public async Task <bool> UpdateProfileAsync(IFormCollection formData) { var loggedInUserId = GetLoggedInUserId(); var user = await _userManager.FindByIdAsync(loggedInUserId); if (user == null) { return(false); } if (user.UserName != _cookieSvc.Get("username") || user.UserName != formData["username"].ToString() || user.Email != formData["email"].ToString()) { return(false); } try { Activity activityModel = new Activity { UserId = user.Id }; await UpdateProfilePicAsync(formData, user); user.Firstname = formData["firstname"]; user.Birthday = formData["birthdate"]; user.Lastname = formData["lastname"]; user.Middlename = formData["middlename"]; user.DisplayName = formData["displayname"]; user.PhoneNumber = formData["phone"]; user.Gender = formData["gender"]; user.TwoFactorEnabled = Convert.ToBoolean(formData["IsTwoFactorOn"]); /* If Addresses exist we update them => If Addresses do not exist we add them */ await InsertOrUpdateAddress(user.Id, "Shipping", formData["saddress1"], formData["saddress2"], formData["scountry"], formData["sstate"], formData["scity"], formData["spostalcode"], formData["sunit"]); await InsertOrUpdateAddress(user.Id, "Billing", formData["address1"], formData["address2"], formData["country"], formData["state"], formData["city"], formData["postalcode"], formData["unit"]); await _userManager.UpdateAsync(user); activityModel.Date = DateTime.UtcNow; activityModel.IpAddress = _cookieSvc.GetUserIP(); activityModel.Location = _cookieSvc.GetUserCountry(); activityModel.OperatingSystem = _cookieSvc.GetUserOS(); activityModel.Type = "Profile update successful"; activityModel.Icon = "fas fa-thumbs-up"; activityModel.Color = "success"; await _activitySvc.AddUserActivity(activityModel); return(true); } catch (Exception ex) { Log.Error("An error occurred while updating profile {Error} {StackTrace} {InnerException} {Source}", ex.Message, ex.StackTrace, ex.InnerException, ex.Source); } return(false); }
public async Task <IActionResult> ChangePassword([FromBody] ResetPasswordViewModel model) { if (string.IsNullOrEmpty(model.OldPassword)) { return(BadRequest("Old Password must be supplied for password change.")); } if (!ModelState.IsValid) { return(BadRequest(model)); } var user = await _userSvc.GetUserProfileByEmailAsync(model.Email); if (user == null) { // Don't reveal that the user does not exist return(Ok(new { message = "Password changed Successfully" })); } if (!await _userSvc.CheckPasswordAsync(user, model.OldPassword)) { // Notify attempt was made - to change password failed ActivityModel activityModel = new ActivityModel { UserId = user.UserId, Date = DateTime.UtcNow, IpAddress = _cookieSvc.GetUserIP(), Location = _cookieSvc.GetUserCountry(), OperatingSystem = _cookieSvc.GetUserOS(), Type = "Profile update failed - Invalid Old Password", Icon = "fas fa-exclamation-triangle", Color = "warning" }; var activityAdd = await _userSvc.AddUserActivity(activityModel); return(BadRequest(new { message = "Invalid Old Password" })); } var result = await _userSvc.ChangePasswordAsync(user, model.Password); if (result) { return(Ok(new { message = "Password changed Successfully" })); } return(BadRequest(new { message = "Password could not be Changed. Try again later" })); }
public async Task <bool> UpdateProfileAsync(string userId, IFormCollection formData) { Activity activityModel = new Activity(); IdentityResult result = new IdentityResult(); IdentityResult removeResult = new IdentityResult(); try { var loggedInUserId = await GetLoggedInUserId(); if (loggedInUserId != null) { var user = await _userManager.FindByIdAsync(userId); var oldRole = user.UserRole; if (user == null) { return(false); } await UpdateProfilePicAsync(formData, user); user.UserRole = formData["UserRole"]; user.Email = formData["Email"]; user.Firstname = formData["FirstName"]; user.Birthday = formData["Birthday"]; user.Lastname = formData["LastName"]; user.Middlename = formData["MiddleName"]; user.DisplayName = formData["DisplayName"]; user.PhoneNumber = formData["Phone"]; user.Gender = formData["Gender"]; user.TwoFactorEnabled = Convert.ToBoolean(Convert.ToInt32(formData["IsTwoFactorOn"])); user.EmailConfirmed = Convert.ToBoolean(Convert.ToInt32(formData["IsEmailVerified"])); user.PhoneNumberConfirmed = Convert.ToBoolean(Convert.ToInt32(formData["IsPhoneVerified"])); user.IsEmployee = Convert.ToBoolean(Convert.ToInt32(formData["IsEmployee"])); user.LockoutEnabled = Convert.ToBoolean(Convert.ToInt32(formData["IsAccountLocked"])); /* If Addresses exist we update them => If Addresses do not exist we add them */ await InsertOrUpdateAddress(user.Id, "Shipping", formData["ShippingAddress.Line1"], formData["ShippingAddress.Line2"], formData["ShippingAddress.Country"], formData["ShippingAddress.State"], formData["ShippingAddress.City"], formData["ShippingAddress.PostalCode"], formData["ShippingAddress.Unit"]); await InsertOrUpdateAddress(user.Id, "Billing", formData["BillingAddress.Line1"], formData["BillingAddress.Line2"], formData["BillingAddress.Country"], formData["BillingAddress.State"], formData["BillingAddress.City"], formData["BillingAddress.PostalCode"], formData["BillingAddress.Unit"]); result = await _userManager.UpdateAsync(user); if (result.Succeeded) { removeResult = await _userManager.RemoveFromRoleAsync(user, oldRole); if (removeResult.Succeeded) { await _userManager.AddToRoleAsync(user, user.UserRole); } } activityModel.Date = DateTime.UtcNow; activityModel.IpAddress = _cookieSvc.GetUserIP(); activityModel.Location = _cookieSvc.GetUserCountry(); activityModel.OperatingSystem = _cookieSvc.GetUserOS(); activityModel.Type = "Profile update successful"; activityModel.Icon = "fas fa-thumbs-up"; activityModel.Color = "success"; await _activitySvc.AddUserActivity(activityModel); return(true); } } catch (Exception ex) { Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}", ex.Message, ex.StackTrace, ex.InnerException, ex.Source); } return(false); }
public async Task <TokenResponse> Auth(LoginViewModel model) { Activity userActivity = new Activity(); userActivity.IpAddress = _cookieSvc.GetUserIP(); userActivity.Date = DateTime.UtcNow; userActivity.Location = _cookieSvc.GetUserCountry(); userActivity.OperatingSystem = _cookieSvc.GetUserOS(); try { var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { return(CreateErrorResponseToken("Request not supported", HttpStatusCode.Unauthorized)); } var roles = await _userManager.GetRolesAsync(user); //Continue to complete the activity userActivity.UserId = user.Id; if (roles.FirstOrDefault() != "Administrator") { userActivity.Type = "Unauthorized Login-User is not Admin"; userActivity.Icon = "fas fa-user-secret"; userActivity.Color = "danger"; await _activitySvc.AddUserActivity(userActivity); Log.Error("role is not administrator"); return(CreateErrorResponseToken("role is not admin", HttpStatusCode.Unauthorized)); } //check password if (!await _userManager.CheckPasswordAsync(user, model.Password)) { userActivity.Type = " Login attempt failed--password incorrect"; userActivity.Icon = "fas fa-user-circle"; userActivity.Color = "danger"; await _activitySvc.AddUserActivity(userActivity); Log.Error("incorrect password"); return(CreateErrorResponseToken("password is incorrect", HttpStatusCode.Unauthorized)); } if (!await _userManager.IsEmailConfirmedAsync(user)) { userActivity.Type = "Login Attempt success- email was not confirmed"; userActivity.Icon = "fas fa-user-envelope"; userActivity.Color = "warning"; await _activitySvc.AddUserActivity(userActivity); Log.Error("Email is not confirmed"); return(CreateErrorResponseToken("Email not confirmed", HttpStatusCode.Unauthorized)); } var authToken = await GenerateNewToken(user, model); userActivity.Type = "Login successfully"; userActivity.Icon = "fas fa-thumbs-up"; userActivity.Color = "success"; await _activitySvc.AddUserActivity(userActivity); return(authToken); } catch (Exception ex) { Log.Error("Error while creating user {Error} {StackTrace} {InnerException} {Source}", ex.Message, ex.StackTrace, ex.InnerException, ex.Source); //return await Task.FromResult(AuthenticateResult.Fail("Failed to authenticate")); } return(CreateErrorResponseToken("Request not supported", HttpStatusCode.Unauthorized)); //await Task.CompletedTask; }
