public async Task <bool> ResetPassword(string userId, string token, string newPassword)
{
var user = await database.UserRepository.FindById(userId) ?? throw new EntityNotFoundException("Account does not exist", ErrorCodes.EntityNotFound);
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException("Your account is blocked");
}
var resetPasswordToken = user.Tokens.FirstOrDefault(t => t.Code == token && t.TokenType == TokenType.ResetPassword)
?? throw new TokenException("Token is invalid");
if (TokenExpirationSpecification.Create().IsSatisfied(resetPasswordToken))
{
throw new TokenException("Token expired", ErrorCodes.TokenExpired);
}
string saltedPasswordHash = string.Empty;
var passwordSalt = hashGenerator.CreateSalt();
hashGenerator.GenerateHash(newPassword, passwordSalt, out saltedPasswordHash);
user.SetPassword(saltedPasswordHash, passwordSalt);
if (await database.Complete())
{
user.Tokens.Remove(resetPasswordToken);
return(await database.Complete());
}
return(false);
}
public async Task <bool> ResetPassword(string email, string newPassword, string token)
{
var user = await userManager.FindByEmailAsync(email) ?? throw new EntityNotFoundException("User not found");
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException();
}
(token, newPassword) = (cryptoService.Decrypt(token), cryptoService.Decrypt(newPassword));
return((await userManager.ResetPasswordAsync(user, token, newPassword)).Succeeded);
}
public async Task <bool> SendResetPasswordCallback(string email, string newPassword)
{
var user = await userManager.FindByEmailAsync(email) ?? throw new EntityNotFoundException("User not found");
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException();
}
var resetPasswordToken = cryptoService.Encrypt(await userManager.GeneratePasswordResetTokenAsync(user));
newPassword = cryptoService.Encrypt(newPassword);
string callbackUrl = $"{Configuration.GetValue<string>(AppSettingsKeys.ClientAddress)}resetPassword/confirm?email={user.Email}&newPassword={newPassword}&token={resetPasswordToken}";
return(await emailSender.Send(EmailMessages.ResetPasswordEmail(email, user.UserName, callbackUrl)));
}
public async Task <bool> ConfirmAccount(string userId, string token)
{
var user = await database.UserRepository.FindById(userId) ?? throw new EntityNotFoundException("Account does not exist", ErrorCodes.EntityNotFound);
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException("Your account is blocked");
}
var registerToken = user.Tokens.FirstOrDefault(t => t.Code == token && t.TokenType == TokenType.Register)
?? throw new TokenException("Token is invalid");
user.ConfirmAccount();
user.Tokens.Remove(registerToken);
return(await database.Complete());
}
public async Task <bool> VerifyResetPasswordToken(string userId, string token)
{
var user = await database.UserRepository.FindById(userId) ?? throw new EntityNotFoundException("Account does not exist", ErrorCodes.EntityNotFound);
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException("Your account is blocked");
}
var resetPasswordToken = user.Tokens.FirstOrDefault(t => t.Code == token && t.TokenType == TokenType.ResetPassword)
?? throw new TokenException("Token is invalid");
if (TokenExpirationSpecification.Create().IsSatisfied(resetPasswordToken))
{
throw new TokenException("Token expired", ErrorCodes.TokenExpired);
}
return(true);
}
public async Task <SendResetPasswordResult> GenerateResetPasswordToken(string email)
{
var user = await database.UserRepository.Find(u => u.Email.ToLower() == email.ToLower()) ?? throw new EntityNotFoundException("Account does not exist", ErrorCodes.EntityNotFound);
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException("Your account is blocked");
}
var resetPasswordToken = Token.Create(TokenType.ResetPassword);
resetPasswordToken.SetExpirationDate(new TimeSpan(Constants.TokenExpirationTimeInHours, 0, 0));
user.Tokens.Add(resetPasswordToken);
return(await database.Complete()
? new SendResetPasswordResult(resetPasswordToken.Code, user.Id, user.Username, email)
: null);
}
public async Task <AuthResult> SignIn(string email, string password)
{
var user = await database.UserRepository.Find(u => u.Email.ToLower() == email.ToLower()) ?? throw new InvalidCredentialsException("Invalid email or password");
if (!UserConfirmedSpecification.Create().IsSatisfied(user))
{
throw new AccountNotConfirmedException("Account has not been activated");
}
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException("Your account is blocked");
}
if (hashGenerator.VerifyHash(password, user.PasswordHash, user.PasswordSalt))
{
var token = await jwtAuthorizationTokenGenerator.GenerateToken(user);
return(new AuthResult(token, user));
}
throw new InvalidCredentialsException("Invalid email or password");
}
public async Task <IdentityResult> SignIn(string email, string password)
{
var user = await userManager.FindByEmailAsync(email) ?? throw new InvalidCredentialsException("Invalid email address or password");
if (UserIsExternalSpecification.Create().IsSatisfied(user))
{
throw new InvalidCredentialsException("Invalid email address or password");
}
if (!UserConfirmedSpecification.Create().IsSatisfied(user))
{
throw new AccountNotConfirmedException("Account is not confirmed");
}
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException();
}
return((await signInManager.CheckPasswordSignInAsync(user, password, false)).Succeeded
? new IdentityResult(await jwtAuthorizationTokenGenerator.GenerateToken(user), user)
: throw new InvalidCredentialsException("Invalid email address or password"));
}
protected async Task <IdentityResult> AddUserLogin(string provider, string providerKey, string email, string username = null, string pictureUrl = null)
{
var userLoginInfo = new UserLoginInfo(provider, providerKey, provider);
var user = await userManager.FindByLoginAsync(userLoginInfo.LoginProvider, userLoginInfo.ProviderKey)
?? await userManager.FindByEmailAsync(email);
if (user == null)
{
user = User.Create(email, username ?? email);
await userManager.CreateAsync(user);
}
await userManager.AddLoginAsync(user, userLoginInfo);
if (user == null)
{
throw new ExternalAuthException("Invalid external authentication");
}
await rolesManager.AdmitRole(RoleName.ExternalUser, user);
if (!user.IsRegistered())
{
user.SetAvatarUrl(pictureUrl);
await unitOfWork.Complete();
}
if (UserBlockedSpecification.Create().IsSatisfied(user))
{
throw new BlockException();
}
var token = await jwtAuthorizationTokenGenerator.GenerateToken(user);
return(new IdentityResult(token, user));
}
