public async Task ExecuteAsync(UpdateCurrentUserPasswordCommand command, IExecutionContext executionContext)
{
_permissionValidationService.EnforceIsSignedIn(executionContext.UserContext);
var user = await GetUser(executionContext);
EntityNotFoundException.ThrowIfNull(user, executionContext.UserContext.UserId);
await ValidateMaxAuthenticationAttemptsNotExceededAsync(user, executionContext);
await AuthenticateAsync(command, user);
await ValidatePasswordAsync(command, user, executionContext);
_passwordUpdateCommandHelper.UpdatePassword(command.NewPassword, user, executionContext);
_userSecurityStampUpdateHelper.Update(user);
using (var scope = _domainRepository.Transactions().CreateScope())
{
await _dbContext.SaveChangesAsync();
await _domainRepository
.WithContext(executionContext)
.ExecuteCommandAsync(new InvalidateAuthorizedTaskBatchCommand(user.UserId, UserAccountRecoveryAuthorizedTaskType.Code));
await _passwordUpdateCommandHelper.SendPasswordChangedNotification(user);
scope.QueueCompletionTask(() => OnTransactionComplete(user));
await scope.CompleteAsync();
}
}
public async Task ExecuteAsync(UpdateUserPasswordByUserIdCommand command, IExecutionContext executionContext)
{
ValidatePermissions(executionContext);
var user = await GetUserAsync(command.UserId);
await ValidatePasswordAsync(command, user, executionContext);
_passwordUpdateCommandHelper.UpdatePassword(command.NewPassword, user, executionContext);
_userSecurityStampUpdateHelper.Update(user);
using (var scope = _domainRepository.Transactions().CreateScope())
{
await _dbContext.SaveChangesAsync();
// Typically we only invalidate when the current user changes their password, but we
// can't be certain of the origin of the request here, so invalidate them anyway.
await _domainRepository
.WithContext(executionContext)
.ExecuteCommandAsync(new InvalidateAuthorizedTaskBatchCommand(user.UserId, UserAccountRecoveryAuthorizedTaskType.Code));
scope.QueueCompletionTask(() => OnTransactionComplete(user));
await scope.CompleteAsync();
}
}
public async Task ExecuteAsync(ResetUserPasswordCommand command, IExecutionContext executionContext)
{
var user = await GetUserAsync(command.UserId);
await ValidatePermissionsAsync(user, executionContext);
ValidateUserArea(user.UserAreaCode);
var options = _userAreaDefinitionRepository.GetOptionsByCode(user.UserAreaCode);
var temporaryPassword = _passwordGenerationService.Generate(options.Password.MinLength);
var hashResult = _passwordCryptographyService.CreateHash(temporaryPassword);
user.Password = hashResult.Hash;
user.PasswordHashVersion = hashResult.HashVersion;
user.RequirePasswordChange = true;
user.LastPasswordChangeDate = executionContext.ExecutionDate;
_userSecurityStampUpdateHelper.Update(user);
using (var scope = _domainRepository.Transactions().CreateScope())
{
await _dbContext.SaveChangesAsync();
await SendNotificationAsync(user, temporaryPassword, executionContext);
scope.QueueCompletionTask(() => OnTransactionComplete(user));
await scope.CompleteAsync();
}
}
public async Task ExecuteAsync(UpdateCurrentUserCommand command, IExecutionContext executionContext)
{
_permissionValidationService.EnforceIsSignedIn(executionContext.UserContext);
var userId = executionContext.UserContext.UserId.Value;
var user = await _dbContext
.Users
.FilterCanSignIn()
.FilterById(userId)
.SingleOrDefaultAsync();
EntityNotFoundException.ThrowIfNull(user, userId);
var updateResult = await _userUpdateCommandHelper.UpdateEmailAndUsernameAsync(command.Email, command.Username, user, executionContext);
UpdateName(command, user);
user.FirstName = command.FirstName?.Trim();
user.LastName = command.LastName?.Trim();
if (updateResult.HasUpdate())
{
_userSecurityStampUpdateHelper.Update(user);
}
using (var scope = _domainRepository.Transactions().CreateScope())
{
await _dbContext.SaveChangesAsync();
// Here we could assume that reset requests only need invalidating if the contact email changes, but if the
// user is updating their account details, then we could also assume that old requests are stale anyway.
await _domainRepository
.WithContext(executionContext)
.ExecuteCommandAsync(new InvalidateAuthorizedTaskBatchCommand(userId, UserAccountRecoveryAuthorizedTaskType.Code));
scope.QueueCompletionTask(() => OnTransactionComplete(user, updateResult));
await scope.CompleteAsync();
}
}
private void UpdatePassword(User user, CompleteUserAccountRecoveryViaEmailCommand command, IExecutionContext executionContext)
{
_passwordUpdateCommandHelper.UpdatePassword(command.NewPassword, user, executionContext);
_userSecurityStampUpdateHelper.Update(user);
}