// Will be used for authenticating the Admin public async Task <TokenResponseModel> Auth(LoginViewModel model) { ActivityModel activityModel = new ActivityModel(); activityModel.Date = DateTime.UtcNow; activityModel.IpAddress = _cookieSvc.GetUserIP(); activityModel.Location = _cookieSvc.GetUserCountry(); activityModel.OperatingSystem = _cookieSvc.GetUserOS(); try { // Get the User from Database var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); } // Get the role of the user - validate if he is admin - dont bother to go ahead if returned false var roles = await _userManager.GetRolesAsync(user); if (roles.FirstOrDefault() != "Administrator") { activityModel.UserId = user.Id; activityModel.Type = "Un-Authorized Login attempt"; activityModel.Icon = "fas fa-user-secret"; activityModel.Color = "danger"; await _activitySvc.AddUserActivity(activityModel); Log.Error("Error : Role Not Admin"); return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); } // If user is admin continue to execute the code if (!await _userManager.CheckPasswordAsync(user, model.Password)) { activityModel.UserId = user.Id; activityModel.Type = "Login attempt failed"; activityModel.Icon = "far fa-times-circle"; activityModel.Color = "danger"; await _activitySvc.AddUserActivity(activityModel); Log.Error("Error : Invalid Password for Admin"); return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); } // Then Check If Email Is confirmed if (!await _userManager.IsEmailConfirmedAsync(user)) { activityModel.Type = "Login attempt Success - Email Not Verified"; activityModel.UserId = user.Id; activityModel.Icon = "far fa-envelope"; activityModel.Color = "warning"; await _activitySvc.AddUserActivity(activityModel); Log.Error("Error : Email Not Confirmed for {user}", user.UserName); return(CreateErrorResponseToken("Email Not Confirmed", HttpStatusCode.Unauthorized)); } activityModel.UserId = user.Id; activityModel.Type = "Login attempt successful"; activityModel.Icon = "fas fa-thumbs-up"; activityModel.Color = "success"; await _activitySvc.AddUserActivity(activityModel); var authToken = await GenerateNewToken(user, model); return(authToken); } catch (Exception ex) { Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}", ex.Message, ex.StackTrace, ex.InnerException, ex.Source); } return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); }
// Will be used for authenticating the Admin public async Task <TokenResponseModel> Auth(LoginViewModel model) { ActivityModel activityModel = new ActivityModel { Date = DateTime.UtcNow, IpAddress = _cookieSvc.GetUserIP(), Location = _cookieSvc.GetUserCountry(), OperatingSystem = _cookieSvc.GetUserOS() }; try { var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); } activityModel.UserId = user.Id; var roles = await _userManager.GetRolesAsync(user); if (roles.FirstOrDefault() != "Administrator") { activityModel.Type = "Un-Authorized Login attempt"; activityModel.Icon = "fas fa-user-secret"; activityModel.Color = "danger"; await _activitySvc.AddUserActivity(activityModel); Log.Error("Error: Role is not Admin"); return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); } if (!await _userManager.CheckPasswordAsync(user, model.Password)) { activityModel.Type = "Login attempt failed"; activityModel.Icon = "far fa-times-circle"; activityModel.Color = "danger"; await _activitySvc.AddUserActivity(activityModel); Log.Error("Error: Invalid Password for Admin"); return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); } if (!await _userManager.IsEmailConfirmedAsync(user)) { activityModel.Type = "Login attempt Success - Email Not Verified"; activityModel.Icon = "far fa-envelop"; activityModel.Color = "warning"; await _activitySvc.AddUserActivity(activityModel); Log.Error("Error: Email Not Confirmed for {user}", user.UserName); return(CreateErrorResponseToken("Email Not Confirmed", HttpStatusCode.Unauthorized)); } var authToken = await GenerateNewToken(user, model); activityModel.Type = "Login attempt Success"; activityModel.Icon = "fas fa-thumbs-up"; activityModel.Color = "success"; await _activitySvc.AddUserActivity(activityModel); return(authToken); } catch (Exception ex) { Log.Error("An error occured while authenticating {Error} {StackTrace} {InnerException} {Source}", ex.Message, ex.StackTrace, ex.InnerException, ex.Source); } return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized)); }