public async Task <bool> ConfirmEmailAddress(User user, string token)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
if (String.IsNullOrEmpty(token))
{
throw new ArgumentNullException(nameof(token));
}
if (user.EmailConfirmationToken != token)
{
return(false);
}
var conflictingUsers = FindAllByEmailAddress(user.UnconfirmedEmailAddress);
if (conflictingUsers.AnySafe(u => u.Key != user.Key))
{
throw new EntityException(Strings.EmailAddressBeingUsed, user.UnconfirmedEmailAddress);
}
await Auditing.SaveAuditRecord(new UserAuditRecord(user, AuditedUserAction.ConfirmEmail, user.UnconfirmedEmailAddress));
user.ConfirmEmailAddress();
await UserRepository.CommitChangesAsync();
return(true);
}
public bool ConfirmEmailAddress(User user, string token)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (String.IsNullOrEmpty(token))
{
throw new ArgumentNullException("token");
}
if (user.EmailConfirmationToken != token)
{
return(false);
}
var conflictingUsers = FindAllByEmailAddress(user.UnconfirmedEmailAddress);
if (conflictingUsers.AnySafe(u => u.Key != user.Key))
{
throw new EntityException(Strings.EmailAddressBeingUsed, user.UnconfirmedEmailAddress);
}
user.ConfirmEmailAddress();
UserRepository.CommitChanges();
return(true);
}
public bool ConfirmEmailAddress(User user, string token)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (String.IsNullOrEmpty(token))
{
throw new ArgumentNullException("token");
}
if (user.EmailConfirmationToken != token)
{
return(false);
}
user.ConfirmEmailAddress();
//added by fwang5: if use a same email register many times ,once activation ,all other records need clear username,token and unconfirmedEmail
IQueryable <User> list = FindByUnconfirmedEmailAddressList(user.EmailAddress, token);
foreach (User tmpUser in list)
{
//clear invalid register user
tmpUser.Username = tmpUser.EmailConfirmationToken;
tmpUser.EmailConfirmationToken = null;
tmpUser.UnconfirmedEmailAddress = null;
}
UserRepository.CommitChanges();
return(true);
}
public User AutoEnroll(string username, string password)
{
if (ValidateUser(username, password))
{
var searchResult = GetUserSearchResult(username, password);
var user = new User(GetStringProperty(searchResult, Properties.Username).ToLowerInvariant(), ".")
{
ApiKey = Guid.NewGuid(),
DisplayName = GetStringProperty(searchResult, Properties.DisplayName),
PasswordHashAlgorithm = "LDAP"
};
var email = GetStringProperty(searchResult, Properties.Email);
if (!string.IsNullOrEmpty(email))
{
user.EmailAllowed = true;
user.UnconfirmedEmailAddress = email.ToLowerInvariant();
user.EmailConfirmationToken = cryptoSvc.GenerateToken();
user.ConfirmEmailAddress();
}
userRepo.InsertOnCommit(user);
userRepo.CommitChanges();
return(user);
}
return(null);
}
public virtual User Create(
string username,
string password,
string emailAddress)
{
// TODO: validate input
// TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt
var existingUser = FindByUsername(username);
if (existingUser != null)
{
throw new EntityException(Strings.UsernameNotAvailable, username);
}
var existingUsers = FindAllByEmailAddress(emailAddress);
if (existingUsers.AnySafe())
{
throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress);
}
var hashedPassword = Crypto.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId);
var apiKey = Guid.NewGuid();
var newUser = new User(username)
{
ApiKey = apiKey,
EmailAllowed = true,
UnconfirmedEmailAddress = emailAddress,
EmailConfirmationToken = Crypto.GenerateToken(),
HashedPassword = hashedPassword,
PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId,
CreatedUtc = DateTime.UtcNow,
Roles = new List <Role> {
RoleRepository.GetEntity(2)
}
};
// Add a credential for the password and the API Key
newUser.Credentials.Add(CredentialBuilder.CreateV1ApiKey(apiKey));
newUser.Credentials.Add(new Credential(CredentialTypes.Password.Pbkdf2, newUser.HashedPassword));
if (!Config.ConfirmEmailAddresses)
{
newUser.ConfirmEmailAddress();
}
newUser.Roles.Add(RoleRepository.GetEntity(2));
UserRepository.InsertOnCommit(newUser);
UserRepository.CommitChanges();
return(newUser);
}
public virtual User Create(
string username,
string password,
string emailAddress)
{
// TODO: validate input
// TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt
var existingUser = FindByUsername(username);
if (existingUser != null)
{
throw new EntityException(Strings.UsernameNotAvailable, username);
}
var existingUsers = FindAllByEmailAddress(emailAddress);
if (existingUsers.AnySafe())
{
throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress);
}
var hashedPassword = Crypto.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId);
