public virtual async Task <IActionResult> ChangeUserEmail(ChangeUserEmailViewModel model)
{
ModelState.Clear();
var user = await UserManager.FindByIdAsync(HttpContext.User.GetUserId());
if (user == null)
{
return(NotFound($"Unable to load user with ID '{UserManager.GetUserId(User)}'."));
}
var requirePassword = await UserManager.HasPasswordAsync(user);
model.HasPassword = requirePassword;
model.AccountApproved = user.AccountApproved;
model.CurrentEmail = user.Email;
model.AllowUserToChangeEmail = CurrentSite.AllowUserToChangeEmail;
model.EmailIsConfigured = await SiteCapabilities.SupportsEmailNotification(CurrentSite);
model.RequireConfirmedEmail = CurrentSite.RequireConfirmedEmail;
if (requirePassword)
{
if (string.IsNullOrWhiteSpace(model.Password))
{
ModelState.AddModelError(string.Empty, "Password is required");
return(View(model));
}
if (!await UserManager.CheckPasswordAsync(user, model.Password))
{
ModelState.AddModelError(string.Empty, "Password not correct.");
model.Password = "";
return(View(model));
}
}
if (!model.AccountApproved)
{
this.AlertDanger(StringLocalizer["This user account is not currently approved."]);
return(View(model));
}
if (!model.AllowUserToChangeEmail)
{
this.AlertDanger(StringLocalizer["Site is not configured to allow email changing."]);
return(View(model));
}
// Note - need to check the behaviour of this in related sites mode
if (await UserManager.EmailExistsInDB(CurrentSite.Id, model.NewEmail))
{
this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."]);
return(View(model));
}
var token = await UserManager.GenerateChangeEmailTokenAsync(user, model.NewEmail);
var siteUrl = Url.Action(new UrlActionContext
{
Action = "Index",
Controller = "Home",
Protocol = HttpContext.Request.Scheme
});
if (!model.RequireConfirmedEmail)
{
// no need for round-trip email confirmation
try
{
var success = await EmailChangeHandler.HandleEmailChangeWithoutUserConfirmation(model, user, token, siteUrl);
if (success)
{
this.AlertSuccess(model.SuccessNotification, true);
}
else
{
this.AlertDanger(model.SuccessNotification, true);
}
}
catch (Exception ex)
{
this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."], true);
Log.LogError(ex, $"Unexpected error occurred changing email address for user ID '{user.Id}'.");
}
}
else
{
// send token in confirmation email
try
{
var confirmationUrl = Url.Action(new UrlActionContext
{
Action = "ConfirmEmailChange",
Controller = "Manage",
Values = new { userId = user.Id.ToString(), newEmail = model.NewEmail, code = token },
Protocol = HttpContext.Request.Scheme
});
var success = await EmailChangeHandler.HandleEmailChangeWithUserConfirmation(model, user, token, confirmationUrl, siteUrl);
if (success)
{
this.AlertSuccess(model.SuccessNotification, true);
return(View("EmailChangeConfirmationSent", model));
}
else
{
this.AlertDanger(model.SuccessNotification, true);
}
}
catch (Exception ex)
{
this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."], true);
Log.LogError(ex, $"Unexpected error occurred sending email change confirmation for user ID '{user.Id}'.");
}
}
return(await Index()); // Route back to Index Page, taking toast alerts along
}