public ValidateResult Validate([FromBody] ValidateInput authInput)
{
if (this.ModelState.IsValid)
{
if (authInput == null)
{
throw HttpStatusCode.BadRequest.AsException();
}
var client = new RestClient(Config.SystemBehaviorConfig.ResgridBaseUrl);
var request = new RestRequest($"/CoreBridge/ValidateLogIn", Method.POST);
request.AddJsonBody(authInput);
var response = client.Execute <Model.Results.ValidateLogInResult>(request);
if (response.Data == null || !response.Data.Successful)
{
throw HttpStatusCode.Unauthorized.AsException();
}
var user = _usersService.GetUserByName(authInput.Usr);
Department department = _departmentsService.GetDepartmentForUser(authInput.Usr);
var result = new ValidateResult
{
Eml = user.Email,
Uid = user.Id,
Dnm = department.Name,
Did = department.DepartmentId
};
if (department.CreatedOn.HasValue)
{
result.Dcd = (department.CreatedOn.Value - new DateTime(1970, 1, 1).ToLocalTime()).TotalSeconds.ToString();
}
else
{
result.Dcd = new DateTime(1970, 1, 1).ToLocalTime().ToString();
}
result.Tkn = V3AuthToken.Create(authInput.Usr, department.DepartmentId);
result.Txd = DateTime.UtcNow.AddMonths(Config.SystemBehaviorConfig.APITokenMonthsTTL).ToShortDateString();
var profile = _userProfileService.GetProfileByUserId(user.Id);
result.Nme = profile.FullName.AsFirstNameLastName;
return(result);
}
throw HttpStatusCode.BadRequest.AsException();
}
public async Task <IActionResult> ForgotPassword(ForgotPasswordViewModel model)
{
if (ModelState.IsValid)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null || !(await _userManager.IsEmailConfirmedAsync(user)))
{
// Don't reveal that the user does not exist or is not confirmed
return(View("ForgotPasswordConfirmation"));
}
var profile = _userProfileService.GetProfileByUserId(user.Id);
var department = _departmentsService.GetDepartmentForUser(user.UserName);
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var newPassword = RandomGenerator.GenerateRandomString(6, 10, false, false, true, true, false, true, null);
var result = await _userManager.ResetPasswordAsync(user, token, newPassword);
if (result.Succeeded)
{
_emailService.SendPasswordResetEmail(user.Email, profile.FullName.AsFirstNameLastName, user.UserName, newPassword, department.Name);
}
return(View("ForgotPasswordConfirmation"));
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=532713
// Send an email with this link
//var code = await _userManager.GeneratePasswordResetTokenAsync(user);
//var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
//await _emailSender.SendEmailAsync(model.Email, "Reset Password",
// $"Please reset your password by clicking here: <a href='{callbackUrl}'>link</a>");
//return View("ForgotPasswordConfirmation");
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public override async Task <ClaimsPrincipal> CreateAsync(TUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
var userId = await UserManager.GetUserIdAsync(user);
var userName = await UserManager.GetUserNameAsync(user);
var profile = _userProfileService.GetProfileByUserId(userId);
var id = new ClaimsIdentity(
options.Cookies.ApplicationCookie.AuthenticationScheme,
Options.ClaimsIdentity.UserNameClaimType,
Options.ClaimsIdentity.RoleClaimType
);
id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId));
id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName));
if (UserManager.SupportsUserSecurityStamp)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType,
await UserManager.GetSecurityStampAsync(user)));
}
if (UserManager.SupportsUserRole)
{
var roles = await _claimsRepository.GetRolesAsync(user); // UserManager.GetRolesAsync(user);
foreach (var roleName in roles)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName));
}
}
ClaimsPrincipal principal = new ClaimsPrincipal(id);
