public async Task <IActionResult> ForgotPassword(ForgotPasswordBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
ApplicationUser user = await userManager.FindByEmailAsync(model.Email).ConfigureAwait(false);
if (user != null)
{
bool IsEmailAllowed = emailSender.IsEmailAllowed();
if (IsEmailAllowed)
{
string code = await userManager.GeneratePasswordResetTokenAsync(user).ConfigureAwait(false);
EmailMessage emailMessage = new EmailMessage();
EmailAddress address = new EmailAddress(user.Name, user.Email);
emailMessage.To.Add(address);
emailMessage.Body = SendForgotPasswordEmail(code, user.Id, "en");
emailMessage.Subject = string.Format("Reset your password at {0}", Constants.PRODUCT);
await emailSender.SendEmailAsync(emailMessage).ConfigureAwait(false);
}
else
{
ModelState.AddModelError("Email", "Email has been disabled. Please check email accounts or email settings.");
return(BadRequest(ModelState));
}
}
else
{
ModelState.AddModelError("Email", "Email address does not exist.");
return(BadRequest(ModelState));
}
return(Ok());
}
public async Task <IActionResult> UpdateOrganizationMember(UpdateTeamMemberViewModel request, string personId, string organizationId)
{
var currentUser = await _userManager.FindByEmailAsync(_accessor.HttpContext.User.Identity.Name);
OrganizationMember currentOrgMember = _organzationMemberRepo.Find(null, o => o.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
if (!currentOrgMember.IsAdministrator ?? false || currentOrgMember.OrganizationId != Guid.Parse(organizationId))
{
throw new UnauthorizedOperationException("Only admins of this organization can update existing users", EntityOperationType.Update);
}
var userToUpdate = _aspNetUsersRepository.Find(null, u => u.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
var personToUpdate = _personRepo.Find(null, p => p.Id == Guid.Parse(personId)).Items?.FirstOrDefault();
ApplicationUser appUser = await _userManager.FindByIdAsync(userToUpdate.Id).ConfigureAwait(false);
//check password's validity if one was provided
if (!string.IsNullOrEmpty(request.Password))
{
if (!IsPasswordValid(request.Password))
{
throw new Exception(PasswordRequirementMessage(request.Password));
}
}
//if email was provided check its availability
if (!string.IsNullOrEmpty(request.Email))
{
//if email is not the same as user's current email
if (!appUser.NormalizedEmail.Equals(request.Email.ToUpper()))
{
var existingEmailUser = _aspNetUsersRepository.Find(null, u => u.Email == request.Email).Items?.FirstOrDefault();
if (existingEmailUser != null)
{
throw new Exception("A user already exists for the provided email address");
}
var personEmailToUpdate = _personEmailRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
var emailVerificationToUpdate = _emailVerificationRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
//update application user's email
appUser.Email = request.Email;
appUser.NormalizedEmail = request.Email.ToUpper();
appUser.UserName = request.Email;
appUser.NormalizedUserName = request.Email.ToUpper();
//update additional email tables
personEmailToUpdate.Address = request.Email;
emailVerificationToUpdate.Address = request.Email;
_personEmailRepository.Update(personEmailToUpdate);
_emailVerificationRepository.Update(emailVerificationToUpdate);
}
}
//update name if one was provided
if (!string.IsNullOrEmpty(request.Name))
{
appUser.Name = request.Name;
personToUpdate.Name = request.Name;
_personRepo.Update(personToUpdate);
}
//update password
if (!string.IsNullOrEmpty(request.Password))
{
appUser.ForcedPasswordChange = false;
var token = await _userManager.GeneratePasswordResetTokenAsync(appUser);
IdentityResult result = await _userManager.ResetPasswordAsync(appUser, token, request.Password);
if (!result.Succeeded)
{
throw new Exception("Failed to set new password");
}
}
//update application user
if (!string.IsNullOrEmpty(request.Password) || !string.IsNullOrEmpty(request.Email))
{
_userManager.UpdateAsync(appUser);
}
return(new OkObjectResult(appUser));
}
