public void AddResetToken(ResetToken token)
{
using (var context = new DatabaseContext())
{
var entity = context.ResetTokens.Create();
entity.UserId = token.UserId;
entity.Token = token.Token;
entity.ExpirationTime = token.ExpirationTime;
entity.Type = token.Type;
context.ResetTokens.Add(entity);
context.SaveChanges();
}
}
public void InitiateResetSecurePhrase(string email)
{
using (var transaction = new TransactionScope())
{
var userData = _database.GetUserByEmail(email);
if (userData == null || userData.UserState == UserState.Deleted) throw new UserDoesNotExistException();
_database.DeleteExpiredResetTokens();
_database.DeleteResetTokenIfExists(userData.Id, ResetTokenType.SecurePhrase);
var resetToken = new ResetToken
{
UserId = userData.Id,
Token = Guid.NewGuid().ToString(),
ExpirationTime = DateTime.Now.Add(_configuration.ResetSecurePhraseTokenLifespan),
Type = ResetTokenType.SecurePhrase,
};
_database.AddResetToken(resetToken);
transaction.Complete();
_mailNotifier.SendResetSecurePhraseInstruction(new ResetNotification
{
UserId = userData.Id,
UserEmail = userData.Email,
UserFirstName = userData.FirstName,
UserLastName = userData.LastName,
ResetToken = resetToken.Token,
ExpirationTime = resetToken.ExpirationTime,
});
}
}
public UserHeader CreateUser(UserHeader user)
{
using (var transaction = new TransactionScope())
{
var userData = _database.GetUserByEmail(user.Email);
if (userData != null)
{
if (userData.UserState != UserState.Deleted) throw new DuplicateUserException();
userData.UserState = UserState.Created;
userData.FirstName = user.FirstName;
userData.LastName = user.LastName;
userData.HashedPassword = null;
userData.PasswordSalt = null;
userData.EncryptedSecurePhrase = null;
userData.FirstSecurePhraseQuestionCharacterIndex = null;
userData.SecondSecurePhraseQuestionCharacterIndex = null;
userData.Role = user.Role;
_database.UpdateUser(userData);
}
else
{
userData = new UserData(user);
if (userData.Id == Guid.Empty) userData.Id = Guid.NewGuid();
_database.CreateUser(userData);
}
var resetToken = new ResetToken
{
UserId = userData.Id,
Token = Guid.NewGuid().ToString(),
ExpirationTime = DateTime.Now.Add(_configuration.ResetUserTokenLifespan),
Type = ResetTokenType.Both,
};
_database.DeleteExpiredResetTokens();
_database.DeleteResetTokenIfExists(userData.Id, ResetTokenType.Both);
_database.AddResetToken(resetToken);
transaction.Complete();
_mailNotifier.SendNewUserInstruction(new ResetNotification
{
UserId = userData.Id,
UserEmail = userData.Email,
UserFirstName = userData.FirstName,
UserLastName = userData.LastName,
ResetToken = resetToken.Token,
ExpirationTime = resetToken.ExpirationTime,
});
return userData;
}
}
private UserData GetUserByResetToken(ResetToken token)
{
if (token == null) return null;
if (token.ExpirationTime < DateTime.Now) return null;
var user = _database.GetUserById(token.UserId);
return user;
}