public virtual async Task <ActionResult> ChangeEmail(UserAccountViewModel model)
{
if (!ModelState.IsValidField("ChangeEmail.NewEmail"))
{
return(AccountView(model));
}
var user = GetCurrentUser();
if (user.HasPassword())
{
if (!ModelState.IsValidField("ChangeEmail.Password"))
{
return(AccountView(model));
}
Credential _;
if (!_authService.ValidatePasswordCredential(user.Credentials, model.ChangeEmail.Password, out _))
{
ModelState.AddModelError("ChangeEmail.Password", Strings.CurrentPasswordIncorrect);
return(AccountView(model));
}
}
// No password? We can't do any additional verification...
if (string.Equals(model.ChangeEmail.NewEmail, user.LastSavedEmailAddress, StringComparison.OrdinalIgnoreCase))
{
// email address unchanged - accept
return(RedirectToAction(actionName: "Account", controllerName: "Users"));
}
try
{
await _userService.ChangeEmailAddress(user, model.ChangeEmail.NewEmail);
}
catch (EntityException e)
{
ModelState.AddModelError("ChangeEmail.NewEmail", e.Message);
return(AccountView(model));
}
if (user.Confirmed)
{
var confirmationUrl = Url.ConfirmEmail(user.Username, user.EmailConfirmationToken, relativeUrl: false);
_messageService.SendEmailChangeConfirmationNotice(new MailAddress(user.UnconfirmedEmailAddress, user.Username), confirmationUrl);
TempData["Message"] = Strings.EmailUpdated_ConfirmationRequired;
}
else
{
TempData["Message"] = Strings.EmailUpdated;
}
return(RedirectToAction(actionName: "Account", controllerName: "Users"));
}
private void UpdateUserAccountModel(User account, UserAccountViewModel model)
{
model.CredentialGroups = GetCredentialGroups(account);
model.SignInCredentialCount = model
.CredentialGroups
.Where(p => p.Key == CredentialKind.Password || p.Key == CredentialKind.External)
.Sum(p => p.Value.Count);
model.ExpirationInDaysForApiKeyV1 = _config.ExpirationInDaysForApiKeyV1;
model.ChangePassword = model.ChangePassword ?? new ChangePasswordViewModel();
model.ChangePassword.EnablePasswordLogin = model.HasPassword;
}
public virtual async Task <ActionResult> ChangeEmailSubscription(UserAccountViewModel model)
{
var user = GetCurrentUser();
await _userService.ChangeEmailSubscriptionAsync(
user,
model.ChangeNotifications.EmailAllowed,
model.ChangeNotifications.NotifyPackagePushed);
TempData["Message"] = Strings.EmailPreferencesUpdated;
return(RedirectToAction("Account"));
}
public virtual async Task <ActionResult> CancelChangeEmail(UserAccountViewModel model)
{
var user = GetCurrentUser();
if (string.IsNullOrWhiteSpace(user.UnconfirmedEmailAddress))
{
return(RedirectToAction(actionName: "Account", controllerName: "Users"));
}
await _userService.CancelChangeEmailAddress(user);
TempData["Message"] = Strings.CancelEmailAddress;
return(RedirectToAction(actionName: "Account", controllerName: "Users"));
}
public virtual async Task <ActionResult> ChangePassword(UserAccountViewModel model)
{
var user = GetCurrentUser();
var oldPassword = user.Credentials.FirstOrDefault(
c => c.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase));
if (oldPassword == null)
{
// User is requesting a password set email
var resetResultType = await _authService.GeneratePasswordResetToken(user, Constants.PasswordResetTokenExpirationHours * 60);
if (resetResultType == PasswordResetResultType.UserNotConfirmed)
{
ModelState.AddModelError("ChangePassword", Strings.UserIsNotYetConfirmed);
return(AccountView(model));
}
return(SendPasswordResetEmail(user, forgotPassword: false));
}
else
{
if (!model.ChangePassword.EnablePasswordLogin)
{
return(await RemovePassword());
}
if (!ModelState.IsValidField("ChangePassword"))
{
return(AccountView(model));
}
if (model.ChangePassword.NewPassword != model.ChangePassword.VerifyPassword)
{
ModelState.AddModelError("ChangePassword.VerifyPassword", Strings.PasswordDoesNotMatch);
return(AccountView(model));
}
if (!await _authService.ChangePassword(user, model.ChangePassword.OldPassword, model.ChangePassword.NewPassword))
{
ModelState.AddModelError("ChangePassword.OldPassword", Strings.CurrentPasswordIncorrect);
return(AccountView(model));
}
TempData["Message"] = Strings.PasswordChanged;
return(RedirectToAction("Account"));
}
}
