public async Task AddTwoStepLoginFailureAsync()
{
int userId = Manager.SessionSettings.SiteSettings.GetValue <int>(LoginTwoStepController.IDENTITY_TWOSTEP_USERID);
if (userId == 0)
{
throw new InternalError("No user id available in AddTwoStepLoginFailure");
}
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
throw new InternalError("Unexpected error in AddTwoStepLoginFailure - no user found");
}
LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync();
user.LoginFailures = user.LoginFailures + 1;
if (config.MaxLoginFailures != 0 && user.LoginFailures >= config.MaxLoginFailures)
{
if (user.UserStatus != UserStatusEnum.Suspended)
{
user.UserStatus = UserStatusEnum.Suspended;
}
}
UpdateStatusEnum status = await userDP.UpdateItemAsync(user);
if (status != UpdateStatusEnum.OK)
{
throw new InternalError("Unexpected status {0} updating user account in AddTwoStepLoginFailure", status);
}
}
}
public async Task <ActionResult> Suspend(string userName)
{
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider()) {
UserDefinition user = await GetUserAsync(userName, dataProvider);
if (user.UserStatus != UserStatusEnum.Suspended)
{
user.UserStatus = UserStatusEnum.Suspended;
UpdateStatusEnum status = await dataProvider.UpdateItemAsync(user);
switch (status)
{
default:
case UpdateStatusEnum.NewKeyExists:
throw new InternalError("Unexpected status {0}", status);
case UpdateStatusEnum.RecordDeleted:
throw new Error(this.__ResStr("rejectUserNotFound", "The user account for user {0} no longer exists.", userName));
case UpdateStatusEnum.OK:
break;
}
}
Emails emails = new Emails();
await emails.SendSuspendedAsync(user);
return(Reload(null, Reload: ReloadEnum.ModuleParts, PopupText: this.__ResStr("userSuspended", "The user account for user {0} has been marked as suspended. An email has been sent to the user.", userName)));
}
}
public async Task AddEnabledTwoStepAuthenticationAsync(int userId, string auth)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
throw new InternalError($"Unexpected error in {nameof(AddEnabledTwoStepAuthenticationAsync)} - no user found");
}
TwoStepDefinition authDef = new DataProvider.TwoStepDefinition {
Name = auth
};
if (!user.EnabledTwoStepAuthentications.Contains(authDef, new TwoStepDefinitionComparer()))
{
user.EnabledTwoStepAuthentications.Add(authDef);
UpdateStatusEnum status = await userDP.UpdateItemAsync(user);
if (status != UpdateStatusEnum.OK)
{
throw new InternalError($"Unexpected status {status} updating user account in {nameof(AddEnabledTwoStepAuthenticationAsync)}");
}
Manager.Need2FAState = null;//reevaluate now that user has enabled a two-step authentication
}
}
}
public async Task SetUserStatusAsync(int userId, UserStatusEnum userStatus)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
throw new InternalError($"Unknown user (user id {userId})");
}
if (user.UserStatus != userStatus)
{
user.UserStatus = userStatus;
if (userStatus == UserStatusEnum.Approved)
{
user.LoginFailures = 0;
}
UpdateStatusEnum status = await userDP.UpdateItemAsync(user);
if (status != UpdateStatusEnum.OK)
{
throw new InternalError($"Unexpected status {status} updating user account in {nameof(SetUserStatusAsync)}");
}
}
}
}
public async Task RemoveRoleFromUserAsync(int userId, string roleName)
{
int roleId;
// get the role id for roleName
using (RoleDefinitionDataProvider roleDP = new RoleDefinitionDataProvider()) {
RoleDefinition role = await roleDP.GetItemAsync(roleName);
if (role == null)
{
throw new InternalError("Unexpected error in AddRoleToUser - expected role {0} not found", roleName);
