public async Task SendRecoveryKeyEmailAsync(RecoveryKeyEmail recoveryKeyEmail)
{
string FilePath = Directory.GetCurrentDirectory() + "/Smtp/Templates/RecoveryKeyTemplate.html";
StreamReader str = new StreamReader(FilePath);
string MailText = str.ReadToEnd();
str.Close();
MailText = MailText.Replace("[FirstName]", recoveryKeyEmail.FirstName + " " + recoveryKeyEmail.LastName).Replace("[UrlKey]", recoveryKeyEmail.UrlKey);
var email = new MimeMessage();
email.Sender = MailboxAddress.Parse(_mailSettings.Mail);
email.To.Add(MailboxAddress.Parse(recoveryKeyEmail.ToEmail));
email.Subject = $"Password Recovery for your Account";
var builder = new BodyBuilder();
builder.HtmlBody = MailText;
email.Body = builder.ToMessageBody();
var logDirectory = _config.GetSection("MailLogger").Value;
using var smtp = new SmtpClient(new ProtocolLogger(logDirectory));
smtp.CheckCertificateRevocation = false;
smtp.Connect(_mailSettings.Host, _mailSettings.Port, SecureSocketOptions.Auto);
smtp.Authenticate(_mailSettings.Mail, _mailSettings.Password);
await smtp.SendAsync(email);
smtp.Disconnect(true);
}
public async Task <IActionResult> RecoveryAccount(UserForRecoveryDto userForRecoveryDto)
{
try
{
var userToVerifyExist = _mapper.Map <UserForRegisterDto>(userForRecoveryDto);
var user = _mapper.Map <User>(userToVerifyExist);
var userFound = await _repo.UserExists(userToVerifyExist);
if (userFound == null)
{
return(BadRequest("user_does_not_exist"));
}
var userToUpdate = await _mainRepo.GetUser(userForRecoveryDto.UsernameOrEmail);
userToUpdate.RecoveryKey = _repo.GenerateVerificationKey();
userToUpdate.RecoveryDate = DateTime.Now.AddDays(1);
var updatedUser = await _userRepo.UpdateUser(userToUpdate);
var person = await _personRepo.GetPerson(updatedUser.Id);
RecoveryKeyEmail recoveryKeyEmail = new RecoveryKeyEmail(updatedUser.Email, person.Name, person.LastName, _mailService.GetVerifyURL(updatedUser.RecoveryKey, "auth/passwordrecovery"));
await _mailService.SendRecoveryKeyEmailAsync(recoveryKeyEmail);
return(Ok());
}
catch (Exception ex)
{
_logger.LogError(ex.Message);
return(BadRequest("recovery_account_failed"));
}
}
public async Task <IActionResult> VerifyRecovery(UserForRecoveryVerifyDto userForRecoveryVerifyDto)
{
try
{
var userToVerifyExist = _mapper.Map <UserForRegisterDto>(userForRecoveryVerifyDto);
var userFound = await _repo.UserExists(userToVerifyExist);
if (userFound == null)
{
return(BadRequest("user_does_not_exist"));
}
var userToVerifyKey = await _mainRepo.GetUser(userForRecoveryVerifyDto.Email);
if (userForRecoveryVerifyDto.VerifyKey == "")
{
return(BadRequest("key_does_not_valid"));
}
if (userForRecoveryVerifyDto.VerifyKey != userToVerifyKey.RecoveryKey)
{
return(BadRequest("key_does_not_valid"));
}
if (userToVerifyKey.RecoveryDate < DateTime.Now)
{
return(BadRequest("key_does_not_valid"));
}
var userToUpdate = _repo.CompleteInfoToConfirmVerify(userForRecoveryVerifyDto, userToVerifyKey);
var updatedUser = await _userRepo.UpdateUser(userToUpdate);
var person = await _personRepo.GetPerson(updatedUser.Id);
RecoveryKeyEmail recoveryKeyEmail = new RecoveryKeyEmail(updatedUser.Email, person.Name, person.LastName, "");
await _mailService.SendConfirmationRecoveryEmailAsync(recoveryKeyEmail);
var user = _mapper.Map <UserForDetailedDto>(updatedUser);
var rolsAssigned = await _repo.GetRolsPerUser(user.Id);
var rolsAssignedToList = _mapper.Map <List <RolsToListDto> >(rolsAssigned);
var tokenDescriptor = _repo.CreateToken(updatedUser, rolsAssigned);
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHandler.WriteToken(token),
user,
rolsAssignedToList
}));
}
catch (Exception ex)
{
_logger.LogError(ex.Message);
return(BadRequest("verify_recovery_failed"));
}
}