public AcceptUserCommandAsync(IAsyncDocumentSession session, AcceptRequestInformation info,
User user, string approvingAdmin)
{
_user = user;
_approvingAdmin = approvingAdmin;
_session = session;
_info = info;
}
public async Task <ActionResult> Accept(string application, string role, Guid token)
{
if (!ModelState.IsValid || string.IsNullOrEmpty(application) || string.IsNullOrEmpty(role) ||
token == Guid.Empty)
{
return(View(new AdminEmailViewModel("Email Approval", "Invalid parameters", null)));
}
Database = application;
using (var s = AsyncSession)
{
var config = await s.LoadAsync <Config>("1");
var user = await CommandExecutor.ExecuteCommandAsync(new GetUserByTokenCommandAsync(token, s));
if (user == null)
{
return(View(new AdminEmailViewModel("Email Approval", "User not found.", null)));
}
if (user.Token != token)
{
return(View(new AdminEmailViewModel(config.Description, "Incorrect token.", user)));
}
if (user.ExpirationDateTicks < DateTime.UtcNow.Ticks)
{
return(View(new AdminEmailViewModel(config.Description, "This token has expired after one month of inactivity.", user)));
}
var info = new AcceptRequestInformation(user.Email, role, token, application, null);
var response =
await CommandExecutor.ExecuteCommandAsync(new AcceptUserCommandAsync(s, info, user, "an Admin email link"));
if (response != null)
{
return(View(new AdminEmailViewModel(config.Description, response, user)));
}
return(View(new AdminEmailViewModel(config.Description, user)));
}
}
public async Task <HttpResponseMessage> Accept(AcceptRequestInformation info)
{
if (!ModelState.IsValid)
{
var errors = string.Join("; ", ModelState.Values
.SelectMany(x => x.Errors)
.Select(x => x.ErrorMessage));
return(Request.CreateResponse(HttpStatusCode.BadRequest,
new ResponseContainer(HttpStatusCode.BadRequest,
string.Format("Missing parameters. {0}", errors))));
}
if (string.IsNullOrEmpty(info.AdminToken) || !info.AdminToken.Contains("."))
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized,
new ResponseContainer(HttpStatusCode.Unauthorized,
"Bad Token.")));
}
Database = info.Application;
using (var s = AsyncSession)
{
var adminTokenParts = info.AdminToken.Split('.');
if (adminTokenParts.Length != 2)
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized,
new ResponseContainer(HttpStatusCode.Unauthorized,
"Bad Token.")));
}
var adminUser = await s.LoadAsync <User>(adminTokenParts[0]);
if (adminUser.AdminToken != info.AdminToken)
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized,
new ResponseContainer(HttpStatusCode.Unauthorized,
"Bad Token.")));
}
var user = await CommandExecutor.ExecuteCommandAsync(new GetUserCommandAsync(info.Email, s));
if (user == null)
{
return(Request.CreateResponse(HttpStatusCode.PreconditionFailed,
new ResponseContainer(HttpStatusCode.PreconditionFailed,
"User not found.")));
}
var response =
await
CommandExecutor.ExecuteCommandAsync(new AcceptUserCommandAsync(s, info, user, adminUser.FullName));
if (response != null)
{
return(Request.CreateResponse(HttpStatusCode.NotFound, response));
}
return(Request.CreateResponse(HttpStatusCode.Accepted));
}
}
