public async Task <IActionResult> ConfirmEmail(string userid, string code, string returnUrl)
{
var confirmEmail = new ConfirmUserEmail(userid, code, returnUrl);
var returnValidUrl = await _mediator.Send(confirmEmail);
return(Redirect(returnValidUrl));
}
/// <summary>
/// This method allows user to confirm its email adress with a token key
/// </summary>
/// <param name="request">Request.</param>
public object Get(ConfirmUserEmail request)
{
var context = TepWebContext.GetWebContext(PagePrivileges.UserView);
// Let's try to open context
try {
context.LogInfo(this, string.Format("/user/emailconfirm GET"));
context.Open();
context.LogError(this, string.Format("Email already confirmed for user {0}", context.Username));
context.Close();
return(new HttpError(System.Net.HttpStatusCode.MethodNotAllowed, new InvalidOperationException("Email already confirmed")));
} catch (Exception e) {
AuthenticationType authType = IfyWebContext.GetAuthenticationType(typeof(TokenAuthenticationType));
AuthenticationType umssoauthType = IfyWebContext.GetAuthenticationType(typeof(UmssoAuthenticationType));
var umssoUser = umssoauthType.GetUserProfile(context, HttpContext.Current.Request, false);
if (umssoUser == null)
{
context.LogError(this, string.Format("User not logged in EOSSO"));
throw new ResourceNotFoundException("Not logged in EO-SSO");
}
if (e is PendingActivationException)
{
context.LogDebug(this, string.Format("Pending activation for user {0}", context.Username));
// User is logged, now we confirm the email with the token
context.LogDebug(this, string.Format("User now logged -- Confirm email with token"));
User tokenUser = ((TokenAuthenticationType)authType).AuthenticateUser(context, request.Token);
// We must check that the logged user if the one that received the email
// If not, we rollback to previous status
if (tokenUser.Email != Request.Headers["Umsso-Person-Email"])
{
tokenUser.AccountStatus = AccountStatusType.PendingActivation;
tokenUser.Store();
context.LogError(this, string.Format("Confirmation email and UM-SSO email do not match"));
return(new HttpError(System.Net.HttpStatusCode.BadRequest, new UnauthorizedAccessException("Confirmation email and UM-SSO email do not match")));
}
context.LogDebug(this, string.Format("User now logged -- Email confirmed"));
//send an email to Support to warn them
try {
string emailFrom = context.GetConfigValue("MailSenderAddress");
string subject = string.Format("[{0}] - Email verification for user {1}", context.GetConfigValue("SiteName"), umssoUser.Username);
string body = context.GetConfigValue("EmailConfirmedNotification");
body = body.Replace("$(USERNAME)", umssoUser.Username);
body = body.Replace("$(EMAIL)", umssoUser.Email);
context.SendMail(emailFrom, emailFrom, subject, body);
} catch (Exception e1) {
context.LogError(this, e1.Message, e1);
}
}
else
{
context.LogError(this, e.Message, e);
throw e;
}
}
context.Close();
return(new WebResponseBool(true));
}
