Esempio n. 1
0
        public async Task<IHttpActionResult> ChangeEmail(ChangeEmailModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return BadRequest(ModelState);
                }

                using (AuthRepository repo = new AuthRepository())
                {
                    ApplicationUser user = await repo.FindAspUserByUserId(HttpContext.Current.User.Identity.Name);


                    if (user != null)
                    {
                        IdentityResult updatedEmail = await repo.ChangeEmailAsync(user, model.Email, user.Email);

                        if (!updatedEmail.Succeeded)
                        {
                            foreach (string error in updatedEmail.Errors)
                                ModelState.AddModelError(ModelStateType.ErrorList, error);

                            return BadRequest(ModelState);
                        }

                        return Ok(user);
                    }
                    else
                    {
                        // Don't reveal that the user does not exist
                        ModelState.AddModelError(string.Empty, "Sorry, there was an error.");
                        return BadRequest(ModelState);
                    }
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }
Esempio n. 2
0
        public async Task<HttpResponseMessage> ConfirmEmail(string aspUserId, string code)
        {
            AuthRepository repo = new AuthRepository();

            try
            {
                if (aspUserId != null && code != null)
                {
                    IdentityResult result = await repo.ConfirmEmail(aspUserId, code);

                    if (result.Succeeded)
                    {
                        //If email confirmation succeeds, automatically give the a 2FA token
                        ApplicationUser user = await repo.FindAspUserByUserId(aspUserId);
                        var userIdentity = await user.GenerateUserIdentityAsync(UserManager);

                        string pinCode = await repo.GetTwoFactorCode(aspUserId);
                        await repo.VerifyTwoFactorToken(aspUserId, pinCode);

                        var rememberBrowserIdentity = repo.authManager.CreateTwoFactorRememberBrowserIdentity(user.Id);
                        repo.authManager.SignIn(new AuthenticationProperties { IsPersistent = true }, userIdentity, rememberBrowserIdentity);

                        var response = Request.CreateResponse(HttpStatusCode.Moved);
                        response.Headers.Location = new Uri(Config.BaseWWClientURL + "#/registerConfirm");

                        return response;
                    }
                }

                var errorResponse = Request.CreateResponse(HttpStatusCode.Moved);
                errorResponse.Headers.Location = new Uri(Config.BaseWWClientURL + "/#/registerError?id=" + aspUserId);
                return errorResponse;
            }
            catch (Exception ex)
            {
                ErrorLogging.LogError(ex);

                var errorResponse = Request.CreateResponse(HttpStatusCode.Moved);
                errorResponse.Headers.Location = new Uri(Config.BaseWWClientURL + "/#/registerError?id=" + aspUserId);
                return errorResponse;
            }
            finally
            {
                repo.Dispose();
            }
        }
Esempio n. 3
0
        public async Task<IHttpActionResult> ChangePassword(ChangePasswordModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return BadRequest(ModelState);
                }

                using (AuthRepository repo = new AuthRepository())
                {
                    ApplicationUser appUser = await repo.FindAspUserByUserId(User.Identity.Name);
                    var user = await repo.CheckCredentials(appUser.UserName, model.OldPassword);

                    if (user == null)
                    {
                        // Don't reveal that the user does not exist
                        ModelState.AddModelError(ModelStateType.ErrorList, "The current password is incorrect");
                        return BadRequest(ModelState);
                    }

                    IdentityResult result = await repo.ChangePasswordAsync(user, model.OldPassword, model.NewPassword);
                    if (!result.Succeeded)
                    {
                        foreach (string error in result.Errors)
                            ModelState.AddModelError(ModelStateType.ErrorList, error);

                        return BadRequest(ModelState);
                    }
                    return Ok();
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }