public static string GetOTLoginLink(string url, string user) { var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = user, Expires = DateTime.Now.AddHours(24) }; DbUtil.Db.OneTimeLinks.InsertOnSubmit(ot); DbUtil.Db.SubmitChanges(); return($"{Util.CmsHost2}Logon?ReturnUrl={HttpUtility.UrlEncode(url)}&otltoken={ot.Id.ToCode()}"); }
public static string GetAuthenticatedLink(User user, CMSDataContext db, string url) { OneTimeLink ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = user.Username, Expires = DateTime.Now.AddMinutes(15) }; db.OneTimeLinks.InsertOnSubmit(ot); db.SubmitChanges(); var returnUrl = HttpUtility.UrlEncode(url); return($"{db.ServerLink($"Logon?otltoken={ot.Id.ToCode()}&ReturnUrl={returnUrl}")}"); }
public LinkInfo(string link, string from, string id, bool hasorg = true) { this.link = link; this.from = from; try { if (!id.HasValue()) { throw LinkException("missing id"); } var guid = id.ToGuid(); if (guid == null) { throw LinkException("invalid id"); } ot = DbUtil.Db.OneTimeLinks.SingleOrDefault(oo => oo.Id == guid.Value); if (ot == null) { throw LinkException("missing link"); } a = ot.Querystring.SplitStr(",", 5); if (hasorg) { oid = a[0].ToInt(); } pid = a[1].ToInt(); #if DEBUG #else if (ot.Used) { throw LinkException("link used"); } if (ot.Expires.HasValue && ot.Expires < DateTime.Now) { throw LinkException("link expired"); } #endif } catch (Exception ex) { error = ex.Message; } }
private string ExternalLink(string setting) { var url = setting; if (setting.Contains("{token}")) { var expirationWindow = CurrentDatabase.Setting("OTLTokenExpirationMinutes", "5").ToInt(); var otl = new OneTimeLink { Id = Guid.NewGuid(), Querystring = Util.UserPeopleId.ToString(), Expires = DateTime.Now.AddMinutes(expirationWindow) }; CurrentDatabase.OneTimeLinks.InsertOnSubmit(otl); CurrentDatabase.SubmitChanges(); url = url.Replace("{token}", otl.Id.ToCode()); } return(url); }
public void SendOneTimeLink(string from, string url, string subject, string body) { var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = "{0},{1}".Fmt(divid ?? orgid ?? masterorgid, PeopleId) }; var Db = DbUtil.Db; Db.OneTimeLinks.InsertOnSubmit(ot); Db.SubmitChanges(); var message = body.Replace("{url}", url + ot.Id.ToCode(), ignoreCase: true); message = message.Replace("{name}", person.Name, ignoreCase: true); message = message.Replace("{first}", person.PreferredName, ignoreCase: true); Db.Email(from, person, subject, message); }
public ActionResult GetOneTimeRegisterLink(int OrgId, int PeopleId) { var ret = AuthenticateDeveloper(); if (ret.StartsWith("!")) { return(Content("/")); } var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = "{0},{1},0".Fmt(OrgId, PeopleId), Expires = DateTime.Now.AddMinutes(10), }; DbUtil.Db.OneTimeLinks.InsertOnSubmit(ot); DbUtil.Db.SubmitChanges(); DbUtil.LogActivity("APIPerson GetOneTimeRegisterLink {0}, {1}".Fmt(OrgId, PeopleId)); return(Content(Util.CmsHost2 + "OnlineReg/RegisterLink/" + ot.Id.ToCode())); }
public void Should_SubmitChanges_In_OneTimeLinks() { Guid id; using (var db = CMSDataContext.Create(DatabaseFixture.Host)) { OneTimeLink otl = new OneTimeLink { Id = Guid.NewGuid(), Querystring = DatabaseTestBase.RandomString(), Used = false, Expires = DateTime.Now.AddDays(1) }; db.OneTimeLinks.InsertOnSubmit(otl); db.SubmitChanges(); id = otl.Id; var result = db.OneTimeLinks.SingleOrDefault(o => o.Id == id); result.ShouldNotBeNull(); } }
public static string GetOTLoginLink(string url, string user) { var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = user, Expires = DateTime.Now.AddHours(24) }; DbUtil.Db.OneTimeLinks.InsertOnSubmit(ot); DbUtil.Db.SubmitChanges(); var b = DbUtil.Db.ServerLink(); if (url.StartsWith(b)) { url = url.Substring(b.Length - (b.EndsWith("/") ? 1 : 0)); } return($"{Util.CmsHost2}Logon?ReturnUrl={HttpUtility.UrlEncode(url)}&otltoken={ot.Id.ToCode()}"); }
