Esempio n. 1
0
        public async Task <IActionResult> Update([FromHeader] string authToken, string id, UserUpdate userIn)
        {
            if (!await _authenticationService.CheckAccess(authToken, "userMgr"))
            {
                return(Unauthorized());
            }

            var user = await _userService.Get(id);

            if (user == null)
            {
                return(NotFound());
            }

            if (!user.Password.Equals(userIn.Password))
            {
                // TODO: Check to verify this works on the stockroom server
                if (!_hostEnvironment.EnvironmentName.Equals("Development", StringComparison.OrdinalIgnoreCase))
                {
                    EmailHelpers.SendPasswordResetEmail(userIn.TechMail, userIn.Password);
                }
                userIn.Password = AuthenticationHelpers.EncrpytPassword(userIn.Password);

                // Kill all active sessions
                await _tokenService.InvalidateUserTokens(user.Id);
            }

            var permDiff = user.Permissions.Except(userIn.Permissions);
            var roleDiff = user.Roles.Except(userIn.Roles);
            var certDiff = user.Certs.Except(userIn.Certs);

            if (permDiff.Count() != 0 || roleDiff.Count() != 0 || certDiff.Count() != 0)
            {
                // Kill all active sessions
                await _tokenService.InvalidateUserTokens(user.Id);
            }

            if (user.CountryCode != null)
            {
                if (!user.CountryCode.Equals(userIn.CountryCode) || !user.PhoneNumber.Equals(userIn.PhoneNumber))
                {
                    userIn.PhoneVerifiedFlag     = false;
                    userIn.PhoneVerificationCode = await SMSHelpers.SendVerificationCode(userIn.CountryCode, userIn.PhoneNumber);
                }
            }

            _userService.Update(user, userIn);

            await _logService.Create(new Log(
                                         null,
                                         AuthenticationHelpers.GetUserIdFromToken(authToken),
                                         DateTime.UtcNow,
                                         "Document modified.",
                                         "auth.users",
                                         id,
                                         JsonSerializer.Serialize(ecestockroom_api.Models.Authentication.User.FromUpdate(user, userIn))
                                         ));

            return(Ok());
        }
Esempio n. 2
0
        public async Task <ActionResult <User> > Create(UserCreate user)
        {
            string pass = user.Password;

            user.Password = AuthenticationHelpers.EncrpytPassword(user.Password);

            User created = await _userService.Create(user);

            if (!_hostEnvironment.EnvironmentName.Equals("Development", StringComparison.OrdinalIgnoreCase))
            {
                EmailHelpers.SendRegistrationConfirmationEmail(created.TechMail, created.Username, pass);
            }

            await _logService.Create(new Log(
                                         null,
                                         created.Id,
                                         DateTime.UtcNow,
                                         "Document created.",
                                         "auth.users",
                                         created.Id,
                                         JsonSerializer.Serialize(created)
                                         ));

            return(Ok(user));
        }
Esempio n. 3
0
 public IActionResult HashPassword([FromQuery] string password)
 {
     return(Ok(AuthenticationHelpers.EncrpytPassword(password)));
 }