public void VerificationTokenClearedIfValidPassword() { var id = TestData.AnneEmailNotVerifiedPasswordNotSet.Id; var token = new VerificationToken(TestData.AnneEmailNotVerifiedPasswordNotSet.VerificationToken); Assert.AreEqual(VerifyResult.Success, this.membership.CheckAndClearVerificationToken(id, token, "password123;")); }
public ActionResult VerifyEmail(string guidCode) { try { ActionResult actionResult = ServiceHelper.IsAnyNullOrEmpty(guidCode); if (actionResult.Success) { actionResult.Success = false; return(actionResult); } VerificationToken verification = UserManagement.GetVerificationToken(guidCode); ActionResult result = UserManagement.VerifyToken(verification.UserEmail, verification.UserToken); Uri requestUrl = new Uri(HttpContext.Current.Request.Url, "/index.html?" + result.Success); HttpContext.Current.Response.Redirect(requestUrl.ToString()); return(result); } catch (Exception exception) { Dictionary <string, string> dictionary = guidCode.ToDictionary(); ServiceHelper.LogException(exception, dictionary, ErrorSource.Authentication); return(new ActionResult { Success = false, Message = "Error, failed to verify email." }); } }
public async Task <IActionResult> VerifyToken(string userId, [FromBody] VerificationToken vToken) { var user = await _userManager.FindByIdAsync(userId); if (user == null) { return(NotFound(new { Error = $"A user with Id '{ userId }' could not be found." })); } var tokenIsValid = await _userManager.VerifyUserTokenAsync(user, "PhoneNumberConfirmation", "PhoneNumberConfirmation", vToken.Token); if (tokenIsValid) { // should only happen after proper verification code has been supplied. user.PhoneNumberConfirmed = true; var result = await _userManager.UpdateAsync(user); if (result.Succeeded) { return(Ok(new { Result = "success", User = user })); } } return(BadRequest(new { Result = "failed" })); }
public void VerificationTokenCantBeClearedIfPasswordIsNotSet() { var id = TestData.AnneEmailNotVerifiedPasswordNotSet.Id; var token = new VerificationToken(TestData.AnneEmailNotVerifiedPasswordNotSet.VerificationToken); Assert.AreEqual(VerifyResult.InvalidPassword, this.membership.CheckAndClearVerificationToken(id, token)); }
public async Task Delete(string id) { VerificationToken verificationToken = await _context.VerificationTokens.FindAsync(id); _context.VerificationTokens.Remove(verificationToken); await _context.SaveChangesAsync(); }
public async Task SendConfirmationMail(int userId) { var user = _context.Users.FirstOrDefault(u => u.Id == userId); if (user == null) { _logger.LogWarning(LoggingEvents.HaveException, $"not found user"); throw new NotFoundException("user", userId); } if (user.EmailConfirmed) { _logger.LogWarning(LoggingEvents.HaveException, $"email confirmed exception"); throw new EmailConfirmedException(); } string token = GenerateSymbols.GenerateRandomSymbols(); var verificationToken = new VerificationToken() { Token = token, UserId = userId }; _context.VerificationTokens.Add(verificationToken); await _context.SaveChangesAsync(); await _emailService.SendEmailVerificationMail(user.Email, token); }
public static ActionResult SaveVerificationDetails(string email, string token) { VerificationToken verification = new VerificationToken(); try { ESamhashoEntities entities = new ESamhashoEntities(); string guidCode = Guid.NewGuid().ToString(); verification = new VerificationToken { Id = guidCode, ExpiryDate = DateTime.Now.AddDays(1), UserEmail = email, UserToken = token }; entities.VerificationTokens.Add(verification); entities.SaveChanges(); return(new ActionResult { Success = true, Message = verification.Id }); } catch (Exception exception) { Dictionary <string, string> dictionary = verification.ToDictionary(); ServiceHelper.LogException(exception, dictionary, ErrorSource.UserManagement); return(new ActionResult { Success = false, Message = "Error, failed to save verification details." }); } }
