public Candidate AuthenticateCandidate(string username, string password) { var user = _userReadRepository.Get(username, false); if (user != null) { user.AssertState("Authenticate user", UserStatuses.Active, UserStatuses.PendingActivation, UserStatuses.Locked); if (_authenticationService.AuthenticateUser(user.EntityId, password)) { var candidate = _candidateReadRepository.Get(user.EntityId); if (user.LoginIncorrectAttempts > 0) { user.SetStateActive(); _userWriteRepository.Save(user); } return(candidate); } RegisterFailedLogin(user); } return(null); }
public void ResetForgottenPassword(string username, string passwordCode, string newPassword) { var user = _userReadRepository.Get(username); var candidate = _candidateReadRepository.Get(user.EntityId); if (user.PasswordResetCode != null && user.PasswordResetCode.Equals(passwordCode, StringComparison.CurrentCultureIgnoreCase)) { if (user.PasswordResetCodeExpiry != null && DateTime.UtcNow > user.PasswordResetCodeExpiry) { throw new CustomException("Password reset code has expired.", Interfaces.Users.ErrorCodes.UserPasswordResetCodeExpiredError); } _authenticationService.ResetUserPassword(user.EntityId, newPassword); user.SetStateActive(); user.LastLogin = DateTime.UtcNow; _userWriteRepository.Save(user); _serviceBus.PublishMessage(new CandidateUserUpdate(user.EntityId, CandidateUserUpdateType.Update)); _auditRepository.Audit(user, AuditEventTypes.UserResetPassword, user.EntityId); SendPasswordResetConfirmationMessage(candidate); } else { RegisterFailedPasswordReset(user); throw new CustomException("Password reset code \"{0}\" is invalid for user \"{1}\"", Interfaces.Users.ErrorCodes.UserPasswordResetCodeIsInvalid, passwordCode, username); } }
public Candidate AuthenticateCandidate(string username, string password) { var user = _userReadRepository.Get(username, false); if (user != null) { user.AssertState("Authenticate user", UserStatuses.Active, UserStatuses.PendingActivation, UserStatuses.Locked, UserStatuses.Dormant); if (_authenticationService.AuthenticateUser(user.EntityId, password)) { var candidate = _candidateReadRepository.Get(user.EntityId); if (user.LoginIncorrectAttempts > 0) { user.LoginIncorrectAttempts = 0; } if (user.Status == UserStatuses.Dormant) { user.Status = UserStatuses.Active; } user.LastLogin = DateTime.UtcNow; _userWriteRepository.Save(user); _serviceBus.PublishMessage(new CandidateUserUpdate(user.EntityId, CandidateUserUpdateType.Update)); return(candidate); } RegisterFailedLogin(user); } return(null); }
public void UpdateUsername(Guid userId, string newUsername) { var user = _userReadRepository.Get(userId); user.PendingUsername = newUsername; user.PendingUsernameCode = _codeGenerator.GenerateAlphaNumeric(); _userWriteRepository.Save(user); }
public void ResendActivationCode(string username) { var user = _userReadRepository.Get(username, false); if (user == null) { throw new CustomException("Unknown username", UserErrorCodes.UnknownUserError); } user.AssertState("Resend activate code", UserStatuses.PendingActivation); var candidate = _candidateReadRepository.Get(user.EntityId); var currentDateTime = DateTime.Now; var expiry = currentDateTime.AddDays(_activationCodeExpiryDays); if (!string.IsNullOrEmpty(user.ActivationCode) && (user.ActivateCodeExpiry > currentDateTime)) { // Reuse existing token and set new expiry date user.PasswordResetCodeExpiry = expiry; } else { // generate new code and set expiry date var activationCode = _codeGenerator.GenerateAlphaNumeric(); user.SetStatePendingActivation(activationCode, expiry); } _userWriteRepository.Save(user); SendActivationCode(candidate, user.ActivationCode); }
private User CreateAndSaveUserInMongoDb() { var user = CreateUser(); var actualUser = _userWriteRepository.Save(user); return(actualUser); }
public void SendPasswordResetCode(string username) { var user = _userReadRepository.Get(username, false); if (user == null) { _logger.Info(string.Format("Cannot send password reset code, username not found: \"{0}\".", username)); return; } var candidate = _candidateReadRepository.Get(user.EntityId); var currentDateTime = DateTime.Now; var expiry = currentDateTime.AddDays(_passwordResetCodeExpiryDays); string passwordResetCode; if (!string.IsNullOrEmpty(user.PasswordResetCode) && (user.PasswordResetCodeExpiry > currentDateTime)) { // Reuse existing token and set new expiry date passwordResetCode = user.PasswordResetCode; } else { // generate new code and send passwordResetCode = _codeGenerator.GenerateAlphaNumeric(); } user.SetStatePasswordResetCode(passwordResetCode, expiry); _userWriteRepository.Save(user); // Send Password Reset Code SendPasswordResetCodeViaCommunicationService(candidate, user.PasswordResetCode); }
