/// <summary>
/// Allows a token to be requested using basic login information
/// </summary>
public async Task <TaskResult <string> > RequestStandardToken(string email, string password)
{
UserEmail emailObj = await Context.UserEmails.FindAsync(email.ToLower());
if (emailObj == null)
{
return(new TaskResult <string>(false, "There was no user found with that email.", null));
}
User user = await emailObj.GetUserAsync();
if (user.Disabled)
{
return(new TaskResult <string>(false, "Your account has been disabled.", null));
}
bool authorized = false;
if (!emailObj.Verified)
{
EmailConfirmCode confirmCode = await Context.EmailConfirmCodes.FindAsync(password);
// Someone using another person's verification is a little
// worrying, and we don't want them to know it worked, so we'll
// send the same error either way.
if (confirmCode == null || confirmCode.User_Id != user.Id)
{
return(new TaskResult <string>(false, "The email associated with this account needs to be verified! Please log in using the code " +
"that was emailed as your password.", null));
}
// At this point the email has been confirmed
emailObj.Verified = true;
Context.EmailConfirmCodes.Remove(confirmCode);
await Context.SaveChangesAsync();
authorized = true;
}
else
{
var result = await UserManager.ValidateAsync(CredentialType.PASSWORD, email, password);
if (result.Data != null && user.Id != result.Data.Id)
{
return(new TaskResult <string>(false, "A critical error occured. This should not be possible. Seek help immediately.", null));
}
if (!result.Success)
{
Console.WriteLine($"Failed password validation for {email}");
return(new TaskResult <string>(false, result.Message, null));
}
authorized = true;
}
// If the verification failed, forward the failure
if (!authorized)
{
return(new TaskResult <string>(false, "Failed to authorize user.", null));
}
// Check if there are any tokens already
AuthToken token = null;
token = await Context.AuthTokens.FirstOrDefaultAsync(x => x.App_Id == "VALOUR" && x.User_Id == user.Id && x.Scope == Permission.FullControl.Value);
if (token == null)
{
// We now have to create a token for the user
token = new AuthToken()
{
App_Id = "VALOUR",
Id = Guid.NewGuid().ToString(),
Time = DateTime.UtcNow,
Expires = DateTime.UtcNow.AddDays(7),
Scope = Permission.FullControl.Value,
User_Id = user.Id
};
using (ValourDB context = new ValourDB(ValourDB.DBOptions))
{
await context.AuthTokens.AddAsync(token);
await context.SaveChangesAsync();
}
}
else
{
token.Time = DateTime.UtcNow;
token.Expires = DateTime.UtcNow.AddDays(7);
using (ValourDB context = new ValourDB(ValourDB.DBOptions))
{
context.AuthTokens.Update(token);
await context.SaveChangesAsync();
}
}
return(new TaskResult <string>(true, "Successfully verified and retrieved token!", token.Id));
}
