public async Task <IActionResult> InviteUser(string organizationId, [FromBody] InviteUserViewModel value) { OrganizationMember teamMember; value.OrganizationId = new Guid(organizationId); var user = new ApplicationUser(); //add person to organization only if you are admin or add it to access request table var requestingUser = repository.Find(null, a => a.PersonId == SecurityContext.PersonId && a.OrganizationId == Guid.Parse(organizationId))?.Items.FirstOrDefault(); var isRequestingUserAdministrator = requestingUser.IsAdministrator.GetValueOrDefault(false); //if the requesting user is NOT an administrator then the user cannot skip email verification //only administrators can allow that; however, this can be skipped for now //if (value.SkipEmailVerification && !isRequestingUserAdministrator) // value.SkipEmailVerification = false; try { bool IsEmailAllowed = _emailSender.IsEmailAllowed(); var organizationMember = repository.Find(null, a => a.PersonId == SecurityContext.PersonId && a.OrganizationId == Guid.Parse(organizationId))?.Items.FirstOrDefault(); if (organizationMember == null) { throw new UnauthorizedAccessException(); } //this is to check if the user is already in the system and where is part of the organization teamMember = _membershipManager.InviteUser(value, SecurityContext); if (teamMember == null) { user.UserName = value.Email; user.Email = value.Email; string passwordString = value.Password; if (IsEmailAllowed) { if (string.IsNullOrEmpty(passwordString)) { RandomPassword randomPass = new RandomPassword(); passwordString = randomPass.GenerateRandomPassword(); } } else { if (string.IsNullOrEmpty(passwordString)) { ModelState.AddModelError("Invite User", "Email is disabled. Must provide a password."); return(BadRequest(ModelState)); } } var loginResult = await _userManager.CreateAsync(user, passwordString).ConfigureAwait(false); if (!loginResult.Succeeded) { return(GetErrorResult(loginResult)); } else { //add person email var emailIds = new List <EmailVerification>(); var personEmail = new EmailVerification() { PersonId = Guid.Empty, Address = value.Email, IsVerified = false }; if (value.SkipEmailVerification) { personEmail.IsVerified = true; } emailIds.Add(personEmail); Person newPerson = new Person() { Company = value.Company, Department = value.Department, Name = value.Name, EmailVerifications = emailIds }; var person = _personRepository.Add(newPerson); if (!value.SkipEmailVerification) { if (IsEmailAllowed) { string code = await _userManager.GenerateEmailConfirmationTokenAsync(user).ConfigureAwait(false); EmailMessage emailMessage = new EmailMessage(); emailMessage.Body = SendConfirmationEmail(code, user.Id, passwordString, "en"); emailMessage.Subject = "Confirm your account at " + Constants.PRODUCT; await _emailSender.SendEmailAsync(emailMessage, null, null, "Outgoing").ConfigureAwait(false); } else { value.SkipEmailVerification = true; ModelState.AddModelError("Email", "Email is disabled. Verification email was not sent."); } } //update the user if (person != null) { var registeredUser = _userManager.FindByNameAsync(user.UserName).Result; registeredUser.PersonId = person.Id.GetValueOrDefault(); registeredUser.ForcedPasswordChange = true; await _userManager.UpdateAsync(registeredUser).ConfigureAwait(false); //add person to organization only if you are admin or add it to access request table if (isRequestingUserAdministrator) { OrganizationMember newOrgMember = new OrganizationMember() { PersonId = person.Id, OrganizationId = Guid.Parse(organizationId), IsAutoApprovedByEmailAddress = true, IsInvited = true }; await base.PostEntity(newOrgMember).ConfigureAwait(false); } else { //add it to access requests AccessRequest accessRequest = new AccessRequest() { OrganizationId = Guid.Parse(organizationId), PersonId = person.Id, IsAccessRequested = true, AccessRequestedOn = DateTime.UtcNow }; _accessRequestManager.AddAccessRequest(accessRequest); } } } } if (IsEmailAllowed) { return(Ok()); } else { return(Ok(ModelState)); } } catch (Exception ex) { return(ex.GetActionResult()); } }
public async Task <IActionResult> Register(SignUpViewModel signupModel) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } EmailVerification emailAddress = emailVerificationRepository.Find(null, p => p.Address.Equals(signupModel.Email, StringComparison.OrdinalIgnoreCase)).Items?.FirstOrDefault(); if (emailAddress != null) { organizationMemberRepository.ForceIgnoreSecurity(); var member = organizationMemberRepository.Find(null, m => m.PersonId == emailAddress.PersonId)?.Items?.FirstOrDefault(); organizationMemberRepository.ForceSecurity(); if (member != null) { //Already a member of the organization ModelState.AddModelError("Register", "Email address already exists"); return(BadRequest(ModelState)); } // Make a request to join organization var oldOrganization = organizationManager.GetDefaultOrganization(); if (oldOrganization != null) { //Update user if (!IsPasswordValid(signupModel.Password)) { ModelState.AddModelError("Password", PasswordRequirementMessage(signupModel.Password)); return(BadRequest(ModelState)); } var existingUser = await userManager.FindByEmailAsync(emailAddress.Address).ConfigureAwait(false); existingUser.Name = signupModel.Name; existingUser.ForcedPasswordChange = false; existingUser.PasswordHash = userManager.PasswordHasher.HashPassword(existingUser, signupModel.Password); var