private async Task ReplaceCredentialInternal(User user, Credential credential)
{
// Find the credentials we're replacing, if any
var toRemove = user.Credentials
.Where(cred =>
// If we're replacing a password credential, remove ALL password credentials
(credential.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase) &&
cred.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase)) ||
cred.Type == credential.Type)
.ToList();
foreach (var cred in toRemove)
{
user.Credentials.Remove(cred);
Entities.DeleteOnCommit(cred);
}
if (toRemove.Any())
{
await Auditing.SaveAuditRecord(new UserAuditRecord(
user, UserAuditAction.RemovedCredential, toRemove));
}
user.Credentials.Add(credential);
await Auditing.SaveAuditRecord(new UserAuditRecord(
user, UserAuditAction.AddedCredential, credential));
}
private async Task MigrateCredentials(User user, List <Credential> creds, string password)
{
var toRemove = creds.Where(c =>
!String.Equals(
c.Type,
CredentialTypes.Password.Pbkdf2,
StringComparison.OrdinalIgnoreCase))
.ToList();
// Remove any non PBKDF2 credentials
foreach (var cred in toRemove)
{
creds.Remove(cred);
user.Credentials.Remove(cred);
Entities.DeleteOnCommit(cred);
}
await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.RemovedCredential, toRemove));
// Now add one if there are no credentials left
if (creds.Count == 0)
{
var newCred = CredentialBuilder.CreatePbkdf2Password(password);
await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.AddedCredential, newCred));
user.Credentials.Add(newCred);
}
// Save changes, if any
Entities.SaveChanges();
}
public virtual async Task AddCredential(User user, Credential credential)
{
await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.AddedCredential, credential));
user.Credentials.Add(credential);
Entities.SaveChanges();
}
public virtual async Task GeneratePasswordResetToken(User user, int expirationInMinutes)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (expirationInMinutes < 1)
{
throw new ArgumentException(
"Token expiration should give the user at least a minute to change their password", "expirationInMinutes");
}
if (!user.Confirmed)
{
throw new InvalidOperationException(Strings.UserIsNotYetConfirmed);
}
if (!String.IsNullOrEmpty(user.PasswordResetToken) && !user.PasswordResetTokenExpirationDate.IsInThePast())
{
return;
}
user.PasswordResetToken = CryptographyService.GenerateToken();
user.PasswordResetTokenExpirationDate = DateTime.UtcNow.AddMinutes(expirationInMinutes);
await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.RequestedPasswordReset));
Entities.SaveChanges();
return;
}
public virtual async Task <AuthenticatedUser> Register(string username, string emailAddress, string fullname, Credential credential)
{
var existingUser = UserService.GetUser(username, emailAddress);
if (existingUser != null)
{
if (String.Equals(existingUser.Username, username, StringComparison.OrdinalIgnoreCase))
{
throw new EntityException(Strings.UsernameNotAvailable, username);
}
throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress);
}
var newUser = new User(username)
{
FullName = fullname,
EmailAllowed = true,
EmailAddress = emailAddress,
CreatedUtc = DateTime.UtcNow
};
// Add a credential for the password
newUser.Credentials.Add(credential);
// Write an audit record
await Auditing.SaveAuditRecord(new UserAuditRecord(newUser, UserAuditAction.Registered));
UserService.CreateUser(newUser);
return(new AuthenticatedUser(newUser, credential));
}
public virtual async Task RemoveCredential(User user, Credential cred)
{
await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.RemovedCredential, cred));
user.Credentials.Remove(cred);
Entities.Credentials.Remove(cred);
Entities.SaveChanges();
}
public virtual async Task <AuthenticatedUser> Register(string username, string emailAddress, Credential credential)
{
if (Config.FeedOnlyMode)
{
throw new FeedOnlyModeException(FeedOnlyModeException.FeedOnlyModeError);
}
var existingUser = Entities.Users
.FirstOrDefault(u => u.Username == username || u.EmailAddress == emailAddress);
if (existingUser != null)
{
if (String.Equals(existingUser.Username, username, StringComparison.OrdinalIgnoreCase))
{
throw new EntityException(Strings.UsernameNotAvailable, username);
}
else
{
throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress);
}
}
var apiKey = Guid.NewGuid();
var newUser = new User(username)
{
EmailAllowed = true,
UnconfirmedEmailAddress = emailAddress,
EmailConfirmationToken = CryptographyService.GenerateToken(),
CreatedUtc = DateTime.UtcNow
};
// Add a credential for the password and the API Key
newUser.Credentials.Add(CredentialBuilder.CreateV1ApiKey(apiKey));
newUser.Credentials.Add(credential);
if (!Config.ConfirmEmailAddresses)
{
newUser.ConfirmEmailAddress();
}
// Write an audit record
await Auditing.SaveAuditRecord(new UserAuditRecord(newUser, UserAuditAction.Registered));
Entities.Users.Add(newUser);
Entities.SaveChanges();
return(new AuthenticatedUser(newUser, credential));
}
public virtual async Task RemoveCredential(User user, Credential cred)
{
await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.RemovedCredential, cred));
Current.DB.Credentials.Delete(cred.Id);
}
public virtual async Task AddCredential(User user, Credential credential)
{
await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.AddedCredential, credential));
Current.DB.Credentials.Insert(credential);
}