public async Task <ActionResult <ValidateResult> > Validate([FromBody] ValidateInput authInput)
{
if (this.ModelState.IsValid)
{
if (authInput == null)
{
return(BadRequest());
}
var signInResult = await _signInManager.PasswordSignInAsync(authInput.Usr, authInput.Pass, true, lockoutOnFailure : false);
if (signInResult.Succeeded)
{
if (await _usersService.DoesUserHaveAnyActiveDepartments(authInput.Usr))
{
var user = await _usersService.GetUserByNameAsync(authInput.Usr);
Department department = await _departmentsService.GetDepartmentForUserAsync(authInput.Usr);
var result = new ValidateResult
{
Eml = user.Email,
Uid = user.Id,
Dnm = department.Name,
Did = department.DepartmentId
};
if (department.CreatedOn.HasValue)
{
result.Dcd = (department.CreatedOn.Value - new DateTime(1970, 1, 1).ToLocalTime())
.TotalSeconds.ToString();
}
else
{
result.Dcd = new DateTime(1970, 1, 1).ToLocalTime().ToString();
}
result.Tkn = V3AuthToken.Create(authInput.Usr, department.DepartmentId);
result.Txd = DateTime.UtcNow.AddMonths(Config.SystemBehaviorConfig.APITokenMonthsTTL)
.ToShortDateString();
var profile = await _userProfileService.GetProfileByUserIdAsync(user.Id);
result.Nme = profile.FullName.AsFirstNameLastName;
return(result);
}
}
}
return(BadRequest());
}
public async Task <IActionResult> ForgotPassword(ForgotPasswordViewModel model, CancellationToken cancellationToken)
{
model.SiteKey = WebConfig.RecaptchaPublicKey;
if (ModelState.IsValid)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null || !(await _userManager.IsEmailConfirmedAsync(user)))
{
// Don't reveal that the user does not exist or is not confirmed
return(View("ForgotPasswordConfirmation"));
}
var profile = await _userProfileService.GetProfileByUserIdAsync(user.Id);
var department = await _departmentsService.GetDepartmentForUserAsync(user.UserName);
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var newPassword = RandomGenerator.GenerateRandomString(6, 8, false, false, true, true, false, true, null);
var result = await _userManager.ResetPasswordAsync(user, token, newPassword);
if (result.Succeeded)
{
await _emailService.SendPasswordResetEmail(user.Email, profile.FullName.AsFirstNameLastName, user.UserName, newPassword, department.Name);
}
return(View("ForgotPasswordConfirmation"));
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=532713
// Send an email with this link
//var code = await _userManager.GeneratePasswordResetTokenAsync(user);
//var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
//await _emailSender.SendEmailAsync(model.Email, "Reset Password",
// $"Please reset your password by clicking here: <a href='{callbackUrl}'>link</a>");
//return View("ForgotPasswordConfirmation");
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public override async Task <ClaimsPrincipal> CreateAsync(TUser user)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
var userId = await UserManager.GetUserIdAsync(user);
var userName = await UserManager.GetUserNameAsync(user);
var profile = await _userProfileService.GetProfileByUserIdAsync(userId);
var id = new ClaimsIdentity(
CookieAuthenticationDefaults.AuthenticationScheme,
Options.ClaimsIdentity.UserNameClaimType,
Options.ClaimsIdentity.RoleClaimType
);
id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId));
id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName));
if (UserManager.SupportsUserSecurityStamp)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType,
await UserManager.GetSecurityStampAsync(user)));
}
if (UserManager.SupportsUserRole)
{
var roles = await _claimsRepository.GetRolesAsync(user);
foreach (var roleName in roles)
{
id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName));
}
}
ClaimsPrincipal principal = new ClaimsPrincipal(id);
if (principal.Identity is ClaimsIdentity)
{
ClaimsIdentity identity = (ClaimsIdentity)principal.Identity;
if (profile != null)
{
Claim displayNameClaim = new Claim("DisplayName", profile.FullName.AsFirstNameLastName);
if (!identity.HasClaim(displayNameClaim.Type, displayNameClaim.Value))
{
identity.AddClaim(displayNameClaim);
}
}
Claim emailClaim = new Claim(ClaimTypes.Email, user.Email);
if (!identity.HasClaim(emailClaim.Type, emailClaim.Value))
{
identity.AddClaim(emailClaim);
}
if (_usersService.IsUserInRole(user.Id, _usersService.AdminRoleId))
{
ClaimsLogic.AddSystemAdminClaims(id, userName, user.Id, "System Admin");
}
else if (_usersService.IsUserInRole(user.Id, _usersService.AffiliateRoleId))
{
ClaimsLogic.AddAffiliteClaims(id, userName,
user.Id, profile.FullName.AsFirstNameLastName);
}
else
{
var department = await _departmentsService.GetDepartmentForUserAsync(userName);
if (department == null)
{
return(null);
}
var group = await _departmentGroupsService.GetGroupForUserAsync(user.Id, department.DepartmentId);
var departmentAdmin = department.IsUserAnAdmin(user.Id);
var permissions = await _permissionsService.GetAllPermissionsForDepartmentAsync(department.DepartmentId);
var roles = await _personnelRolesService.GetRolesForUserAsync(user.Id, department.DepartmentId);
ClaimsLogic.AddDepartmentClaim(id, department.DepartmentId,
departmentAdmin);
//ClaimsLogic.DepartmentName = department.Name;
DateTime signupDate;
if (department.CreatedOn.HasValue)
{
signupDate = department.CreatedOn.Value;
}
else
{
signupDate = DateTime.UtcNow;
}
//ClaimsLogic.DepartmentId = department.DepartmentId;
var name = user.UserName;
if (profile != null && !String.IsNullOrWhiteSpace(profile.LastName))
{
name = profile.FullName.AsFirstNameLastName;
}
ClaimsLogic.AddGeneralClaims(id, userName,
user.Id, name, department.DepartmentId, department.Name, user.Email,
signupDate);
bool isGroupAdmin = false;
if (group != null)
{
isGroupAdmin = group.IsUserGroupAdmin(user.Id);
}
if (departmentAdmin)
{
var groups = await _departmentGroupsService.GetAllGroupsForDepartmentAsync(department.DepartmentId);
if (groups != null)
{
foreach (var departmentGroup in groups)
{
ClaimsLogic.AddGroupClaim(id, departmentGroup.DepartmentGroupId, true);
}
}
}
else
{
if (group != null)
{
ClaimsLogic.AddGroupClaim(id, group.DepartmentGroupId, isGroupAdmin);
}
}
ClaimsLogic.AddCallClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddActionClaims(id);
ClaimsLogic.AddLogClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddStaffingClaims(id);
ClaimsLogic.AddPersonnelClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddUnitClaims(id, departmentAdmin);
ClaimsLogic.AddUnitLogClaims(id);
ClaimsLogic.AddMessageClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddRoleClaims(id, departmentAdmin);
ClaimsLogic.AddProfileClaims(id);
ClaimsLogic.AddReportsClaims(id);
ClaimsLogic.AddGenericGroupClaims(id, departmentAdmin);
ClaimsLogic.AddDocumentsClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddNotesClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddScheduleClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddShiftClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddTrainingClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddPIIClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddInventoryClaims(id, departmentAdmin, permissions, isGroupAdmin, roles);
ClaimsLogic.AddConnectClaims(id, departmentAdmin);
ClaimsLogic.AddCommandClaims(id, departmentAdmin);
ClaimsLogic.AddProtocolClaims(id, departmentAdmin);
}
}
return(principal);
}