public async void ResolveVerification_OnNotMatchingCode_BadRequest() { //Arrange var resolveDto = new VerificationResolveDto { PhoneNumber = "491736890", Password = "******", VerificationCode = "123456" }; var token = new VerificationToken { Expires = DateTime.MaxValue }; var userManagerMock = MockHelpers.GetMockUserManager(); var persistenceMock = new Mock <IIdentityPersistence>(); persistenceMock .Setup(r => r.VerificationTokens .FindByUserAsync(It.IsAny <string>())) .ReturnsAsync(token); var messageSenderMock = new Mock <ISmsSender>(); var configurationMock = new Mock <IConfigurationService>(); //Act var controller = new VerificationController(_logger, persistenceMock.Object, messageSenderMock.Object, configurationMock.Object, userManagerMock.Object); var response = await controller.ResolveVerification(resolveDto); //Assert Assert.IsType <BadRequestObjectResult>(response); }
public async Task <bool> SendVerificationCodeAsync(string phoneNumber, VerificationCodeType type, string data = null) { string code = GenerateCode(); bool isTestMode = phoneNumber.StartsWith("+4475555"); var verificationToken = new VerificationToken { CreateDate = DateTime.UtcNow, TokenHash = _hashService.GetHash(isTestMode ? "1111" : code), PhoneNumber = phoneNumber, Type = type, Data = data }; _unitOfWork.Repository <VerificationToken>().Insert(verificationToken); _unitOfWork.SaveChanges(); if (!isTestMode) { await SendMessageAsync(phoneNumber, $"Your verification code: {code}"); } _logger.LogError($"Your verification code: {code}"); return(true); }
public async Task <IActionResult> OnGetAsync(Guid verificationIdentifier, int participantId) { // ---------- request cookie ------------ var cookieValue = Request.Cookies["MyCookieId"]; if (cookieValue == null) { Message = "Benutzer war nicht angemeldet"; return(RedirectToPage("Login", Message)); } // LoggedUserId = int.Parse(cookieValue); // -------------------------------------- VerificationIdentifier = verificationIdentifier; VerificationToken verificationToken = await _unitOfWork .VerificationTokens .GetTokenByIdentifierAsync(verificationIdentifier); ParticipantId = participantId; if (!ModelState.IsValid) { Message = "Angaben sind nicht korrekt"; return(Page()); } if (verificationToken.ValidUntil < DateTime.Now) { return(RedirectToPage("/Security/TokenError")); } return(Page()); }
public async Task <IActionResult> OnPostAsync() { if (!ModelState.IsValid) { return(Page()); } if (SocialSecurityNumber != "0000080348") { ModelState.AddModelError(nameof(SocialSecurityNumber), "Diese SVNr ist unbekannt!"); return(Page()); } //analog für HandyNr VerificationToken verificationToken = VerificationToken.NewToken(); await _unitOfWork.VerificationTokens.AddAsync(verificationToken); await _unitOfWork.SaveChangesAsync(); _smsService.SendSms(Mobilnumber, "CoronaTest - Token: {verificationToken.token}!"); return(RedirectToPage("/Security/Verification", new { verificationIdentifier = verificationToken.Identifier })); }
public void UpdateUserAndToken(User user, VerificationToken verificationToken) { using (var transaction = _dbContext.Database.BeginTransaction()) { try { var oldUser = _dbContext.Users.FirstOrDefault(u => u.UserId == user.UserId); if (oldUser != null) { oldUser.IsEmailVerified = user.IsEmailVerified; oldUser.IsPhoneVerified = user.IsPhoneVerified; } _dbContext.SaveChanges(); var oldVerificationToken = _dbContext.VerificationTokens.FirstOrDefault(vt => vt.Token == verificationToken.Token); if (oldVerificationToken != null) { oldVerificationToken.IsActive = false; } _dbContext.SaveChanges(); // Commit transaction if all commands succeed, transaction will auto-rollback // when disposed if either commands fails transaction.Commit(); } catch (Exception e) { transaction.Rollback(); throw e; } } }
