public IActionResult CreatePwdToken(ConfirmationCreateTokenModel model)
{
Api api = Api.INSTANCE;
if (model.confirmation_url == null || model.email == null)
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "password_reset_failed",
error_description = "missing_fields"
}));
}
// verify email syntax
// To do: check if email address is disposable.
try
{
var addr = new System.Net.Mail.MailAddress(model.email);
}
catch
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "password_reset_failed",
error_description = "email_invalid"
}));
}
using (var da = api.DAFactory.Get())
{
var user = da.Users.GetByEmail(model.email);
if (user == null)
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "password_reset_failed",
error_description = "email_invalid"
}));
}
EmailConfirmation confirm = da.EmailConfirmations.GetByEmail(model.email, ConfirmationType.password);
// already awaiting a confirmation
// to-do: resend?
if (confirm != null)
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "registration_failed",
error_description = "confirmation_pending"
}));
}
uint expires = Epoch.Now + EMAIL_CONFIRMATION_EXPIRE;
// create new email confirmation
string token = da.EmailConfirmations.Create(new EmailConfirmation
{
type = ConfirmationType.password,
email = model.email,
expires = expires
});
// send confirmation email with generated token
bool sent = api.SendPasswordResetMail(model.email, user.username, token, model.confirmation_url, expires);
if (sent)
{
return(ApiResponse.Json(HttpStatusCode.OK, new
{
status = "success"
}));
}
return(ApiResponse.Json(HttpStatusCode.OK, new
{
// success but email shitfaced
status = "email_failed"
}));
}
}
public IActionResult CreateToken(ConfirmationCreateTokenModel model)
{
Api api = Api.INSTANCE;
// smtp needs to be configured for this
if (!api.Config.SmtpEnabled)
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "registration_failed",
error_description = "smtp_disabled"
}));
}
if (model.confirmation_url == null || model.email == null)
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "registration_failed",
error_description = "missing_fields"
}));
}
// verify email syntax
// To do: check if email address is disposable.
try
{
var addr = new System.Net.Mail.MailAddress(model.email);
}
catch
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "registration_failed",
error_description = "email_invalid"
}));
}
using (var da = api.DAFactory.Get())
{
// email is taken
if (da.Users.GetByEmail(model.email) != null)
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "registration_failed",
error_description = "email_taken"
}));
}
EmailConfirmation confirm = da.EmailConfirmations.GetByEmail(model.email, ConfirmationType.email);
// already waiting for confirmation
if (confirm != null)
{
return(ApiResponse.Json(HttpStatusCode.OK, new RegistrationError()
{
error = "registration_failed",
error_description = "confirmation_pending"
}));
}
uint expires = Epoch.Now + EMAIL_CONFIRMATION_EXPIRE;
// create new email confirmation
string token = da.EmailConfirmations.Create(new EmailConfirmation
{
type = ConfirmationType.email,
email = model.email,
expires = expires
});
// send email with recently generated token
bool sent = api.SendEmailConfirmationMail(model.email, token, model.confirmation_url, expires);
if (sent)
{
return(ApiResponse.Json(HttpStatusCode.OK, new
{
status = "success"
}));
}
return(ApiResponse.Json(HttpStatusCode.OK, new
{
status = "email_failed"
}));
}
}