result = await userManager.UpdateAsync(existingUser).ConfigureAwait(true); if (!result.Succeeded) { return(GetErrorResult(result)); } Person person = personRepository.Find(null, p => p.Id == emailAddress.PersonId)?.Items?.FirstOrDefault(); person.Name = signupModel.Name; person.Department = signupModel.Department; personRepository.Update(person); //Create a new access request Model.Membership.AccessRequest accessRequest = new Model.Membership.AccessRequest() { OrganizationId = oldOrganization.Id, PersonId = person.Id, IsAccessRequested = true, AccessRequestedOn = DateTime.UtcNow }; accessRequestManager.AddAnonymousAccessRequest(accessRequest); return(Ok("Access Request has been created for existing user")); } } var user = new ApplicationUser() { Name = signupModel.Name, UserName = signupModel.Email, Email = signupModel.Email, ForcedPasswordChange = false //Set this property to not show password reset secreen for new user }; RandomPassword randomPass = new RandomPassword(); string passwordString = ""; bool isPasswordProvided = false; if (string.IsNullOrWhiteSpace(signupModel.Password)) { passwordString = randomPass.GenerateRandomPassword(); isPasswordProvided = false; } else { passwordString = signupModel.Password; isPasswordProvided = true; } var loginResult = await userManager.CreateAsync(user, passwordString).ConfigureAwait(false); bool IsEmailAllowed = emailSender.IsEmailAllowed(); if (!loginResult.Succeeded) { return(GetErrorResult(loginResult)); } else { //Add person email var emailIds = new List <EmailVerification>(); var personEmail = new EmailVerification() { PersonId = Guid.Empty, Address = signupModel.Email, IsVerified = false }; emailIds.Add(personEmail); Person newPerson = new Person() { Company = signupModel.Organization, Department = signupModel.Department, Name = signupModel.Name, EmailVerifications = emailIds }; var person = personRepository.Add(newPerson); var oldOrganization = organizationManager.GetDefaultOrganization(); if (oldOrganization != null) { //Add it to access requests Model.Membership.AccessRequest accessRequest = new Model.Membership.AccessRequest() { OrganizationId = oldOrganization.Id, PersonId = person.Id, IsAccessRequested = true, AccessRequestedOn = DateTime.UtcNow }; accessRequestManager.AddAnonymousAccessRequest(accessRequest); } if (IsEmailAllowed) { string code = await userManager.GenerateEmailConfirmationTokenAsync(user).ConfigureAwait(false); EmailMessage emailMessage = new EmailMessage(); EmailAddress address = new EmailAddress(user.Name, user.Email); emailMessage.To.Add(address); emailMessage.Body = SendConfirmationEmail(code, user.Id, passwordString, "en"); emailMessage.Subject = "Confirm your account at " + Constants.PRODUCT; await emailSender.SendEmailAsync(emailMessage).ConfigureAwait(false); } else { ModelState.AddModelError("Email", "Email is disabled. Verification email was not sent."); } //Update the user if (person != null) { var registeredUser = userManager.FindByNameAsync(user.UserName).Result; registeredUser.PersonId = (Guid)person.Id; registeredUser.ForcedPasswordChange = true; await userManager.UpdateAsync(registeredUser).ConfigureAwait(false); } } if (!IsEmailAllowed) { return(Ok(ModelState)); } else { return(Ok()); } }
public async Task <IActionResult> Post(string personId, [FromBody] EmailVerification value) { value.PersonId = new Guid(personId); //check the email address in verification email table var emailVerification = repository.Find(null, p => p.Address.Equals(value.Address, StringComparison.OrdinalIgnoreCase))?.Items?.FirstOrDefault(); //if not null then email address already exists if (emailVerification != null) { ModelState.AddModelError("EmailAddress", "email address already in use"); return(BadRequest(ModelState)); } value.IsVerified = false; try { //resending byte[] time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary()); byte[] key = applicationUser.PersonId.ToByteArray(); string token = Convert.ToBase64String(time.Concat(key).ToArray()); string confirmationLink = Url.Action("ConfirmEmailAddress", "Auth", new { emailAddress = value.Address, token = token }, protocol: HttpContext.Request.Scheme); string emailBody = ""; //using (StreamReader reader = new StreamReader(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Email/confirm-en.html"))) //{ // emailBody = reader.ReadToEnd(); // emailBody = emailBody.Replace("^Confirm^", confirmationLink); //} var templateObj = new EmailTemplateData { HrefLink = confirmationLink, Url = AppDomain.CurrentDomain.BaseDirectory, FileName = "Email/confirm-en.html" }; emailBody = EmailTextFormatter.Format(templateObj); var subject = "Confirm your email address at " + Constants.PRODUCT; bool isEmailAllowed = emailSender.IsEmailAllowed(); if (isEmailAllowed) { EmailMessage emailMessage = new EmailMessage(); EmailAddress address = new EmailAddress(value.Person.Name, value.Address); emailMessage.To.Add(address); emailMessage.Body = emailBody; emailMessage.Subject = subject; await emailSender.SendEmailAsync(emailMessage, null, null, "Outgoing").ConfigureAwait(false); value.IsVerificationEmailSent = true; } else { value.IsVerificationEmailSent = false; } } catch (Exception ex) { return(ex.GetActionResult()); } var verificationEmail = await base.PostEntity(value).ConfigureAwait(false); return(verificationEmail); }