///<Summary> /// OnPost ///</Summary> public async Task <IActionResult> OnPostAsync() { if (!ModelState.IsValid) { return(Page()); } var participant = await _unitOfWork.ParticipantRepository.GetByParticipantBySocialSecurityNumberAndMobileNumberAsync(SocialSecurityNumber); if (SocialSecurityNumber != participant?.SocialSecurityNumber) { ModelState.AddModelError(nameof(SocialSecurityNumber), "Diese SVNr ist unbekannt!"); return(Page()); } if (Mobilenumber != participant?.Mobilenumber) { ModelState.AddModelError(nameof(Mobilenumber), "Diese Handynummer ist unbekannt!"); return(Page()); } VerificationToken verificationToken = VerificationToken.NewToken(participant); await _unitOfWork.VerificationTokens.AddAsync(verificationToken); await _unitOfWork.SaveChangesAsync(); _smsService.SendSms(Mobilenumber, $"CoronaTest - Token: {verificationToken.Token} !"); return(RedirectToPage("/Security/Verification", new { verificationIdentifier = verificationToken.Identifier })); }
public async Task <ActionResult <IResponseObject> > PatchUserVerified(UserVerificationRequestDTO verificationDTO) { VerificationToken token = await _verificationTokenRepository.GetById(verificationDTO.VerificationTokenId); if (token == null || DateTime.Now >= token.Expiration) { return(BadRequest(UserUpdateErrorTitle, UserUpdateVerificationErrorDetail)); } User user = await _userRepository.GetByEmail(token.Email); if (user == null) { return(BadRequest(UserUpdateErrorTitle, UserUpdateVerificationUserErrorDetail)); } user.Verified = true; await _verificationTokenRepository.DeleteByEmail(user.Email); ActionResult <IResponseObject> response = await TryPerformUserUpdate(user); var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Email, user.Email), new Claim(ClaimTypes.Name, user.Username), new Claim(ClaimTypes.Role, user.Role.ToString()) }; var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity)); return(response); }
public async Task <IActionResult> Register([FromBody] RegisterUserData registerUserData) { try { //Encrypt user password registerUserData.Password = BC.HashPassword(registerUserData.Password); //Check is email in use User user = await _usersDataAccess.GetUserByEmailAsync(registerUserData.Email); if (user != null) { ModelState.AddModelError("Email", "Email address is taken"); } //Check is username in use user = await _usersDataAccess.GetUserByUserNameAsync(registerUserData.Username); if (user != null) { ModelState.AddModelError("Username", "Username is taken"); } //If there are errors send them to client app if (ModelState.IsValid == false) { return(Conflict(ModelState)); } //Create a user from register user data user = new User(registerUserData); //Set user as unverified user.IsVerified = false; //Insert user to db await _usersDataAccess.CreateUserAsync(user); //Create verification token VerificationToken token = _tokenManipulation.GenerateVerificationToken(user.Id); //Set token purpose token.TokenPurpose = TokenPurposeEnum.EmailVerification; //Insert verification token in database await _verificationTokenDataAccess.InsertVerificationTokenAsync(token); //Send email with verification token await _mailService.SendVerificationTokenAsync(token.Token, user); return(Ok(new { message = $"Thank you for registering! Verification token has been sent to {user.Email}" })); } catch (Exception ex) { _logger.LogError(ex, "Server Error"); return(StatusCode(500)); } }