if (principal.Identity is ClaimsIdentity)
{
ClaimsIdentity identity = (ClaimsIdentity)principal.Identity;
if (profile != null)
{
Claim displayNameClaim = new Claim("DisplayName", profile.FullName.AsFirstNameLastName);
if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value))
{
identity.AddClaim(displayNameClaim);
}
}
Claim emailClaim = new Claim(ClaimTypes.Email, user.Email);
if (!identity.HasClaim(emailClaim.Type, emailClaim.Value))
{
identity.AddClaim(emailClaim);
}
if (_usersService.IsUserInRole(user.Id, _usersService.AdminRoleId))
{
ClaimsLogic.AddSystemAdminClaims(id, userName, user.Id, "System Admin");
}
else if (_usersService.IsUserInRole(user.Id, _usersService.AffiliateRoleId))
{
ClaimsLogic.AddAffiliteClaims(id, userName,
user.Id, profile.FullName.AsFirstNameLastName);
}
else
{
var department = _departmentsService.GetDepartmentForUser(userName);
if (department == null)
{
return(null);
}
var group = _departmentGroupsService.GetGroupForUser(user.Id, department.DepartmentId);
var departmentAdmin = department.IsUserAnAdmin(user.Id);
var permissions = _permissionsService.GetAllPermissionsForDepartment(department.DepartmentId);
var roles = _personnelRolesService.GetRolesForUser(user.Id, department.DepartmentId);
ClaimsLogic.AddDepartmentClaim(id, department.DepartmentId,
departmentAdmin);
//ClaimsLogic.DepartmentName = department.Name;
DateTime signupDate;
if (department.CreatedOn.HasValue)
{
signupDate = department.CreatedOn.Value;
}
else
{
signupDate = DateTime.UtcNow;
}
//ClaimsLogic.DepartmentId = department.DepartmentId;
var name = user.UserName;
if (profile != null && !String.IsNullOrWhiteSpace(profile.LastName))
{
name = profile.FullName.AsFirstNameLastName;
}
ClaimsLogic.AddGeneralClaims(id, userName,
user.Id, name, department.DepartmentId, department.Name, user.Email,
signupDate);
bool isGroupAdmin = false;
if (group != null)
{
isGroupAdmin = group.IsUserGroupAdmin(user.Id);
}
if (departmentAdmin)
{
var groups = _departmentGroupsService.GetAllGroupsForDepartment(department.DepartmentId);
if (groups != null)
{
foreach (var departmentGroup in groups)
{
ClaimsLogic.AddGroupClaim(id, departmentGroup.DepartmentGroupId, true);
}
}
}
else
{
if (group != null)
{
ClaimsLogic.AddGroupClaim(id, group.DepartmentGroupId, isGroupAdmin);
}
}
ClaimsLogic.AddCallClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddActionClaims(id);
ClaimsLogic.AddLogClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddStaffingClaims(id);
ClaimsLogic.AddPersonnelClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddUnitClaims(id, departmentAdmin);
ClaimsLogic.AddUnitLogClaims(id);
ClaimsLogic.AddMessageClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddRoleClaims(id, departmentAdmin);
ClaimsLogic.AddProfileClaims(id);
ClaimsLogic.AddReportsClaims(id);
ClaimsLogic.AddGenericGroupClaims(id, departmentAdmin);
ClaimsLogic.AddDocumentsClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddNotesClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddScheduleClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddShiftClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddTrainingClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddPIIClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddInventoryClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddConnectClaims(id, departmentAdmin);
ClaimsLogic.AddCommandClaims(id, departmentAdmin);
ClaimsLogic.AddProtocolClaims(id, departmentAdmin);
}
}
return(principal);
}
private ClaimsPrincipal DressUpPrincipal(String userName)
{
if (String.IsNullOrWhiteSpace(userName))
{
return(null);
}
var identiy = new ResgridIdentity();
_usersService = ServiceLocator.Current.GetInstance <IUsersService>();
var user = _usersService.GetUserByName(userName);
if (user == null)
{
