Esempio n. 1
0
        private async Task <string[]> ChangeUserPassword(string resetToken, string oldPassword, string newPassword)
        {
            string[] result = null;

            PasswordPolicy passpol          = null;
            string         accessTokenValue = null;

            bool isPasswordValid = true;

            ClaimsIdentity claimsIdentity = null;

            try
            {
                resetToken  = resetToken ?? "";
                oldPassword = oldPassword ?? "";
                newPassword = newPassword ?? "";

                passpol = _dbi.GetPasswordPolicy();

                if (passpol != null)
                {
                    string lang = this.GetSelectedLanguage();

                    var verifResult = passpol.IsPasswordFormatValid(newPassword);

                    if (!verifResult.IsValid())
                    {
                        isPasswordValid = false;

                        result = passpol
                                 .SetAlphaErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Alpha", lang))
                                 .SetMinLenErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_MinLen", lang))
                                 .SetNumericErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Numeric", lang))
                                 .SetSpacesErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Spaces", lang))
                                 .SetSpecialErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Special", lang))
                                 .SetUppercaseErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Uppercase", lang))
                                 .GetErrorMessages(verifResult);
                    }
                }

                if (isPasswordValid)
                {
                    accessTokenValue = _dbi.ChangeAccountPassword(oldPassword, newPassword, resetToken);

                    if (string.IsNullOrEmpty(resetToken))
                    {
                        claimsIdentity = new ClaimsIdentity(BaseController.APP_ID);
                        claimsIdentity.AddClaims(this.User.Claims.Where(l => l.Type != ACCESS_TOKEN_KEY && l.Type != PASSWORD_FORMAT_INVALID));

                        claimsIdentity.AddClaim(new Claim(ACCESS_TOKEN_KEY, accessTokenValue));
                        claimsIdentity.AddClaim(new Claim(PASSWORD_FORMAT_INVALID, false.ToString()));

                        if (GetRememberUser(this.User))
                        {
                            await this.HttpContext.Authentication.SignInAsync(
                                BaseController.APP_ID,
                                new ClaimsPrincipal(claimsIdentity),
                                new AuthenticationProperties
                            {
                                IsPersistent = true,
                                ExpiresUtc   = GetClaimExpDate(this.User)
                            });
                        }
                        else
                        {
                            await this.HttpContext.Authentication.SignInAsync(BaseController.APP_ID, new ClaimsPrincipal(claimsIdentity));
                        }
                    }
                }

                return(result);
            }
            catch (Exception ex)
            {
                throw ex;
            }
            finally
            {
                result           = null;
                passpol          = null;
                accessTokenValue = null;
                claimsIdentity   = null;
            }
        }
Esempio n. 2
0
        public async Task <IActionResult> ProcessRegistration([FromBody] dynamic param = null)
        {
            string       tokenValue = null, accountName = null, fName = null, lName = null, password = null;
            AccountToken accountToken = null;
            Exception    ex1 = null, ex2 = null;

            string[]       errMsgs = null;
            PasswordPolicy passPol = null;

            try
            {
                tokenValue  = param.tokenValue;
                accountName = param.accountName;
                fName       = param.fName;
                lName       = param.lName;
                password    = param.password;


                await Task.WhenAll(
                    Helper.GetFunc(() =>
                {
                    string lang = null;

                    try
                    {
                        passPol = _dbi.GetPasswordPolicy();

                        if (passPol != null)
                        {
                            lang = this.GetSelectedLanguage();

                            var verifResult = passPol.IsPasswordFormatValid(password);

                            if (!verifResult.IsValid())
                            {
                                errMsgs = passPol
                                          .SetAlphaErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Alpha", lang))
                                          .SetMinLenErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_MinLen", lang))
                                          .SetNumericErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Numeric", lang))
                                          .SetSpacesErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Spaces", lang))
                                          .SetSpecialErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Special", lang))
                                          .SetUppercaseErrorMsg(LanguageManager.GetMessage("errMsg_Pswrd_Uppercase", lang))
                                          .GetErrorMessages(verifResult);
                            }
                        }
                    }
                    catch (Exception ex)
                    {
                        ex1 = ex;
                    }
                    finally
                    {
                        lang = null;
                    }

                    return(Task.CompletedTask);
                })(),
                    Helper.GetFunc(async() =>
                {
                    try
                    {
                        accountToken = await GetAccountToken(tokenValue, AccountTokenType.SignUp);
                    }
                    catch (Exception ex)
                    {
                        ex2 = ex;
                    }
                })());

                if (ex1 != null)
                {
                    throw ex1;
                }
                if (ex2 != null)
                {
                    throw ex2;
                }


                if (errMsgs == null || errMsgs.Length == 0)
                {
                    accountToken.Account.RegisterForRecordStateChange();
                    accountToken.Account.Email          = accountToken.AddData;
                    accountToken.Account.EmailConfirmed = true;
                    accountToken.Account.AccountName    = string.IsNullOrEmpty(accountName) ? accountToken.Account.UID : accountName;
                    accountToken.Account.FName          = fName;
                    accountToken.Account.LName          = lName;
                    accountToken.Account.PasswordHash   = PasswordHash.CreateHash(password);
                    accountToken.Account.UnregisterForRecordStateChange();

                    if (accountToken.Account.RecordState == RecordState.Updated)
                    {
                        accountToken.RecordState = RecordState.Deleted;

                        _dbi.ManageIdentityModels(accountToken.Account, accountToken);
                    }
                }


                return(Json(new { Ok = true, errMsgs = errMsgs }));
            }
            catch (Exception ex)
            {
                return(InternalServerError(ex));
            }
            finally
            {
                tokenValue = null;
            }
        }