}
roleId = role.RoleId;
}
// remove the role from the user
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user != null)
{
Role role = (from Role r in user.RolesList where r.RoleId == roleId select r).FirstOrDefault();
if (role != null)
{
user.RolesList.Remove(role);
UpdateStatusEnum status = await userDP.UpdateItemAsync(user);
if (status != UpdateStatusEnum.OK)
{
throw new InternalError("Unexpected status {0} updating user account in RemoveRoleFromUser", status);
}
}
}
}
}
public async Task <List <SelectionItem <string> > > GetUserRolesAsync(int userId)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
List <SelectionItem <string> > list = new List <SelectionItem <string> >();
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user != null)
{
using (RoleDefinitionDataProvider roleDP = new RoleDefinitionDataProvider()) {
List <RoleDefinition> allRoles = roleDP.GetAllRoles();
foreach (Role r in user.RolesList)
{
RoleDefinition roleDef = (from a in allRoles where a.RoleId == r.RoleId select a).FirstOrDefault();
if (roleDef != null)
{
list.Add(new SelectionItem <string> {
Text = roleDef.Name, Tooltip = roleDef.Description, Value = roleDef.Id
});
}
}
}
}
return(list);
}
}
public const int MAXUSERS = 50; // maximum # of users for a dropdown
public static async Task <bool> IsLargeUserBaseAsync()
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
DataProviderGetRecords <UserDefinition> recs = await userDP.GetItemsAsync(0, 1, null, null);
return(recs.Total > MAXUSERS);
}
}
public async Task <ActionResult> RehashAllPasswords()
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
await userDP.RehashAllPasswordsAsync();
return(Reload(null, Reload: ReloadEnum.ModuleParts, PopupText: this.__ResStr("rehashDone", "All user passwords have been rehashed")));
}
}
public async Task <UserDefinition> FindByNameAsync(string userName, CancellationToken cancellationToken)
{
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider(this.CurrentSiteIdentity)) {
UserDefinition user = await dataProvider.GetItemAsync(userName);
return(user);
}
}
public async Task <ActionResult> RecoveryCodes_Partial(EditModel model)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(Manager.UserId);
if (user == null)
{
throw new InternalError("User with id {0} not found", Manager.UserId);
}
EditModel.ModelProgressEnum progress = (EditModel.ModelProgressEnum)Manager.SessionSettings.SiteSettings.GetValue <int>(IDENTITY_RECOVERY_PROGRESS, (int)EditModel.ModelProgressEnum.New);
model.ModelProgress = progress;
model.UpdateData(user);
if (!ModelState.IsValid)
{
return(PartialView(model));
}
string msg = null;
switch (progress)
{
case EditModel.ModelProgressEnum.New:
progress = EditModel.ModelProgressEnum.ShowLogin;
break;
case EditModel.ModelProgressEnum.ShowLogin:
#if MVC6
if (!await Managers.GetUserManager().CheckPasswordAsync(user, model.Password))
#else
if (await Managers.GetUserManager().FindAsync(user.UserName, model.Password) == null)
#endif
{ ModelState.AddModelError(nameof(model.Password), this.__ResStr("badPassword", "The password is invalid")); }
if (!ModelState.IsValid)
{
return(PartialView(model));
}
progress = EditModel.ModelProgressEnum.ShowCodes;
break;
case EditModel.ModelProgressEnum.ShowCodes:
await GenerateRecoveryCodeAsync(userDP, user);
msg = this.__ResStr("newCode", "A new recovery code has been generated");
break;
}
Manager.SessionSettings.SiteSettings.SetValue <int>(IDENTITY_RECOVERY_PROGRESS, (int)progress);
