public virtual async Task <IActionResult> ConfirmEmailChange(string userId, string newEmail, string code) { ModelState.Clear(); if (userId == null || code == null) { return(this.RedirectToSiteRoot(CurrentSite)); } var user = await UserManager.FindByIdAsync(userId); if (user == null) { return(NotFound($"Unable to load user with ID '{UserManager.GetUserId(User)}'.")); } var model = new ChangeUserEmailViewModel { HasPassword = await UserManager.HasPasswordAsync(user), AccountApproved = user.AccountApproved, CurrentEmail = user.Email, NewEmail = newEmail, AllowUserToChangeEmail = CurrentSite.AllowUserToChangeEmail, EmailIsConfigured = await SiteCapabilities.SupportsEmailNotification(CurrentSite), RequireConfirmedEmail = CurrentSite.RequireConfirmedEmail }; try { var siteUrl = Url.Action(new UrlActionContext { Action = "Index", Controller = "Home", Protocol = HttpContext.Request.Scheme }); var success = await EmailChangeHandler.HandleEmailChangeConfirmation(model, user, newEmail, code, siteUrl); if (success) { this.AlertSuccess(model.SuccessNotification, true); } else { this.AlertDanger(model.SuccessNotification, true); } } catch (Exception ex) { this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."], true); Log.LogError(ex, $"Unexpected error occurred changing email address for user ID '{user.Id}'."); } return(await Index()); // Route back to Index Page, taking toast alerts along }
public virtual async Task <IActionResult> ChangeUserEmail(ChangeUserEmailViewModel model) { ModelState.Clear(); var user = await UserManager.FindByIdAsync(HttpContext.User.GetUserId()); if (user == null) { return(NotFound($"Unable to load user with ID '{UserManager.GetUserId(User)}'.")); } var requirePassword = await UserManager.HasPasswordAsync(user); model.HasPassword = requirePassword; model.AccountApproved = user.AccountApproved; model.CurrentEmail = user.Email; model.AllowUserToChangeEmail = CurrentSite.AllowUserToChangeEmail; model.EmailIsConfigured = await SiteCapabilities.SupportsEmailNotification(CurrentSite); model.RequireConfirmedEmail = CurrentSite.RequireConfirmedEmail; if (requirePassword) { if (string.IsNullOrWhiteSpace(model.Password)) { ModelState.AddModelError(string.Empty, "Password is required"); return(View(model)); } if (!await UserManager.CheckPasswordAsync(user, model.Password)) { ModelState.AddModelError(string.Empty, "Password not correct."); model.Password = ""; return(View(model)); } } if (!model.AccountApproved) { this.AlertDanger(StringLocalizer["This user account is not currently approved."]); return(View(model)); } if (!model.AllowUserToChangeEmail) { this.AlertDanger(StringLocalizer["Site is not configured to allow email changing."]); return(View(model)); } // Note - need to check the behaviour of this in related sites mode if (await UserManager.EmailExistsInDB(CurrentSite.Id, model.NewEmail)) { this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."]); return(View(model)); } var token = await UserManager.GenerateChangeEmailTokenAsync(user, model.NewEmail); var siteUrl = Url.Action(new UrlActionContext { Action = "Index", Controller = "Home", Protocol = HttpContext.Request.Scheme }); if (!model.RequireConfirmedEmail) { // no need for round-trip email confirmation try { var success = await EmailChangeHandler.HandleEmailChangeWithoutUserConfirmation(model, user, token, siteUrl); if (success) { this.AlertSuccess(model.SuccessNotification, true); } else { this.AlertDanger(model.SuccessNotification, true); } } catch (Exception ex) { this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."], true); Log.LogError(ex, $"Unexpected error occurred changing email address for user ID '{user.Id}'."); } } else { // send token in confirmation email try { var confirmationUrl = Url.Action(new UrlActionContext { Action = "ConfirmEmailChange", Controller = "Manage", Values = new { userId = user.Id.ToString(), newEmail = model.NewEmail, code = token }, Protocol = HttpContext.Request.Scheme }); var success = await EmailChangeHandler.HandleEmailChangeWithUserConfirmation(model, user, token, confirmationUrl, siteUrl); if (success) { this.AlertSuccess(model.SuccessNotification, true); return(View("EmailChangeConfirmationSent", model)); } else { this.AlertDanger(model.SuccessNotification, true); } } catch (Exception ex) { this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."], true); Log.LogError(ex, $"Unexpected error occurred sending email change confirmation for user ID '{user.Id}'."); } } return(await Index()); // Route back to Index Page, taking toast alerts along }