public bool ChangeWebPassword(RecoveryCode model)
{
var webUser = _accessTokenRepository.GetWebUserByEmail(model.Email);
if (webUser == null)
{
throw new Exception("Emailadressen finns inte.");
}
model.UserId = webUser.Id;
var checkValidRecoveryCode = _accessTokenRepository.CheckValidWebRecoveryCode(model);
if (checkValidRecoveryCode == null)
{
throw new Exception("Ogiltig kod.");
}
if (checkValidRecoveryCode.ExpiredOn < DateTime.Now)
{
throw new Exception("Koden har gått ut.");
}
webUser.Password = _cryptoGraphy.EncryptString(model.NewPassword);
webUser.ModifiedDate = DateTime.Now;
return(_accessTokenRepository.ChangeWebPassword(webUser, checkValidRecoveryCode.Id));
}
public ActionResult ChangePassword(ChangePassword model)
{
try
{
if (ModelState.IsValid)
{
var recoverCode = new RecoveryCode
{
Email = model.Email,
NewPassword = model.Password,
RecoverCode = model.RecoveryCode
};
var changeWebPassword = _accessTokenService.ChangeWebPassword(recoverCode);
return(RedirectToAction("Index").WithSuccess("Lösenordet har blivit utbytt."));
}
else
{
return(View());
}
}
catch (Exception ex)
{
_log.ErrorFormat("Error in changing web user password. Error : {0}", ex.Message);
_log.Error(ex);
return(View().WithError(ex.Message));
}
}
public bool ChangePassword(RecoveryCode model)
{
_changePasswordValidators.Validate(model);
var user = _accessTokenRepository.GetUserByEmail(model.Email);
if (user == null)
{
throw _exception.ThrowException(System.Net.HttpStatusCode.BadRequest, "", "Användare finns inte.");
}
model.UserId = user.Id;
var recoverCode = _accessTokenRepository.CheckValidRecoverCode(model);
if (recoverCode == null)
{
throw _exception.ThrowException(System.Net.HttpStatusCode.BadRequest, "", "Ogiltig kod.");
}
if (recoverCode.ExpiredOn < DateTime.Now)
{
throw _exception.ThrowException(System.Net.HttpStatusCode.BadRequest, "", "Koden har gått ut.");
}
var changePassword = ChangePasswordMapper(model);
return(_accessTokenRepository.ChangePassword(changePassword, recoverCode.Id));
}
public int ValidateEmailAndSendCode(string emailId)
{
var expiredOn = Convert.ToInt32(ConfigurationManager.AppSettings["ExpiredValue"]);
var isEmailExist = _accessTokenRepository.ValidEmail(emailId);
if (!isEmailExist)
{
throw _exception.ThrowException(System.Net.HttpStatusCode.BadRequest, "", "Emailadressen finns inte.");
}
var user = _accessTokenRepository.GetUserByEmail(emailId);
var recoverCode = new RecoveryCode();
recoverCode.UserId = user.Id;
recoverCode.Email = user.Email;
recoverCode.RecoverCode = _cryptoGraphy.GenerateCode();
recoverCode.ExpiredOn = DateTime.Now.AddMinutes(expiredOn);
var recoveryCode = RecoveryCodeMapper(recoverCode);
_accessTokenRepository.CreateNewRecoverCode(recoveryCode);
var fields = new StringDictionary
{
{ "Name", user.Email },
{ "RecoveryCode", recoveryCode.RecoveryCode },
{ "ExpiredOn", Convert.ToString(expiredOn) }
};
var htmlBody = _fm.ReadFileContents(GetMailerTemplatePath("html", "RecoveryCode")).ReplaceMatch(fields);
_emailNotifier.SendEmail(emailId, htmlBody, "Recovery Code");
var minutes = (expiredOn * 60) / 60;
return(minutes);
}
private User ChangePasswordMapper(RecoveryCode model)
{
return(new User
{
Id = model.UserId.Value,
Password = _cryptoGraphy.EncryptString(model.NewPassword),
ModifiedDate = DateTime.Now
});
}
private RecoverCode RecoveryCodeMapper(RecoveryCode model)
{
return(new RecoverCode
{
UserId = model.UserId,
RecoveryCode = model.RecoverCode,
ExpiredOn = model.ExpiredOn
});
}
public WebUserRecoveryCode CheckValidWebRecoveryCode(RecoveryCode model)
{
var sqlQuery = CheckValidWebRecoveryCodeQuery();
var recoveryCode = _db.Query <WebUserRecoveryCode>(sqlQuery, new
{
@webUserId = model.UserId,
@recoveryCode = model.RecoverCode
}).FirstOrDefault();
return(recoveryCode);
}
public IHttpActionResult ChangePassword(RecoveryCode model)
{
try
{
var changePassword = _accessTokenService.ChangePassword(model);
return(Ok(new { Message = "Det nya lösenordet är nu aktiverat." }));
}
catch (Exception ex)
{
_log.ErrorFormat("Error in change user password. Error : {0}", ex.Message);
_log.Error(ex);
throw;
}
}
public IHttpActionResult Recovery(RecoveryCode model)
{
try
{
if (string.IsNullOrEmpty(model.Email))
{
throw _exception.ThrowException(HttpStatusCode.BadRequest, "", "Emailadress kan inte vara tomt.");
}
var minutes = _accessTokenService.ValidateEmailAndSendCode(model.Email);
return(Ok(new { Message = "En återställningskod har sänts till din email och den är användbar i några " + minutes + " minuter." }));
}
catch (Exception ex)
{
_log.ErrorFormat("Error in recover code for password. Error : {0}", ex.Message);
_log.Error(ex);
throw;
}
}
public IHttpActionResult post(RecoverDto dto)
{
// recovery procedures here
if (dto == null)
{
//throw new NullDtoException();
return(InternalServerError());
}
AuthRepository repo = new AuthRepository();
try {
int confirmationNumber = new RecoveryCode().generateCode();
var data = repo.FindUser(dto.userEmail);
if (data == null)
{
return(InternalServerError());
}
PlayerModel account = new PlayerModel()
{
FirstName = data.FirstName,
LastName = data.LastName,
Email = data.Email
};
String Message = new EmailMessage(account).ParseRecover(confirmationNumber);
String Header = MessageTemplate.MessageTitle;
Email mail = new Email(Header, Message, account);
mail.SendEmail();
return(Ok(confirmationNumber));
} catch (Exception) {
return(InternalServerError());
}
}
public async Task <IActionResult> OnPostAsync(string?returnUrl = null)
{
if (ModelState.IsValid)
{
ApplicationUser?user = await signInManager.GetTwoFactorAuthenticationUserAsync();
if (user is null)
{
throw new InvalidOperationException($"Unable to load two-factor authentication user.");
}
var recoveryCode = RecoveryCode.Replace(" ", string.Empty, StringComparison.OrdinalIgnoreCase);
Microsoft.AspNetCore.Identity.SignInResult?result = await signInManager.TwoFactorRecoveryCodeSignInAsync(recoveryCode);
if (result.Succeeded)
{
logger.LogInformation("User with ID '{UserId}' logged in with a recovery code.", user.Id);
return(LocalRedirect(returnUrl ?? Url.Content("~/")));
}
if (result.IsLockedOut)
{
logger.LogWarning("User with ID '{UserId}' account locked out.", user.Id);
return(RedirectToPage("./Lockout"));
}
else
{
logger.LogWarning("Invalid recovery code entered for user with ID '{UserId}' ", user.Id);
ModelState.AddModelError(string.Empty, "Invalid recovery code entered.");
return(Page());
}
}
return(Page());
}