Manager.SessionSettings.SiteSettings.Save();
model.ModelProgress = progress;
model.UpdateData(user);
return(FormProcessed(model, popupText: msg, ForceApply: true));
}
}
/// <summary>
/// Add a user - used from site template to add a site user
/// </summary>
public void AddUser(string name, string pswd)
{
YetaWFManager.Syncify(async() => { // super rare, so sync is OK
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider()) {
await dataProvider.AddUserAsync(name);
}
await ChangePasswordAsync(name, pswd);
});
}
public async Task <ActionResult> UsersAdd_Partial(AddModel model)
{
if (!ModelState.IsValid)
{
return(PartialView(model));
}
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider()) {
LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync();
switch (config.RegistrationType)
{
default:
case RegistrationTypeEnum.NameAndEmail: { // Email == model.Email
List <DataProviderFilterInfo> filters = DataProviderFilterInfo.Join(null, new DataProviderFilterInfo {
Field = nameof(UserDefinition.Email), Operator = "==", Value = model.Email,
});
UserDefinition userExists = await dataProvider.GetItemAsync(filters);
if (userExists != null)
{
ModelState.AddModelError(nameof(model.Email), this.__ResStr("emailUsed", "An account using email address {0} already exists.", model.Email));
return(PartialView(model));
}
break;
}
case RegistrationTypeEnum.EmailOnly:
model.UserName = model.Email;
break;
case RegistrationTypeEnum.NameOnly:
model.UserName = model.Email;
break;
}
UserDefinition user = model.GetData();
string hashedNewPassword;
#if MVC6
IPasswordHasher <UserDefinition> passwordHasher = (IPasswordHasher <UserDefinition>)YetaWFManager.ServiceProvider.GetService(typeof(IPasswordHasher <UserDefinition>));
hashedNewPassword = passwordHasher.HashPassword(user, model.Password);
#else
UserManager <UserDefinition> userManager = Managers.GetUserManager();
hashedNewPassword = userManager.PasswordHasher.HashPassword(model.Password);
#endif
user.PasswordPlainText = config.SavePlainTextPassword ? model.Password : null;
user.PasswordHash = hashedNewPassword;
if (!await dataProvider.AddItemAsync(user))
{
throw new Error(this.__ResStr("alreadyExists", "A user named \"{0}\" already exists."), model.UserName);
}
return(FormProcessed(model, this.__ResStr("okSaved", "New user saved"), OnPopupClose: OnPopupCloseEnum.ReloadModule));
}
}
public async Task <ActionResult> SelectTwoStepSetup()
{
EditModel model = new EditModel();
Manager.NeedUser();
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(Manager.UserId);
if (user == null)
{
throw new InternalError("User with id {0} not found", Manager.UserId);
}
using (UserLoginInfoDataProvider logInfoDP = new UserLoginInfoDataProvider()) {
string ext = await logInfoDP.GetExternalLoginProviderAsync(Manager.UserId);
if (ext != null)
{
return(View("ShowMessage", this.__ResStr("extUser", "Your account uses a {0} account - Two-step authentication must be set up using your {0} account.", ext), UseAreaViewName: false));
}
}
TwoStepAuth twoStep = new TwoStepAuth();
List <ITwoStepAuth> list = await twoStep.GetTwoStepAuthProcessorsAsync();
List <string> procs = (from p in list select p.Name).ToList();
List <string> enabledTwoStepAuths = (from e in user.EnabledTwoStepAuthentications select e.Name).ToList();
foreach (string proc in procs)
{
ITwoStepAuth auth = await twoStep.GetTwoStepAuthProcessorByNameAsync(proc);
if (auth != null)
{
ModuleAction action = await auth.GetSetupActionAsync();
if (action != null)
{
string status;
if (enabledTwoStepAuths.Contains(auth.Name))