public async Task <IActionResult> VerifyTransactionStatus(VerifyTransactionStatusInput input) { if (input == null || !input.Validate()) { return(Conflict(new B2CErrorResponseContent("Cannot deserialize input claims"))); } var token = new VerificationToken(appSettings); token.Decrypt(input.VerificationToken); var statusResponse = await httpService.GetAsync <JumioTransactionStatus>($"{jumioSettings.BaseUrl}/api/netverify/v2/scans/{token.TransactionReference}"); if (!statusResponse.Status) { return(Conflict(new B2CErrorResponseContent(statusResponse.Message))); } else if (statusResponse.Data.Status == Constants.JumioTransactionStatus.Pending) { token.Message = $"The document verification is still pending. (Status {statusResponse.Data.Status})"; return(Ok(new VerifyTransactionStatusOutput() { Status = "RETRY", VerificationToken = token.GenerateToken() })); } else if (statusResponse.Data.Status == Constants.JumioTransactionStatus.Failed) { token.Message = $"The document uploading has failed. (Status {statusResponse.Data.Status})"; return(Ok(new VerifyTransactionStatusOutput() { Status = "FAILED", VerificationToken = token.GenerateToken() })); } var dataResponse = await httpService.GetAsync <JumioTransactionData>($"{jumioSettings.BaseUrl}/api/netverify/v2/scans/{token.TransactionReference}/data"); if (!dataResponse.Status) { return(Conflict(new B2CErrorResponseContent(dataResponse.Message))); } else if (dataResponse.Data?.Document?.Status != Constants.JumioDocumentStatus.ApprovedVerified) { token.Message = dataResponse.Data?.Document == null ? $"Document failed. (Status {dataResponse.Data?.Document?.Status})" : $"Document failed. (Status {dataResponse.Data.Document.Type} - {dataResponse.Data.Document.Status})"; return(Ok(new VerifyTransactionStatusOutput() { Status = "FAILED", VerificationToken = token.GenerateToken() })); } token.Message = $"Document verified successfully. (Status {dataResponse.Data?.Document?.Status})"; token.IsVerified = true; return(Ok(new VerifyTransactionStatusOutput() { Status = "SUCCESS", VerificationToken = token.GenerateToken() })); }
public void FreshToken() { var token = VerificationToken.Generate(this.timestamp); var timeSpan = new TimeSpan(1, 0, 0); Assert.IsTrue(token.IsFresh(timeSpan, this.timestamp.Add(timeSpan))); Assert.IsFalse(token.IsFresh(timeSpan, this.timestamp.Add(timeSpan).AddMilliseconds(1))); }
public async Task AddAsync(VerificationToken request) { if (request == null) { return; } await _context.VerificationTokens.AddAsync(request); }
public void Update(VerificationToken verificationToken) { var oldVerificationToken = _dbContext.VerificationTokens.FirstOrDefault(vt => vt.Token == verificationToken.Token); if (oldVerificationToken != null) { oldVerificationToken.IsActive = verificationToken.IsActive; } _dbContext.SaveChanges(); }
public void DataPreserved() { var token = VerificationToken.Generate(this.timestamp); Assert.AreEqual(this.timestamp, token.Timestamp); var parsedToken = VerificationToken.Parse(token.ToString()); Assert.AreEqual(token.Data, parsedToken.Data); }
/// <summary> /// Generates verification token for email verification /// </summary> /// <param name="userId">Id of a user</param> /// <returns>Verification token model</returns> public VerificationToken GenerateVerificationToken(int userId) { VerificationToken token = new VerificationToken(); Random random = new Random(); token.Token = random.Next(0, 100000).ToString("D5"); token.CreatedAt = DateTime.UtcNow; token.UserId = userId; return(token); }
public async Task AddOrReplaceAsync(VerificationToken request) { var requestInDb = await FindByUserAsync(request.User); if (requestInDb != null) { Remove(requestInDb); } await AddAsync(request); }
public async Task <IActionResult> OnGet(Guid?verificationIdentifier) { if (verificationIdentifier == null) { return(RedirectToPage("../Security/TokenError")); } VerificationToken verificationToken = await _unitOfWork.VerificationTokens.GetTokenByIdentifierAsync(verificationIdentifier.Value); Participant = new ParticipantDto2(verificationToken.Participant); //id null? Examinations = await _unitOfWork.ExaminationRepository.GetExaminationByParticipant(Participant.Id); return(Page()); }
