public async Task <IActionResult> Post([FromBody] RegistrationRequest request,
[FromServices] IAuthenticationManager authentication,
[FromServices] RemoteBillingService billingService,
[FromServices] IEmailConfirmationService emailConfirmationService,
[FromServices] ICryptoProviderService cryptoProvider)
{
try {
var value = Convert.FromBase64String(request.InitCms);
var xml = new UTF8Encoding(false).GetString(value);
var encrypted = XmlSerializationHelper.DeserializeFromXml <string>(xml);
var decrypted = AesHelper.Decrypt(encrypted);
var isValid = await cryptoProvider.VerifyCMSAsync(xml, request.SignedCms);
if (!isValid)
{
return(Json(ApiResponse.Failed(ApiErrorCode.ValidationError, "Сертификат не прошел проверку")));
}
var signUpDateTime = new DateTime(Convert.ToInt64(decrypted));
if ((DateTime.Now - signUpDateTime).Hours > 0)
{
return(Json(ApiResponse.Failed(ApiErrorCode.AuthenticationFailed, "С момента начала авторизации прошло больше часа")));
}
} catch {
return(Json(ApiResponse.Failed(ApiErrorCode.AuthenticationFailed, "Сбой дешифрации сообщения")));
}
await authentication.RegisterAsync(request, billingService);
string code;
long userId;
if (!request.InvitedUser)
{
using (var repository = new Repository <User>(_provider)) {
var user = repository.Get(x => x.UserName == request.UserAccount.Email).Single();
code = emailConfirmationService.GenerateEmailConfirmationToken(user);
repository.Update(user);
repository.Commit();
userId = user.Id;
}
var callbackUrl = Url.Action(
"ConfirmEmail",
"Registration",
new { userId = userId, code = code },
protocol: HttpContext.Request.Scheme);
callbackUrl = callbackUrl.Replace("api/Registration/ConfirmEmail", "auth/confirmemail");
emailConfirmationService.SendConfirmationUrl(request.UserAccount.Email, callbackUrl);
}
return(Json(ApiResponse.Success(true)));
}
public async Task <IActionResult> ForgotPassword([FromBody] ForgotPasswordRequest request, [FromServices] IEmailConfirmationService emailConfirmationService)
{
using (var repository = new Repository <User>(_provider)) {
var user = await repository.Get(x => x.UserName == request.Email).SingleOrDefaultAsync();
if (user == null)
{
return(Json(ApiResponse.Success("Ссылка для восстановления пароля была выслана на указанный e-mail")));
}
var code = emailConfirmationService.GenerateEmailConfirmationToken(user);
var callbackUrl = Url.Action(
"ResetPassword",
"Registration",
new { userId = user.Id, code = code },
protocol: HttpContext.Request.Scheme);
callbackUrl = callbackUrl.Replace("api/Registration/ResetPassword", "auth/resetpassword");
emailConfirmationService.SendForgotPasswordUrl(user.Email, callbackUrl);
return(Json(ApiResponse.Success("Ссылка для восстановления пароля была выслана на указанный e-mail")));
}
}