{
status = this.__ResStr("enabled", "(Enabled)");
}
else
{
status = this.__ResStr("notEnabled", "(Not Enabled)");
}
model.AuthMethods.Add(new Controllers.SelectTwoStepSetupModuleController.EditModel.AuthMethod {
Action = action,
Status = status,
Description = auth.GetDescription()
});
}
}
}
model.AuthMethods = (from a in model.AuthMethods orderby a.Action.LinkText select a).ToList();
}
return(View(model));
}
public async Task <UserDefinition> FindByIdAsync(string userId, CancellationToken cancellationToken)
{
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider(this.CurrentSiteIdentity)) {
UserDefinition user = null;
try {
user = await dataProvider.GetItemByUserIdAsync(Convert.ToInt32(userId));
} catch (Exception) { }
return(user);
}
}
public async Task <ActionResult> Remove(string userName)
{
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider()) {
UserDefinition user = await GetUserAsync(userName, dataProvider);
await dataProvider.RemoveItemAsync(userName);
return(Reload(null, Reload: ReloadEnum.ModuleParts));
}
}
private async Task GenerateRecoveryCodeAsync(UserDefinitionDataProvider userDP, UserDefinition user)
{
user.RecoveryCode = Guid.NewGuid().ToString().Substring(0, 12);
UpdateStatusEnum status = await userDP.UpdateItemAsync(user);
if (status != UpdateStatusEnum.OK)
{
throw new Error(this.__ResStr("cantUpdate", "Updating user information failed - {0}", status));
}
}
public async Task UpdatePasswordExpiration(List <string> errorList)
{
long ticks = WebConfigHelper.GetValue <long>(YetaWF.Modules.Identity.Controllers.AreaRegistration.CurrentPackage.AreaName, "PasswordRenewal", new TimeSpan(0, 0, 0).Ticks); // 0 = indefinitely
if (ticks <= 0)
{
return; // nothing to do
}
TimeSpan interval = new TimeSpan(ticks); // renewal interval
DateTime oldestDate = DateTime.UtcNow.Subtract(interval);
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
int offset = 0;
const int CHUNK = 50;
for (;;)
{
List <DataProviderFilterInfo> filters = null;
filters = DataProviderFilterInfo.Join(filters, new DataProviderFilterInfo {
Field = nameof(UserDefinition.UserStatus), Operator = "==", Value = UserStatusEnum.Approved
});
filters = DataProviderFilterInfo.Join(filters, new DataProviderFilterInfo {
Field = nameof(UserDefinition.NeedsNewPassword), Operator = "==", Value = false
});
DataProviderGetRecords <UserDefinition> usersInfo = await userDP.GetItemsAsync(offset, CHUNK, null, filters);
if (usersInfo.Data.Count == 0)
{
return;
}
foreach (UserDefinition user in usersInfo.Data)
{
bool forceUpdate = false;
if (user.LastPasswordChangedDate != null && user.LastPasswordChangedDate < oldestDate)
{
forceUpdate = true;
}
else if (user.LastPasswordChangedDate == null && user.Created < oldestDate)
{
forceUpdate = true;
}
if (forceUpdate)
{
user.NeedsNewPassword = true;
await userDP.UpdateItemAsync(user);
Logging.AddLog($"Updated {user.Id} {user.UserName} - requires password");
}
}
offset += CHUNK;
System.Threading.Thread.Sleep(5 * 1000); // wait some 5 seconds
}
}
}
public async Task <ActionResult> SendSuspendedEmail(string userName)
{
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider()) {
UserDefinition user = await GetUserAsync(userName, dataProvider);
Emails emails = new Emails();
await emails.SendSuspendedAsync(user);
return(Reload(null, Reload: ReloadEnum.ModuleParts, PopupText: this.__ResStr("suspendedSent", "Suspension email sent to user {0}.", user.Email)));
}
}
// API
// API
// API
/// <summary>
/// Returns the user id given a login provider and key.
