public IActionResult VerifyEmailPost(VerifyEmailChangeViewModel viewModel) { ChangeEmailVerificationToken changeEmailToken = Encryption.DecryptModel <ChangeEmailVerificationToken>(viewModel.Code); if (TokenHasExpired(changeEmailToken)) { string error = "Your email verification link has expired. Please go to My Account and start the email change process again."; return(View("VerifyEmailError", error)); } User user = dataRepository.Get <User>(changeEmailToken.UserId); viewModel.User = user; viewModel.NewEmailAddress = changeEmailToken.NewEmailAddress; // Check if the user has entered a password (they might have left this field blank) viewModel.ParseAndValidateParameters(Request, m => m.Password); if (viewModel.HasAnyErrors()) { return(View("VerifyEmail", viewModel)); } if (!userRepository.CheckPassword(user, viewModel.Password)) { viewModel.AddErrorFor(m => m.Password, "Incorrect password"); return(View("VerifyEmail", viewModel)); } if (OtherUserWithThisEmailAddressAlreadyExists(viewModel.NewEmailAddress)) { string error = "This email address is already taken by another account."; return(View("VerifyEmailError", error)); } string oldEmailAddress = user.EmailAddress; userRepository.UpdateEmail(user, changeEmailToken.NewEmailAddress); NotifyBothOldAndNewEmailAddressesThatEmailAddressHasBeenChanged(oldEmailAddress, changeEmailToken.NewEmailAddress); return(View("ChangeEmailComplete", changeEmailToken.NewEmailAddress)); }
private bool IsReferrerChangeEmailVerification(AuthorizationRequest authRequest, out ChangeEmailVerificationToken changeEmailToken) { // Check if the referring url is an email change verification var referrerPathAndQuery = authRequest.Parameters["Referrer"]; if (referrerPathAndQuery != null && referrerPathAndQuery.StartsWith("/manage-account/complete-change-email")) { var query = referrerPathAndQuery.AfterFirst("?"); var queryDict = HttpUtility.ParseQueryString(query); var code = queryDict["code"]; changeEmailToken = Encryption.DecryptModel <ChangeEmailVerificationToken>(code); return(true); } changeEmailToken = null; return(false); }
public IActionResult VerifyEmailGet(string code) { ChangeEmailVerificationToken changeEmailToken = Encryption.DecryptModel <ChangeEmailVerificationToken>(code); if (TokenHasExpired(changeEmailToken)) { string error = "Your email verification link has expired. Please go to My Account and start the email change process again."; return(View("VerifyEmailError", error)); } User user = dataRepository.Get <User>(changeEmailToken.UserId); var viewModel = new VerifyEmailChangeViewModel { User = user, Code = code, NewEmailAddress = changeEmailToken.NewEmailAddress }; return(View("VerifyEmail", viewModel)); }
private static bool TokenHasExpired(ChangeEmailVerificationToken changeEmailToken) { DateTime verifyExpiryDate = changeEmailToken.TokenTimestamp.AddDays(Global.EmailVerificationExpiryDays); return(verifyExpiryDate < VirtualDateTime.Now); }