public async Task <bool> ConfirmEmailAddress(User user, string token) { if (user == null) { throw new ArgumentNullException(nameof(user)); } if (String.IsNullOrEmpty(token)) { throw new ArgumentNullException(nameof(token)); } if (user.EmailConfirmationToken != token) { return(false); } var conflictingUsers = FindAllByEmailAddress(user.UnconfirmedEmailAddress); if (conflictingUsers.AnySafe(u => u.Key != user.Key)) { throw new EntityException(Strings.EmailAddressBeingUsed, user.UnconfirmedEmailAddress); } await Auditing.SaveAuditRecord(new UserAuditRecord(user, AuditedUserAction.ConfirmEmail, user.UnconfirmedEmailAddress)); user.ConfirmEmailAddress(); await UserRepository.CommitChangesAsync(); return(true); }
public bool ConfirmEmailAddress(User user, string token) { if (user == null) { throw new ArgumentNullException("user"); } if (String.IsNullOrEmpty(token)) { throw new ArgumentNullException("token"); } if (user.EmailConfirmationToken != token) { return(false); } var conflictingUsers = FindAllByEmailAddress(user.UnconfirmedEmailAddress); if (conflictingUsers.AnySafe(u => u.Key != user.Key)) { throw new EntityException(Strings.EmailAddressBeingUsed, user.UnconfirmedEmailAddress); } user.ConfirmEmailAddress(); UserRepository.CommitChanges(); return(true); }
public bool ConfirmEmailAddress(User user, string token) { if (user == null) { throw new ArgumentNullException("user"); } if (String.IsNullOrEmpty(token)) { throw new ArgumentNullException("token"); } if (user.EmailConfirmationToken != token) { return(false); } user.ConfirmEmailAddress(); //added by fwang5: if use a same email register many times ,once activation ,all other records need clear username,token and unconfirmedEmail IQueryable <User> list = FindByUnconfirmedEmailAddressList(user.EmailAddress, token); foreach (User tmpUser in list) { //clear invalid register user tmpUser.Username = tmpUser.EmailConfirmationToken; tmpUser.EmailConfirmationToken = null; tmpUser.UnconfirmedEmailAddress = null; } UserRepository.CommitChanges(); return(true); }
public User AutoEnroll(string username, string password) { if (ValidateUser(username, password)) { var searchResult = GetUserSearchResult(username, password); var user = new User(GetStringProperty(searchResult, Properties.Username).ToLowerInvariant(), ".") { ApiKey = Guid.NewGuid(), DisplayName = GetStringProperty(searchResult, Properties.DisplayName), PasswordHashAlgorithm = "LDAP" }; var email = GetStringProperty(searchResult, Properties.Email); if (!string.IsNullOrEmpty(email)) { user.EmailAllowed = true; user.UnconfirmedEmailAddress = email.ToLowerInvariant(); user.EmailConfirmationToken = cryptoSvc.GenerateToken(); user.ConfirmEmailAddress(); } userRepo.InsertOnCommit(user); userRepo.CommitChanges(); return(user); } return(null); }
public virtual User Create( string username, string password, string emailAddress) { // TODO: validate input // TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt var existingUser = FindByUsername(username); if (existingUser != null) { throw new EntityException(Strings.UsernameNotAvailable, username); } var existingUsers = FindAllByEmailAddress(emailAddress); if (existingUsers.AnySafe()) { throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress); } var hashedPassword = Crypto.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId); var apiKey = Guid.NewGuid(); var newUser = new User(username) { ApiKey = apiKey, EmailAllowed = true, UnconfirmedEmailAddress = emailAddress, EmailConfirmationToken = Crypto.GenerateToken(), HashedPassword = hashedPassword, PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId, CreatedUtc = DateTime.UtcNow, Roles = new List <Role> { RoleRepository.GetEntity(2) } }; // Add a credential for the password and the API Key newUser.Credentials.Add(CredentialBuilder.CreateV1ApiKey(apiKey)); newUser.Credentials.Add(new Credential(CredentialTypes.Password.Pbkdf2, newUser.HashedPassword)); if (!Config.ConfirmEmailAddresses) { newUser.ConfirmEmailAddress(); } newUser.Roles.Add(RoleRepository.GetEntity(2)); UserRepository.InsertOnCommit(newUser); UserRepository.CommitChanges(); return(newUser); }