return(null);
}
_departmentsService = ServiceLocator.Current.GetInstance <IDepartmentsService>();
_departmentGroupsService = ServiceLocator.Current.GetInstance <IDepartmentGroupsService>();
_userProfileService = ServiceLocator.Current.GetInstance <IUserProfileService>();
_permissionsService = ServiceLocator.Current.GetInstance <IPermissionsService>();
_personnelRolesService = ServiceLocator.Current.GetInstance <IPersonnelRolesService>();
var profile = _userProfileService.GetProfileByUserId(user.UserId);
string fullName = String.Empty;
if (profile == null || String.IsNullOrWhiteSpace(profile.FirstName))
{
var pfile = ProfileBase.Create(user.UserName, true);
fullName = pfile.GetPropertyValue("Name").ToString();
}
else
{
fullName = string.Format("{0} {1}", profile.FirstName, profile.LastName);
}
identiy.FullName = fullName;
identiy.UserName = userName;
identiy.UserId = user.UserId;
if (_usersService.IsUserInRole(user.UserId, _usersService.AdminRoleId))
{
identiy.AddSystemAdminClaims(userName, user.UserId, fullName);
}
else if (_usersService.IsUserInRole(user.UserId, _usersService.AffiliateRoleId))
{
identiy.AddAffiliteClaims(userName, user.UserId, fullName);
}
else
{
var department = _departmentsService.GetDepartmentForUser(userName);
if (department == null)
{
return(null);
}
var group = _departmentGroupsService.GetGroupForUser(user.UserId, department.DepartmentId);
var departmentAdmin = department.IsUserAnAdmin(user.UserId);
var permissions = _permissionsService.GetAllPermissionsForDepartment(department.DepartmentId);
var roles = _personnelRolesService.GetRolesForUser(user.UserId, department.DepartmentId);
identiy.AddDepartmentClaim(department.DepartmentId, departmentAdmin);
identiy.DepartmentName = department.Name;
DateTime signupDate;
if (department.CreatedOn.HasValue)
{
signupDate = department.CreatedOn.Value;
}
else
{
signupDate = DateTime.UtcNow;
}
identiy.DepartmentId = department.DepartmentId;
string email = String.Empty;
if (profile != null && !String.IsNullOrWhiteSpace(profile.MembershipEmail))
{
email = profile.MembershipEmail;
}
else if (!String.IsNullOrWhiteSpace(user.Email))
{
email = user.Email;
}
identiy.AddGeneralClaims(userName, user.UserId, fullName, department.DepartmentId, department.Name, email, signupDate);
bool isGroupAdmin = false;
if (group != null)
{
isGroupAdmin = group.IsUserGroupAdmin(user.UserId);
}
if (departmentAdmin)
{
var groups = _departmentGroupsService.GetAllGroupsForDepartment(department.DepartmentId);
if (groups != null)
{
foreach (var departmentGroup in groups)
{
identiy.AddGroupClaim(departmentGroup.DepartmentGroupId, true);
}
}
}
else
{
if (group != null)
{
identiy.AddGroupClaim(group.DepartmentGroupId, isGroupAdmin);
}
}
identiy.AddCallClaims(departmentAdmin, permissions, isGroupAdmin, roles);
identiy.AddActionClaims();
identiy.AddLogClaims(departmentAdmin, permissions, isGroupAdmin, roles);
identiy.AddStaffingClaims();
identiy.AddPersonnelClaims(departmentAdmin);
identiy.AddUnitClaims(departmentAdmin);
identiy.AddUnitLogClaims();
identiy.AddMessageClaims();
identiy.AddRoleClaims(departmentAdmin);
identiy.AddProfileClaims();
identiy.AddReportsClaims();
identiy.AddGenericGroupClaims(departmentAdmin);
identiy.AddDocumentsClaims(departmentAdmin, permissions, isGroupAdmin, roles);
identiy.AddNotesClaims(departmentAdmin, permissions, isGroupAdmin, roles);
identiy.AddScheduleClaims(departmentAdmin, permissions, isGroupAdmin, roles);
identiy.AddShiftClaims(departmentAdmin, permissions, isGroupAdmin, roles);
identiy.AddTrainingClaims(departmentAdmin, permissions, isGroupAdmin, roles);
identiy.AddPIIClaims(departmentAdmin, permissions, isGroupAdmin, roles);
identiy.AddInventoryClaims(departmentAdmin, permissions, isGroupAdmin, roles);
}
return(new ClaimsPrincipal(identiy));
}