public async Task <IActionResult> OnGetAsync(Guid verificationIdentifier) { VerificationToken verificationToken = await _unitOfWork.VerificationTokens.GetTokenByIdentifierAsync(verificationIdentifier); if (verificationToken?.Identifier == verificationIdentifier && verificationToken.ValidUntil >= DateTime.Now) { return(RedirectToPage("../Participants/LogIn", new { verificationIdentifier = verificationToken.Identifier })); } else { return(RedirectToPage("/Security/TokenError")); } }
private static async Task SetToken(string email, string token) { var verificationToken = new VerificationToken { RowKey = email, PartitionKey = "verification", Token = token }; var table = await Table.GetTableAsync("catering"); await table.ExecuteAsync(TableOperation.InsertOrReplace(verificationToken)); }
public async Task <IActionResult> OnPostAsync() { VerificationToken verificationToken = await _unitOfWork.VerificationTokens.GetTokenByIdentifierAsync(VerificationIdentifier); if (verificationToken.Token == Token && verificationToken.ValidUntil >= DateTime.Now) { return(RedirectToPage("/Security/Success", new { verificationIdentifier = verificationToken.Identifier })); } else { return(RedirectToPage("/Security/TokenError")); } }
public static bool ResolveTokenWithDto(this VerificationToken token, VerificationResolveDto dto) { if (dto == null) { throw new ArgumentNullException(); } if (string.CompareOrdinal(token.User, dto.PhoneNumber) != 0 || string.CompareOrdinal(token.Code, dto.VerificationCode) != 0) { return(false); } return(true); }
public async Task InsertVerificationTokenAsync(VerificationToken token) { using (var connection = new SqlConnection(_connectionString.Value)) { var p = new DynamicParameters(); p.Add("@UserId", token.UserId); p.Add("@Token", token.Token); p.Add("@CreatedAt", token.CreatedAt); p.Add("@TokenPurpose", token.TokenPurpose); await connection .ExecuteAsync("dbo.spVerificationTokens_Insert", p, commandType : CommandType.StoredProcedure); } }
public IActionResult InitializeVerification(InitializeVerificationInput input) { if (input == null || !input.Validate()) { return(Conflict(new B2CErrorResponseContent("Cannot deserialize input claims"))); } var token = new VerificationToken(appSettings) { ObjectId = input.ObjectId, TransactionReference = input.TransactionReference }; return(Ok(new InitializeVerificationOutput() { VerificationToken = token.GenerateToken() })); }
public async Task <IActionResult> VerifyEmail([FromBody] VerifyEmailData verifyEmailData) { try { // Get user from email User user = await _usersDataAccess.GetUserByEmailAsync(verifyEmailData.Email); // Get verification token model from token that comes from the body and user id VerificationToken token = await _verificationTokenDataAccess .GetVerificationTokenAsync(user.Id, verifyEmailData.VerificationToken, TokenPurposeEnum.EmailVerification); // If there is a token update user model and database for IsVerified if (token != null) { user.IsVerified = true; await _usersDataAccess.UpdateUserWhenVerifiedAsync(user); //Add access token to user user.AccessToken = _tokenManipulation.GenerateAccessToken(user.Id); //Return user data return(Ok(new { user.Id, user.Username, user.AccessToken })); } else { //Return bad request return(BadRequest(new { errors = "Invalid verification token" })); } } catch (Exception ex) { _logger.LogError(ex, "Server Error"); return(StatusCode(500)); } }
public void VerificationTokenCantBeClearedIfPasswordIsNotSet() { var id = TestData.AnneEmailNotVerifiedPasswordNotSet.Id; var token = new VerificationToken(TestData.AnneEmailNotVerifiedPasswordNotSet.VerificationToken); Assert.AreEqual(VerifyResult.InvalidPassword, this.membership.CheckAndClearVerificationToken(id, token)); }
public void VerificationTokenClearedIfValidPassword() { var id = TestData.AnneEmailNotVerifiedPasswordNotSet.Id; var token = new VerificationToken(TestData.AnneEmailNotVerifiedPasswordNotSet.VerificationToken); Assert.AreEqual(VerifyResult.Success, this.membership.CheckAndClearVerificationToken(id, token, "password123;")); }