public async Task <RequestChangeEmailCommandResponse> Handle(RequestChangeEmailCommand message)
{
var validationResult = await _validator.ValidateAsync(message);
if (!validationResult.IsValid())
{
throw new InvalidRequestException(validationResult.ValidationDictionary);
}
var user = await _userRepository.GetById(message.UserId);
if (user == null)
{
throw new InvalidRequestException(new Dictionary <string, string> {
{ "", "Cannot find user" }
});
}
var securityCode = new Domain.SecurityCode
{
Code = _codeGenerator.GenerateAlphaNumeric(),
CodeType = Domain.SecurityCodeType.ConfirmEmailCode,
ExpiryTime = DateTime.UtcNow.AddDays(1),
ReturnUrl = message.ReturnUrl,
PendingValue = message.NewEmailAddress
};
user.AddSecurityCode(securityCode);
await _userRepository.Update(user);
await _communicationService.SendConfirmEmailChangeMessage(user, Guid.NewGuid().ToString());
await _auditService.WriteAudit(new RequestChangeEmailAuditMessage(user, securityCode));
return(new RequestChangeEmailCommandResponse()
{
SecurityCode = securityCode.Code
});
}
public async Task Handle(AccountLockedEvent notification)
{
if (notification.User == null)
{
_logger.Warn($"AccountLockedEvent: User was not set");
return;
}
_logger.Debug($"Handling AccountLockedEvent for user (id: {notification.User?.Id})");
var user = !string.IsNullOrEmpty(notification.User.Id)
? await _userRepository.GetById(notification.User.Id)
: await _userRepository.GetByEmailAddress(notification.User.Email);
if (user == null)
{
_logger.Debug($"Handling AccountLockedEvent for user '{notification.User?.Email}' (id: {notification.User?.Id})");
return;
}
var sendNotification = false;
var unlockCode = user.SecurityCodes?.OrderByDescending(sc => sc.ExpiryTime)
.FirstOrDefault(sc => sc.CodeType == Domain.SecurityCodeType.UnlockCode);
var useStaticCodeGenerator = ConfigurationManager.AppSettings["UseStaticCodeGenerator"].Equals("false", StringComparison.CurrentCultureIgnoreCase);
if (unlockCode == null)
{
_logger.Warn($"Could not generate new unlock code for null unlock code");
}
if (unlockCode != null && unlockCode.ExpiryTime >= DateTime.UtcNow)
{
_logger.Warn($"Could not generate new unlock code for un-expired code");
}
if (unlockCode != null && unlockCode.ExpiryTime < DateTime.UtcNow && useStaticCodeGenerator)
{
_logger.Warn($"Could not generate new unlock code: UseStaticCodeGenerator not equal to False");
}
if (unlockCode == null || unlockCode.ExpiryTime < DateTime.UtcNow &&
useStaticCodeGenerator)
{
unlockCode = new Domain.SecurityCode
{
Code = await GenerateCode(),
CodeType = Domain.SecurityCodeType.UnlockCode,
ExpiryTime = DateTime.UtcNow.AddDays(1),
ReturnUrl = notification.ReturnUrl ?? unlockCode.ReturnUrl
};
user.AddSecurityCode(unlockCode);
await _userRepository.Update(user);
_logger.Debug($"Generated new unlock code of '{unlockCode.Code}' for user '{user.Id}'");
sendNotification = true;
}
if (notification.ResendUnlockCode || sendNotification)
{
await _communicationService.SendAccountLockedMessage(user, Guid.NewGuid().ToString());
await _auditService.WriteAudit(new SendUnlockCodeAuditMessage(user, unlockCode));
}
}