var apiKey = Guid.NewGuid();
var newUser = new User(username)
{
ApiKey = apiKey,
EmailAllowed = true,
UnconfirmedEmailAddress = emailAddress,
EmailConfirmationToken = Crypto.GenerateToken(),
HashedPassword = hashedPassword,
PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId,
CreatedUtc = DateTime.UtcNow
};
// Add a credential for the password and the API Key
newUser.Credentials.Add(CredentialBuilder.CreateV1ApiKey(apiKey));
newUser.Credentials.Add(new Credential(CredentialTypes.Password.Pbkdf2, newUser.HashedPassword));
if (!Config.ConfirmEmailAddresses)
{
newUser.ConfirmEmailAddress();
}
UserRepository.InsertOnCommit(newUser);
UserRepository.CommitChanges();
return newUser;
}
public virtual User Create(
string username,
string password,
string emailAddress)
{
// TODO: validate input
// TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt
var existingUser = FindByUsername(username);
if (existingUser != null)
{
throw new EntityException(Strings.UsernameNotAvailable, username);
}
existingUser = FindByEmailAddress(emailAddress);
if (existingUser != null)
{
throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress);
}
var hashedPassword = cryptoSvc.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId);
var newUser = new User(
username,
hashedPassword)
{
ApiKey = Guid.NewGuid(),
EmailAllowed = true,
EmailAllModerationNotifications = true,
UnconfirmedEmailAddress = emailAddress,
EmailConfirmationToken = cryptoSvc.GenerateToken(),
PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId,
};
if (!config.ConfirmEmailAddresses)
{
newUser.ConfirmEmailAddress();
}
userRepo.InsertOnCommit(newUser);
userRepo.CommitChanges();
return(newUser);
}
public virtual User Create(
string username,
string password,
string emailAddress)
{
// TODO: validate input
// TODO: consider encrypting email address with a public key, and having the background process that send messages have the private key to decrypt
var existingUser = FindByUsername(username);
if (existingUser != null)
{
throw new EntityException(Strings.UsernameNotAvailable, username);
}
existingUser = FindByEmailAddress(emailAddress);
if (existingUser != null)
{
throw new EntityException(Strings.EmailAddressBeingUsed, emailAddress);
}
var hashedPassword = _cryptoService.GenerateSaltedHash(password, Constants.PBKDF2HashAlgorithmId);
var newUser = new User(
username,
hashedPassword)
{
ApiKey = Guid.NewGuid(),
EmailAllowed = true,
UnconfirmedEmailAddress = emailAddress,
EmailConfirmationToken = _cryptoService.GenerateToken(),
PasswordHashAlgorithm = Constants.PBKDF2HashAlgorithmId,
};
if (!_config.ConfirmEmailAddresses)
{
newUser.ConfirmEmailAddress();
}
_userRepository.InsertOnCommit(newUser);
_userRepository.CommitChanges();
return newUser;
}
public async Task ChangeEmailAddress(User user, string newEmailAddress)
{
var existingUsers = FindAllByEmailAddress(newEmailAddress);
if (existingUsers.AnySafe(u => u.Key != user.Key))
{
throw new EntityException(Strings.EmailAddressBeingUsed, newEmailAddress);
}
await Auditing.SaveAuditRecordAsync(new UserAuditRecord(user, AuditedUserAction.ChangeEmail, newEmailAddress));
user.UpdateUnconfirmedEmailAddress(newEmailAddress, Crypto.GenerateToken);
if (!Config.ConfirmEmailAddresses)
{
user.ConfirmEmailAddress();
}
await UserRepository.CommitChangesAsync();
}
public bool ConfirmEmailAddress(User user, string token)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (String.IsNullOrEmpty(token))
{
throw new ArgumentNullException("token");
}
if (user.EmailConfirmationToken != token)
{
return false;
}
user.ConfirmEmailAddress();
_userRepo.CommitChanges();
return true;
}
public bool ConfirmEmailAddress(User user, string token)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (String.IsNullOrEmpty(token))
{
throw new ArgumentNullException("token");
}
if (user.EmailConfirmationToken != token)
{
return(false);
}
user.ConfirmEmailAddress();
userRepo.CommitChanges();
return(true);
}
public async Task<bool> ConfirmEmailAddress(User user, string token)
{
if (user == null)
{
throw new ArgumentNullException("user");
}
if (String.IsNullOrEmpty(token))
{
throw new ArgumentNullException("token");
}
if (user.EmailConfirmationToken != token)
{
return false;
}
var conflictingUsers = FindAllByEmailAddress(user.UnconfirmedEmailAddress);
if (conflictingUsers.AnySafe(u => u.Key != user.Key))
{
throw new EntityException(Strings.EmailAddressBeingUsed, user.UnconfirmedEmailAddress);
}
await Auditing.SaveAuditRecord(new UserAuditRecord(user, UserAuditAction.ConfirmEmail, user.UnconfirmedEmailAddress));
user.ConfirmEmailAddress();
UserRepository.CommitChanges();
return true;
}
