public AcceptUserCommandAsync(IAsyncDocumentSession session, AcceptRequestInformation info, User user, string approvingAdmin) { _user = user; _approvingAdmin = approvingAdmin; _session = session; _info = info; }
public async Task <ActionResult> Accept(string application, string role, Guid token) { if (!ModelState.IsValid || string.IsNullOrEmpty(application) || string.IsNullOrEmpty(role) || token == Guid.Empty) { return(View(new AdminEmailViewModel("Email Approval", "Invalid parameters", null))); } Database = application; using (var s = AsyncSession) { var config = await s.LoadAsync <Config>("1"); var user = await CommandExecutor.ExecuteCommandAsync(new GetUserByTokenCommandAsync(token, s)); if (user == null) { return(View(new AdminEmailViewModel("Email Approval", "User not found.", null))); } if (user.Token != token) { return(View(new AdminEmailViewModel(config.Description, "Incorrect token.", user))); } if (user.ExpirationDateTicks < DateTime.UtcNow.Ticks) { return(View(new AdminEmailViewModel(config.Description, "This token has expired after one month of inactivity.", user))); } var info = new AcceptRequestInformation(user.Email, role, token, application, null); var response = await CommandExecutor.ExecuteCommandAsync(new AcceptUserCommandAsync(s, info, user, "an Admin email link")); if (response != null) { return(View(new AdminEmailViewModel(config.Description, response, user))); } return(View(new AdminEmailViewModel(config.Description, user))); } }
public async Task <HttpResponseMessage> Accept(AcceptRequestInformation info) { if (!ModelState.IsValid) { var errors = string.Join("; ", ModelState.Values .SelectMany(x => x.Errors) .Select(x => x.ErrorMessage)); return(Request.CreateResponse(HttpStatusCode.BadRequest, new ResponseContainer(HttpStatusCode.BadRequest, string.Format("Missing parameters. {0}", errors)))); } if (string.IsNullOrEmpty(info.AdminToken) || !info.AdminToken.Contains(".")) { return(Request.CreateResponse(HttpStatusCode.Unauthorized, new ResponseContainer(HttpStatusCode.Unauthorized, "Bad Token."))); } Database = info.Application; using (var s = AsyncSession) { var adminTokenParts = info.AdminToken.Split('.'); if (adminTokenParts.Length != 2) { return(Request.CreateResponse(HttpStatusCode.Unauthorized, new ResponseContainer(HttpStatusCode.Unauthorized, "Bad Token."))); } var adminUser = await s.LoadAsync <User>(adminTokenParts[0]); if (adminUser.AdminToken != info.AdminToken) { return(Request.CreateResponse(HttpStatusCode.Unauthorized, new ResponseContainer(HttpStatusCode.Unauthorized, "Bad Token."))); } var user = await CommandExecutor.ExecuteCommandAsync(new GetUserCommandAsync(info.Email, s)); if (user == null) { return(Request.CreateResponse(HttpStatusCode.PreconditionFailed, new ResponseContainer(HttpStatusCode.PreconditionFailed, "User not found."))); } var response = await CommandExecutor.ExecuteCommandAsync(new AcceptUserCommandAsync(s, info, user, adminUser.FullName)); if (response != null) { return(Request.CreateResponse(HttpStatusCode.NotFound, response)); } return(Request.CreateResponse(HttpStatusCode.Accepted)); } }