModel.Type = "UnAuthorized ";
activityModel.Icon = "fas fa-user-secret";
activityModel.Color = "danger";
await _activityService.AddUserActivity(activityModel);
Log.Error("Error: Role not admin");
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
// If user is admin continue to execute the code
if (!await _userManager.CheckPasswordAsync(user, model.Password))
{
activityModel.UserId = user.Id;
activityModel.Type = "Password Login Error";
activityModel.Icon = "far fa-times-circle";
activityModel.Color = "warning";
await _activityService.AddUserActivity(activityModel);
Log.Error("Error : Invalid Password for Admin");
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
// Then Check If Email Is confirmed
if (!await _userManager.IsEmailConfirmedAsync(user))
{
activityModel.UserId = user.Id;
activityModel.Type = "Email not Verified";
activityModel.Icon = "far fa-envelope";
activityModel.Color = "warning";
await _activityService.AddUserActivity(activityModel);
Log.Error("Error : Email Not Confirmed for {user}", user.UserName);
return(CreateErrorResponseToken("Email Not Confirmed", HttpStatusCode.Unauthorized));
}
activityModel.UserId = user.Id;
activityModel.Type = "Login successful";
activityModel.Icon = "fas fa-thumbs-up";
activityModel.Color = "success";
await _activityService.AddUserActivity(activityModel);
var authToken = await GenerateNewToken(user, model);
return(authToken);
}
catch (Exception ex)
{
Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
}
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}