Esempio n. 1
0
        public virtual async Task <ActionResult> ChangeEmail(UserAccountViewModel model)
        {
            if (!ModelState.IsValidField("ChangeEmail.NewEmail"))
            {
                return(AccountView(model));
            }

            var user = GetCurrentUser();

            if (user.HasPassword())
            {
                if (!ModelState.IsValidField("ChangeEmail.Password"))
                {
                    return(AccountView(model));
                }

                Credential _;

                if (!_authService.ValidatePasswordCredential(user.Credentials, model.ChangeEmail.Password, out _))
                {
                    ModelState.AddModelError("ChangeEmail.Password", Strings.CurrentPasswordIncorrect);
                    return(AccountView(model));
                }
            }

            // No password? We can't do any additional verification...

            if (string.Equals(model.ChangeEmail.NewEmail, user.LastSavedEmailAddress, StringComparison.OrdinalIgnoreCase))
            {
                // email address unchanged - accept
                return(RedirectToAction(actionName: "Account", controllerName: "Users"));
            }

            try
            {
                await _userService.ChangeEmailAddress(user, model.ChangeEmail.NewEmail);
            }
            catch (EntityException e)
            {
                ModelState.AddModelError("ChangeEmail.NewEmail", e.Message);
                return(AccountView(model));
            }

            if (user.Confirmed)
            {
                var confirmationUrl = Url.ConfirmEmail(user.Username, user.EmailConfirmationToken, relativeUrl: false);
                _messageService.SendEmailChangeConfirmationNotice(new MailAddress(user.UnconfirmedEmailAddress, user.Username), confirmationUrl);

                TempData["Message"] = Strings.EmailUpdated_ConfirmationRequired;
            }
            else
            {
                TempData["Message"] = Strings.EmailUpdated;
            }

            return(RedirectToAction(actionName: "Account", controllerName: "Users"));
        }
Esempio n. 2
0
        private void UpdateUserAccountModel(User account, UserAccountViewModel model)
        {
            model.CredentialGroups      = GetCredentialGroups(account);
            model.SignInCredentialCount = model
                                          .CredentialGroups
                                          .Where(p => p.Key == CredentialKind.Password || p.Key == CredentialKind.External)
                                          .Sum(p => p.Value.Count);
            model.ExpirationInDaysForApiKeyV1 = _config.ExpirationInDaysForApiKeyV1;

            model.ChangePassword = model.ChangePassword ?? new ChangePasswordViewModel();
            model.ChangePassword.EnablePasswordLogin = model.HasPassword;
        }
Esempio n. 3
0
        public virtual async Task <ActionResult> ChangeEmailSubscription(UserAccountViewModel model)
        {
            var user = GetCurrentUser();

            await _userService.ChangeEmailSubscriptionAsync(
                user,
                model.ChangeNotifications.EmailAllowed,
                model.ChangeNotifications.NotifyPackagePushed);

            TempData["Message"] = Strings.EmailPreferencesUpdated;

            return(RedirectToAction("Account"));
        }
Esempio n. 4
0
        public virtual async Task <ActionResult> CancelChangeEmail(UserAccountViewModel model)
        {
            var user = GetCurrentUser();

            if (string.IsNullOrWhiteSpace(user.UnconfirmedEmailAddress))
            {
                return(RedirectToAction(actionName: "Account", controllerName: "Users"));
            }

            await _userService.CancelChangeEmailAddress(user);

            TempData["Message"] = Strings.CancelEmailAddress;

            return(RedirectToAction(actionName: "Account", controllerName: "Users"));
        }
Esempio n. 5
0
        public virtual async Task <ActionResult> ChangePassword(UserAccountViewModel model)
        {
            var user = GetCurrentUser();

            var oldPassword = user.Credentials.FirstOrDefault(
                c => c.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase));

            if (oldPassword == null)
            {
                // User is requesting a password set email
                var resetResultType = await _authService.GeneratePasswordResetToken(user, Constants.PasswordResetTokenExpirationHours * 60);

                if (resetResultType == PasswordResetResultType.UserNotConfirmed)
                {
                    ModelState.AddModelError("ChangePassword", Strings.UserIsNotYetConfirmed);
                    return(AccountView(model));
                }

                return(SendPasswordResetEmail(user, forgotPassword: false));
            }
            else
            {
                if (!model.ChangePassword.EnablePasswordLogin)
                {
                    return(await RemovePassword());
                }

                if (!ModelState.IsValidField("ChangePassword"))
                {
                    return(AccountView(model));
                }

                if (model.ChangePassword.NewPassword != model.ChangePassword.VerifyPassword)
                {
                    ModelState.AddModelError("ChangePassword.VerifyPassword", Strings.PasswordDoesNotMatch);
                    return(AccountView(model));
                }

                if (!await _authService.ChangePassword(user, model.ChangePassword.OldPassword, model.ChangePassword.NewPassword))
                {
                    ModelState.AddModelError("ChangePassword.OldPassword", Strings.CurrentPasswordIncorrect);
                    return(AccountView(model));
                }

                TempData["Message"] = Strings.PasswordChanged;
                return(RedirectToAction("Account"));
            }
        }