public void When_GetChangeEmailPendingBodyText_Then_CorrectEmailIsReturned() { // Act var emailBodyText = EmailTemplates.ChangeEmailAddressPendingBodyText(_firstName, _lastName, _applicationName, _url, _token); Assert.AreEqual("Dear John Staveley,<br /><br />A request has been received to change your Security Essentials username/email address. You can complete this process any time within the next 15 minutes by clicking <a href='http://localhost:4986/Account/ChangeEmailAddresConfirm?NewEmailAddressToken=c4f32838-9ab4-46d8-bc49-d080264bd13e'>http://localhost:4986/Account/ChangeEmailAddresConfirm?NewEmailAddressToken=c4f32838-9ab4-46d8-bc49-d080264bd13e</a>. If you did not request this then you can ignore this email.<br />How do I know this is not a Spoof email? Spoof or ‘phishing’ emails tend to have generic greetings such as \"Dear Security Essentials member\". Emails from Security Essentials will always contain your full name.<br />", emailBodyText); }
public async Task <ActionResult> ChangeEmailAddressAsync(ChangeEmailAddressViewModel model) { var userId = UserIdentity.GetUserId(this); var user = _context.User.FirstOrDefault(u => u.Id == userId && u.Enabled && u.EmailVerified && u.Approved); AppSensor.ValidateFormData(this, new List <string> { "NewEmailAddress", "Password" }); if (user == null) { return(HttpNotFound()); } if (ModelState.IsValid) { if (_context.User.Any(a => a.Id != user.Id && model.NewEmailAddress == a.UserName)) { ModelState.AddModelError("NewEmailAddress", "This email address is already in use"); Logger.Information("Failed Account ChangeEmailAddress Post, Username already exists"); } else { var logonResult = await _userManager.TryLogOnAsync(UserIdentity.GetUserName(this), model.Password); if (logonResult.Success) { user.NewEmailAddressToken = Guid.NewGuid().ToString().Replace("-", ""); user.NewEmailAddressRequestExpiryDateUtc = DateTime.UtcNow.AddMinutes(15); user.NewEmailAddress = model.NewEmailAddress; // Send change username with link to recover password form string emailBody = EmailTemplates.ChangeEmailAddressPendingBodyText(user.FirstName, user.LastName, _configuration.ApplicationName, _configuration.WebsiteBaseUrl, user.NewEmailAddressToken); string emailSubject = $"{_configuration.ApplicationName} - Complete the change email address process"; _services.SendEmail(_configuration.DefaultFromEmailAddress, new List <string>() { user.UserName }, null, null, emailSubject, emailBody, true); user.UserLogs.Add(new UserLog { Description = $"Change email address request started to change from {user.UserName} to {user.NewEmailAddress}" }); await _context.SaveChangesAsync(); return(View("ChangeEmailAddressPending")); } else { Logger.Information("Failed Account ChangeEmailAddress Post, Password incorrect by requester {@requester}", UserIdentity.GetRequester(this, AppSensorDetectionPointKind.Ae1)); ModelState.AddModelError("Password", "The password is not correct"); } } } else { AppSensor.InspectModelStateErrors(this); } return(View("ChangeEmailAddress", new ChangeEmailAddressViewModel(user.UserName, user.NewEmailAddress, user.NewEmailAddressRequestExpiryDateUtc))); }
public async Task <ActionResult> ChangeEmailAddress(ChangeEmailAddressViewModel model) { var userId = _userIdentity.GetUserId(this); var user = _context.User.Where(u => u.Id == userId && u.Enabled && u.EmailVerified && u.Approved).FirstOrDefault(); _appSensor.ValidateFormData(this, new List <string>() { "NewEmailAddress", "Password" }); if (ModelState.IsValid) { var logonResult = await _userManager.TryLogOnAsync(_userIdentity.GetUserName(this), model.Password); if (logonResult.Success) { if (user != null) { user.NewEmailAddressToken = Guid.NewGuid().ToString().Replace("-", ""); user.NewEmailAddressRequestExpiryDate = DateTime.UtcNow.AddMinutes(15); user.NewEmailAddress = model.NewEmailAddress; // Send change username with link to recover password form string emailBody = EmailTemplates.ChangeEmailAddressPendingBodyText(user.FirstName, user.LastName, _configuration.ApplicationName, _configuration.WebsiteBaseUrl, user.NewEmailAddressToken); string emailSubject = string.Format("{0} - Complete the change email address process", _configuration.ApplicationName); _services.SendEmail(_configuration.DefaultFromEmailAddress, new List <string>() { user.UserName }, null, null, emailSubject, emailBody, true); user.UserLogs.Add(new UserLog() { Description = string.Format("Change email address request started to change from {0} to {1}", user.UserName, user.NewEmailAddress) }); _context.SaveChanges(); return(View("ChangeEmailAddressPending")); } } else { Logger.Information("Failed Account ChangeEmailAddress Post, Password incorrect by requester {@requester}", _userIdentity.GetRequester(this, Core.Constants.AppSensorDetectionPointKind.AE1)); ModelState.AddModelError("Password", "The password is not correct"); } } else { _appSensor.InspectModelStateErrors(this); } return(View(new ChangeEmailAddressViewModel(user.UserName, user.NewEmailAddress, user.NewEmailAddressRequestExpiryDate))); }