public void Should_Get_LinkInfo(string link, string from) { Guid id; using (var db = CMSDataContext.Create(DatabaseFixture.Host)) { OneTimeLink otl = new OneTimeLink { Id = Guid.NewGuid(), Querystring = $"0,0,0,{"supportlink"}:1", Used = false, Expires = DateTime.Now.AddDays(1) }; db.OneTimeLinks.InsertOnSubmit(otl); db.SubmitChanges(); id = otl.Id; var linkInfo = new LinkInfo(db, link, from, id.ToCode()); linkInfo.ShouldNotBeNull(); } }
public ActionResult GetOneTimeRegisterLink(int OrgId, int PeopleId) { var ret = AuthenticateDeveloper(); if (ret.StartsWith("!")) { return(Content("/")); } var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = $"{OrgId},{PeopleId},0", Expires = DateTime.Now.AddMinutes(10) }; CurrentDatabase.OneTimeLinks.InsertOnSubmit(ot); CurrentDatabase.SubmitChanges(); DbUtil.LogActivity($"APIPerson GetOneTimeRegisterLink {OrgId}, {PeopleId}"); return(Content(CurrentDatabase.ServerLink() + "OnlineReg/RegisterLink/" + ot.Id.ToCode())); }
public void SendOneTimeLink(string from, string url, string subject, string body, string appendQueryString = "") { var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = $"{divid ?? orgid ?? masterorgid},{PeopleId}" }; //var Db = Db; CurrentDatabase.OneTimeLinks.InsertOnSubmit(ot); CurrentDatabase.SubmitChanges(); url = $"{url}{ot.Id.ToCode()}{(!string.IsNullOrWhiteSpace(appendQueryString) ? $"?{appendQueryString}" : string.Empty)}"; var message = body.Replace("{url}", url, ignoreCase: true); message = message.Replace(WebUtility.UrlEncode("{url}"), url, ignoreCase: true); message = message.Replace("{name}", person.Name, ignoreCase: true); message = message.Replace("{first}", person.PreferredName, ignoreCase: true); CurrentDatabase.Email(from, person, subject, message); }
public string GetOTLoginLink(string url, string user) { //todo: static? var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = user, Expires = DateTime.Now.AddHours(24) }; CurrentDatabase.OneTimeLinks.InsertOnSubmit(ot); CurrentDatabase.SubmitChanges(); var rootUrl = CurrentDatabase.ServerLink(); if (url.StartsWith(rootUrl)) { url = url.Substring(rootUrl.Length); } return($"{rootUrl}/Logon?ReturnUrl={HttpUtility.UrlEncode(url)}&otltoken={ot.Id.ToCode()}"); }
public static void ForgotPassword(string username) { // first find a user with the email address or username string msg = null; var path = new StringBuilder(); username = username.Trim(); var q = DbUtil.Db.Users.Where(uu => uu.Username == username || uu.Person.EmailAddress == username || uu.Person.EmailAddress2 == username ); if (!q.Any()) { path.Append("u0"); // could not find a user to match // so we look for a person without an account, to match the email address var minage = DbUtil.Db.Setting("MinimumUserAge", "16").ToInt(); var q2 = from uu in DbUtil.Db.People where uu.EmailAddress == username || uu.EmailAddress2 == username where uu.Age == null || uu.Age >= minage select uu; if (q2.Any()) { path.Append("p+"); // we found person(s), not a user // we will compose an email for each of them to create an account foreach (var p in q2) { var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = p.PeopleId.ToString() }; DbUtil.Db.OneTimeLinks.InsertOnSubmit(ot); DbUtil.Db.SubmitChanges(); var url = DbUtil.Db.ServerLink($"/Account/CreateAccount/{ot.Id.ToCode()}"); msg = DbUtil.Db.ContentHtml("ForgotPasswordReset", Resource1.AccountModel_ForgotPasswordReset); msg = msg.Replace("{name}", p.Name); msg = msg.Replace("{first}", p.PreferredName); msg = msg.Replace("{email}", username); msg = msg.Replace("{resetlink}", url); Util.SendMsg(ConfigurationManager.AppSettings["sysfromemail"], DbUtil.Db.CmsHost, Util.FirstAddress(DbUtil.AdminMail), "touchpointsoftware new password link", msg, Util.ToMailAddressList(p.EmailAddress ?? p.EmailAddress2), 0, null); } DbUtil.LogActivity($"ForgotPassword ('{username}', {path})"); return; } path.Append("p0"); if (!Util.ValidEmail(username)) { DbUtil.LogActivity($"ForgotPassword ('{username}', {path})"); return; } path.Append("n0"); msg = DbUtil.Db.ContentHtml("ForgotPasswordBadEmail", Resource1.AccountModel_ForgotPasswordBadEmail); msg = msg.Replace("{email}", username); Util.SendMsg(ConfigurationManager.AppSettings["sysfromemail"], DbUtil.Db.CmsHost, Util.FirstAddress(DbUtil.AdminMail), "Forgot