public async Task <IActionResult> SetPassword(ResetPasswordBindingModel model)
{
if (string.IsNullOrEmpty(model.UserId) || string.IsNullOrEmpty(model.NewPassword) || string.IsNullOrEmpty(model.Token))
{
ModelState.AddModelError("", "userId or password or token is missing");
return(BadRequest(ModelState));
}
if (!IsPasswordValid(model.NewPassword))
{
ModelState.AddModelError("Password", PasswordRequirementMessage(model.NewPassword));
return(BadRequest(ModelState));
}
ApplicationUser user = await userManager.FindByIdAsync(model.UserId).ConfigureAwait(false);
user.ForcedPasswordChange = false;
var token = WebUtility.UrlDecode(model.Token);
if (user != null)
{
var result = await userManager.ResetPasswordAsync(user, token, model.NewPassword);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
}
return(Ok());
}
public async Task <IActionResult> UpdateOrganizationMember(UpdateTeamMemberViewModel request, string personId, string organizationId)
{
var currentUser = await _userManager.FindByEmailAsync(_accessor.HttpContext.User.Identity.Name);
OrganizationMember currentOrgMember = _organzationMemberRepo.Find(null, o => o.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
if (!currentOrgMember.IsAdministrator ?? false || currentOrgMember.OrganizationId != Guid.Parse(organizationId))
{
throw new UnauthorizedOperationException("Only admins of this organization can update existing users", EntityOperationType.Update);
}
var userToUpdate = _aspNetUsersRepository.Find(null, u => u.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
var personToUpdate = _personRepo.Find(null, p => p.Id == Guid.Parse(personId)).Items?.FirstOrDefault();
ApplicationUser appUser = await _userManager.FindByIdAsync(userToUpdate.Id).ConfigureAwait(false);
//check password's validity if one was provided
if (!string.IsNullOrEmpty(request.Password))
{
if (!IsPasswordValid(request.Password))
{
throw new Exception(PasswordRequirementMessage(request.Password));
}
}
//if email was provided check its availability
if (!string.IsNullOrEmpty(request.Email))
{
//if email is not the same as user's current email
if (!appUser.NormalizedEmail.Equals(request.Email.ToUpper()))
{
var existingEmailUser = _aspNetUsersRepository.Find(null, u => u.Email == request.Email).Items?.FirstOrDefault();
if (existingEmailUser != null)
{
throw new Exception("A user already exists for the provided email address");
}
var personEmailToUpdate = _personEmailRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
var emailVerificationToUpdate = _emailVerificationRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
//update application user's email
appUser.Email = request.Email;
appUser.NormalizedEmail = request.Email.ToUpper();
appUser.UserName = request.Email;
appUser.NormalizedUserName = request.Email.ToUpper();
//update additional email tables
personEmailToUpdate.Address = request.Email;
emailVerificationToUpdate.Address = request.Email;
_personEmailRepository.Update(personEmailToUpdate);
_emailVerificationRepository.Update(emailVerificationToUpdate);
}
}
//update name if one was provided
if (!string.IsNullOrEmpty(request.Name))
{
appUser.Name = request.Name;
personToUpdate.Name = request.Name;
_personRepo.Update(personToUpdate);
}
//update password
if (!string.IsNullOrEmpty(request.Password))
{
appUser.ForcedPasswordChange = false;
var token = await _userManager.GeneratePasswordResetTokenAsync(appUser);
IdentityResult result = await _userManager.ResetPasswordAsync(appUser, token, request.Password);
if (!result.Succeeded)
{
throw new Exception("Failed to set new password");
}
}
//update application user
if (!string.IsNullOrEmpty(request.Password) || !string.IsNullOrEmpty(request.Email))
{
_userManager.UpdateAsync(appUser);
}
return(new OkObjectResult(appUser));
}