public virtual User Create( string username, string password, string emailAddress) { // TODO: validate input // TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt var existingUser = FindByUsername(username); if (existingUser != null) { throw new EntityException(Strings.UsernameNotAvailable, username); } var existingUsers = FindAllByEmailAddress(emailAddress); if (existingUsers.AnySafe()) { throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress); } var hashedPassword = Crypto.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId); var apiKey = Guid.NewGuid(); var newUser = new User(username) { ApiKey = apiKey, EmailAllowed = true, UnconfirmedEmailAddress = emailAddress, EmailConfirmationToken = Crypto.GenerateToken(), HashedPassword = hashedPassword, PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId, CreatedUtc = DateTime.UtcNow }; // Add a credential for the password and the API Key newUser.Credentials.Add(CredentialBuilder.CreateV1ApiKey(apiKey)); newUser.Credentials.Add(new Credential(CredentialTypes.Password.Pbkdf2, newUser.HashedPassword)); if (!Config.ConfirmEmailAddresses) { newUser.ConfirmEmailAddress(); } UserRepository.InsertOnCommit(newUser); UserRepository.CommitChanges(); return newUser; }
public virtual User Create( string username, string password, string emailAddress) { // TODO: validate input // TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt var existingUser = FindByUsername(username); if (existingUser != null) { throw new EntityException(Strings.UsernameNotAvailable, username); } existingUser = FindByEmailAddress(emailAddress); if (existingUser != null) { throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress); } var hashedPassword = cryptoSvc.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId); var newUser = new User( username, hashedPassword) { ApiKey = Guid.NewGuid(), EmailAllowed = true, EmailAllModerationNotifications = true, UnconfirmedEmailAddress = emailAddress, EmailConfirmationToken = cryptoSvc.GenerateToken(), PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId, }; if (!config.ConfirmEmailAddresses) { newUser.ConfirmEmailAddress(); } userRepo.InsertOnCommit(newUser); userRepo.CommitChanges(); return(newUser); }
public virtual User Create( string username, string password, string emailAddress) { // TODO: validate input // TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt var existingUser = FindByUsername(username); if (existingUser != null) { throw new EntityException(Strings.UsernameNotAvailable, username); } existingUser = FindByEmailAddress(emailAddress); if (existingUser != null) { throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress); } var hashedPassword = _cryptoService.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId); var newUser = new User( username, hashedPassword) { ApiKey = Guid.NewGuid(), EmailAllowed = true, UnconfirmedEmailAddress = emailAddress, EmailConfirmationToken = _cryptoService.GenerateToken(), PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId, }; if (!_config.ConfirmEmailAddresses) { newUser.ConfirmEmailAddress(); } _userRepository.InsertOnCommit(newUser); _userRepository.CommitChanges(); return newUser; }
public async Task ChangeEmailAddress(User user, string newEmailAddress) { var existingUsers = FindAllByEmailAddress(newEmailAddress); if (existingUsers.AnySafe(u => u.Key != user.Key)) { throw new EntityException(Strings.EmailAddressBeingUsed, newEmailAddress); } await Auditing.SaveAuditRecordAsync(new UserAuditRecord(user, AuditedUserAction.ChangeEmail, newEmailAddress)); user.UpdateUnconfirmedEmailAddress(newEmailAddress, Crypto.GenerateToken); if (!Config.ConfirmEmailAddresses) { user.ConfirmEmailAddress(); } await UserRepository.CommitChangesAsync(); }
public bool ConfirmEmailAddress(User user, string token) { if (user == null) { throw new ArgumentNullException("user"); } if (String.IsNullOrEmpty(token)) { throw new ArgumentNullException("token"); } if (user.EmailConfirmationToken != token) { return false; } user.ConfirmEmailAddress(); _userRepo.CommitChanges(); return true; }
public bool ConfirmEmailAddress(User user, string token) { if (user == null) { throw new ArgumentNullException("user"); } if (String.IsNullOrEmpty(token)) { throw new ArgumentNullException("token"); } if (user.EmailConfirmationToken != token) { return(false); } user.ConfirmEmailAddress(); userRepo.CommitChanges(); return(true); }
public async Task<bool> ConfirmEmailAddress(User user, string token) { if (user == null) { throw new ArgumentNullException("user"); } if (String.IsNullOrEmpty(token)) { throw new ArgumentNullException("token"); } if (user.EmailConfirmationToken != token) { return false; } var conflictingUsers = FindAllByEmailAddress(user.UnconfirmedEmailAddress); if (conflictingUsers.AnySafe(u => u.Key != user.Key)) { throw new EntityException(Strings.EmailAddressBeingUsed, user.UnconfirmedEmailAddress); } await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.ConfirmEmail, user.UnconfirmedEmailAddress)); user.ConfirmEmailAddress(); UserRepository.CommitChanges(); return true; }