/// </summary>
/// <param name="loginProvider"></param>
/// <param name="providerKey"></param>
/// <returns>The UserDefinition object or null if no such user exists.</returns>
public async Task <UserDefinition> GetItemAsync(string loginProvider, string providerKey)
{
LoginInfo info = await DataProvider.GetAsync(LoginInfo.MakeKey(loginProvider, providerKey));
if (info == null)
{
return(null);
}
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
return(await userDP.GetItemAsync(info.UserId));
}
}
public async Task <bool> RemoveUserAsync(int userId)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
return(false);
}
return(await userDP.RemoveItemAsync(user.UserName));
}
}
public async Task <bool> VerifyTwoStepAuthenticationRecoveryCodeAsync(int userId, string code)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
throw new InternalError($"Unexpected error in {nameof(VerifyTwoStepAuthenticationRecoveryCodeAsync)} - no user found");
}
return(user.RecoveryCode == code);
}
}
public async Task <string> GetUserPasswordAsync(int userId)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
throw new InternalError($"Unknown user (user id {userId})");
}
return(user.PasswordPlainText);
}
}
public async Task <DateTime?> GetUserLastLoginDateAsync(int userId)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
throw new InternalError($"Unknown user (user id {userId})");
}
return(user.LastLoginDate);
}
}
public async Task <int> GetUserIdAsync(string userName)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemAsync(userName);
if (user == null)
{
return(0);
}
return(user.UserId);
}
}
public async Task <UserStatusEnum> GetUserStatusAsync(int userId)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
throw new InternalError($"Unknown user (user id {userId})");
}
return(user.UserStatus);
}
}
public async Task <IdentityResult> DeleteAsync(UserDefinition user, CancellationToken cancellationToken)
{
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider(this.CurrentSiteIdentity)) {
bool status = await dataProvider.RemoveItemAsync(user.UserName);
if (!status)
{
throw new Error(this.__ResStr("userNotFound", "User {0} not found.", user.UserName));
}
return(IdentityResult.Success);
}
}
public async Task <string> GetUserEmailAsync(int userId)
{
using (UserDefinitionDataProvider userDP = new UserDefinitionDataProvider()) {
UserDefinition user = await userDP.GetItemByUserIdAsync(userId);
if (user == null)
{
return(null);
}
return(user.Email);
}
}
//~UserStore() { Dispose(false); }
// IUserStore
// IUserStore
// IUserStore
public async Task <IdentityResult> CreateAsync(UserDefinition user, CancellationToken cancellationToken)
{
using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider(this.CurrentSiteIdentity)) {
bool status = await dataProvider.AddItemAsync(user);
if (!status)
{
throw new Error(this.__ResStr("userExists", "User {0} already exists.", user.UserName));
}
return(IdentityResult.Success);
}
}
private async Task <UserDefinition> GetUserAsync(string userName, UserDefinitionDataProvider dataProvider)
{
if (string.IsNullOrWhiteSpace(userName))
{
throw new Error(this.__ResStr("noItem", "No user name specified"));
}
UserDefinition user = await dataProvider.GetItemAsync(userName);
if (user == null)
{
throw new Error(this.__ResStr("notFoundUser", "User {0} not found.", userName));
}
return(user);
}
public async Task <string> RenderAsync(string model)
{
HtmlBuilder hb = new HtmlBuilder();
YTagBuilder tag = new YTagBuilder("span");
FieldSetup(tag, FieldType.Anonymous);
ModuleAction actionDisplay = null;
ModuleAction actionLoginAs = null;
using (UserDefinitionDataProvider userDefDP = new UserDefinitionDataProvider()) {
UserDefinition user = null;
string userName = "";
if (!string.IsNullOrWhiteSpace(model))
{
user = await userDefDP.GetItemByEmailAsync(model);
if (user == null)
{
userName = model;
}
else
{
userName = user.Email;
UsersDisplayModule modDisp = new UsersDisplayModule();
actionDisplay = modDisp.GetAction_Display(null, user.UserName);
LoginModule modLogin = (LoginModule)await ModuleDefinition.CreateUniqueModuleAsync(typeof(LoginModule));
actionLoginAs = await modLogin.GetAction_LoginAsAsync(user.UserId, user.UserName);
}
}
else
{
userName = __ResStr("noEmail", "(not specified)");
}
tag.SetInnerText(userName);
}
hb.Append(tag.ToString(YTagRenderMode.Normal));
if (actionDisplay != null)
{
hb.Append(await actionDisplay.RenderAsync(ModuleAction.RenderModeEnum.IconsOnly));
}
if (actionLoginAs != null)
{
hb.Append(await actionLoginAs.RenderAsync(ModuleAction.RenderModeEnum.IconsOnly));
}
return(hb.ToString());
}