password request for " + DbUtil.Db.Setting("NameOfChurch", "bvcms"), msg, Util.ToMailAddressList(username), 0, null); DbUtil.LogActivity($"ForgotPassword ('{username}', {path})"); return; } path.Append("u+"); // we found users who match, // so now we send the users who match the username or email a set of links to all their usernames var sb = new StringBuilder(); var addrlist = new List <MailAddress>(); foreach (var user in q) { Util.AddGoodAddress(addrlist, user.EmailAddress); user.ResetPasswordCode = Guid.NewGuid(); user.ResetPasswordExpires = DateTime.Now.AddHours(DbUtil.Db.Setting("ResetPasswordExpiresHours", "24").ToInt()); var link = DbUtil.Db.ServerLink($"/Account/SetPassword/{user.ResetPasswordCode}"); sb.Append($@"{user.Name}, <a href=""{link}"">{user.Username}</a><br>"); DbUtil.Db.SubmitChanges(); } msg = DbUtil.Db.ContentHtml("ForgotPasswordReset2", Resource1.AccountModel_ForgotPasswordReset2); msg = msg.Replace("{email}", username); msg = msg.Replace("{resetlink}", sb.ToString()); Util.SendMsg(ConfigurationManager.AppSettings["sysfromemail"], DbUtil.Db.CmsHost, Util.FirstAddress(DbUtil.AdminMail), "TouchPoint password reset link", msg, addrlist, 0, null); DbUtil.LogActivity($"ForgotPassword ('{username}', {path})"); }
public static string ForgotPassword(string username) { username = username.Trim(); var q = DbUtil.Db.Users.Where(uu => uu.Username == username || uu.Person.EmailAddress == username || uu.Person.EmailAddress2 == username ); var list = q.ToList(); if (list.Count == 0) { var minage = DbUtil.Db.Setting("MinimumUserAge", "16").ToInt(); var q2 = from uu in DbUtil.Db.People where uu.EmailAddress == username || uu.EmailAddress2 == username where uu.Age == null || uu.Age >= minage select uu; if (q2.Count() == 1) { var p = q2.Single(); var ot = new OneTimeLink { Id = Guid.NewGuid(), Querystring = p.PeopleId.ToString() }; DbUtil.Db.OneTimeLinks.InsertOnSubmit(ot); DbUtil.Db.SubmitChanges(); var url = Util.ServerLink("/Account/CreateAccount/{0}".Fmt(ot.Id.ToCode())); var message = DbUtil.Db.ContentHtml("ForgotPasswordReset", Resource1.AccountModel_ForgotPasswordReset); message = message.Replace("{email}", username); message = message.Replace("{resetlink}", url); Util.SendMsg(ConfigurationManager.AppSettings["sysfromemail"], DbUtil.Db.CmsHost, Util.FirstAddress(DbUtil.AdminMail), "bvcms new password link", message, Util.ToMailAddressList(p.EmailAddress ?? p.EmailAddress2), 0, null); return(Util.ObscureEmail(p.EmailAddress ?? p.EmailAddress2)); } if (Util.ValidEmail(username)) // did not find their email address, let them know this { var message = DbUtil.Db.ContentHtml("ForgotPasswordBadEmail", Resource1.AccountModel_ForgotPasswordBadEmail); message = message.Replace("{email}", username); Util.SendMsg(ConfigurationManager.AppSettings["sysfromemail"], DbUtil.Db.CmsHost, Util.FirstAddress(DbUtil.AdminMail), "Forgot password request for " + DbUtil.Db.Setting("NameOfChurch", "bvcms"), message, Util.ToMailAddressList(username), 0, null); return(Util.ObscureEmail(username)); } return(null); } else { var sb = new StringBuilder(); var addrlist = new List <MailAddress>(); foreach (var user in list) { Util.AddGoodAddress(addrlist, user.EmailAddress); user.ResetPasswordCode = Guid.NewGuid(); user.ResetPasswordExpires = DateTime.Now.AddHours(DbUtil.Db.Setting("ResetPasswordExpiresHours", "24").ToInt()); var link = Util.ServerLink("/Account/SetPassword/" + user.ResetPasswordCode.ToString()); sb.AppendFormat(@"{0}, <a href=""{1}"">{2}</a><br>", user.Name, link, user.Username); DbUtil.Db.SubmitChanges(); } var message = DbUtil.Db.ContentHtml("ForgotPasswordReset2", Resource1.AccountModel_ForgotPasswordReset2); message = message.Replace("{email}", username); message = message.Replace("{resetlink}", sb.ToString()); Util.SendMsg(ConfigurationManager.AppSettings["sysfromemail"], DbUtil.Db.CmsHost, Util.FirstAddress(DbUtil.AdminMail), "bvcms password reset link", message, addrlist, 0, null); if (addrlist.Count > 0) { return(Util.ObscureEmail(addrlist[0].Address)); } return("no email address"); } }