public void LockUser(User user) { // Create and set an unlock code, set code expiry, save user, send email containing unlock code. var unlockCodeExpiryDays = _userAccountConfiguration.UnlockCodeExpiryDays; var accountUnlockCode = _codeGenerator.GenerateAlphaNumeric(); var expiry = DateTime.UtcNow.AddDays(unlockCodeExpiryDays); user.SetStateLocked(accountUnlockCode, expiry); _userWriteRepository.Save(user); }
private bool SetUserStatusPendingDeletion(User user) { _logService.Info("Setting User: {0} Status to PendingDeletion", user.EntityId); _auditRepository.Audit(user, AuditEventTypes.UserSoftDelete, user.EntityId); user.Status = UserStatuses.PendingDeletion; _userWriteRepository.Save(user); _serviceBus.PublishMessage(new CandidateUserUpdate(user.EntityId, CandidateUserUpdateType.Update)); _logService.Info("Set User: {0} Status to PendingDeletion", user.EntityId); return(true); }
public void Activate(string username, string activationCode) { var user = _userReadRepository.Get(username); user.AssertState("Activate user", UserStatuses.PendingActivation); if (!user.ActivationCode.Equals(activationCode, StringComparison.InvariantCultureIgnoreCase)) { throw new CustomException("Invalid activation code \"{0}\" for user \"{1}\"", ErrorCodes.UserActivationCodeError, activationCode, username); } user.SetStateActive(); _userWriteRepository.Save(user); }
public void Register(string username, Guid userId, string activationCode, UserRoles roles) { var user = _userReadRepository.Get(username, false); if (user != null && !user.IsInState(UserStatuses.PendingActivation, UserStatuses.PendingDeletion)) { throw new CustomException("Username already in use and is not in pending activation or deletion status", Domain.Entities.ErrorCodes.EntityStateError); } var newUser = new User { EntityId = userId, Username = username, Roles = roles }; newUser.SetStatePendingActivation(activationCode, DateTime.UtcNow.AddDays(_activationCodeExpiryDays)); _userWriteRepository.Save(newUser); }
public void Activate(Guid id, string activationCode) { var user = _userReadRepository.Get(id); user.AssertState("Activate user", UserStatuses.PendingActivation); if (!user.ActivationCode.Equals(activationCode, StringComparison.InvariantCultureIgnoreCase)) { throw new CustomException("Invalid activation code \"{0}\" for user with id \"{1}\"", ErrorCodes.UserActivationCodeError, activationCode, id); } user.SetStateActive(); user.ActivationDate = DateTime.UtcNow; user.LastLogin = DateTime.UtcNow; _userWriteRepository.Save(user); _serviceBus.PublishMessage(new CandidateUserUpdate(user.EntityId, CandidateUserUpdateType.Update)); _auditRepository.Audit(user, AuditEventTypes.UserActivatedAccount, user.EntityId); }
public void UnlockAccount(string username, string accountUnlockCode) { var user = _userReadRepository.Get(username); user.AssertState("Unlock user account", UserStatuses.Locked); if (user.AccountUnlockCodeExpiry < DateTime.Now) { // NOTE: account unlock code has expired, send a new one. _sendAccountUnlockCodeStrategy.SendAccountUnlockCode(username); throw new CustomException("Account unlock code has expired, new account unlock code has been sent.", ErrorCodes.AccountUnlockCodeExpired); } if (!user.AccountUnlockCode.Equals(accountUnlockCode, StringComparison.InvariantCultureIgnoreCase)) { throw new CustomException("Account unlock code \"{0}\" is invalid for user \"{1}\"", ErrorCodes.AccountUnlockCodeInvalid, accountUnlockCode, username); } user.SetStateActive(); _userWriteRepository.Save(user); }
protected void SetAccountDormant(User user, Candidate candidate, DateTime lastLogin) { _logService.Info("Setting User with Id: {0} to Dormant and disabling comms", user.EntityId); var candidateUser = new { User = user, Candidate = candidate }; _auditRepository.Audit(candidateUser, AuditEventTypes.CandidateUserMakeDormant, user.EntityId); if (!user.LastLogin.HasValue) { user.LastLogin = lastLogin; } user.Status = UserStatuses.Dormant; _userWriteRepository.Save(user); candidate.DisableAllOptionalCommunications(); _candidateWriteRepository.Save(candidate); _logService.Info("Set User with Id: {0} to Dormant and disabled comms", user.EntityId); }