Пример #1
0
        public virtual async Task <IActionResult> ConfirmEmailChange(string userId, string newEmail, string code)
        {
            ModelState.Clear();

            if (userId == null || code == null)
            {
                return(this.RedirectToSiteRoot(CurrentSite));
            }

            var user = await UserManager.FindByIdAsync(userId);

            if (user == null)
            {
                return(NotFound($"Unable to load user with ID '{UserManager.GetUserId(User)}'."));
            }

            var model = new ChangeUserEmailViewModel
            {
                HasPassword            = await UserManager.HasPasswordAsync(user),
                AccountApproved        = user.AccountApproved,
                CurrentEmail           = user.Email,
                NewEmail               = newEmail,
                AllowUserToChangeEmail = CurrentSite.AllowUserToChangeEmail,
                EmailIsConfigured      = await SiteCapabilities.SupportsEmailNotification(CurrentSite),
                RequireConfirmedEmail  = CurrentSite.RequireConfirmedEmail
            };

            try
            {
                var siteUrl = Url.Action(new UrlActionContext
                {
                    Action     = "Index",
                    Controller = "Home",
                    Protocol   = HttpContext.Request.Scheme
                });

                var success = await EmailChangeHandler.HandleEmailChangeConfirmation(model, user, newEmail, code, siteUrl);

                if (success)
                {
                    this.AlertSuccess(model.SuccessNotification, true);
                }
                else
                {
                    this.AlertDanger(model.SuccessNotification, true);
                }
            }
            catch (Exception ex)
            {
                this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."], true);
                Log.LogError(ex, $"Unexpected error occurred changing email address for user ID '{user.Id}'.");
            }

            return(await Index()); // Route back to Index Page, taking toast alerts along
        }
Пример #2
0
        public virtual async Task <IActionResult> ChangeUserEmail(ChangeUserEmailViewModel model)
        {
            ModelState.Clear();

            var user = await UserManager.FindByIdAsync(HttpContext.User.GetUserId());

            if (user == null)
            {
                return(NotFound($"Unable to load user with ID '{UserManager.GetUserId(User)}'."));
            }

            var requirePassword = await UserManager.HasPasswordAsync(user);

            model.HasPassword            = requirePassword;
            model.AccountApproved        = user.AccountApproved;
            model.CurrentEmail           = user.Email;
            model.AllowUserToChangeEmail = CurrentSite.AllowUserToChangeEmail;
            model.EmailIsConfigured      = await SiteCapabilities.SupportsEmailNotification(CurrentSite);

            model.RequireConfirmedEmail = CurrentSite.RequireConfirmedEmail;

            if (requirePassword)
            {
                if (string.IsNullOrWhiteSpace(model.Password))
                {
                    ModelState.AddModelError(string.Empty, "Password is required");
                    return(View(model));
                }

                if (!await UserManager.CheckPasswordAsync(user, model.Password))
                {
                    ModelState.AddModelError(string.Empty, "Password not correct.");
                    model.Password = "";
                    return(View(model));
                }
            }

            if (!model.AccountApproved)
            {
                this.AlertDanger(StringLocalizer["This user account is not currently approved."]);
                return(View(model));
            }

            if (!model.AllowUserToChangeEmail)
            {
                this.AlertDanger(StringLocalizer["Site is not configured to allow email changing."]);
                return(View(model));
            }

            // Note - need to check the behaviour of this in related sites mode
            if (await UserManager.EmailExistsInDB(CurrentSite.Id, model.NewEmail))
            {
                this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."]);
                return(View(model));
            }

            var token = await UserManager.GenerateChangeEmailTokenAsync(user, model.NewEmail);

            var siteUrl = Url.Action(new UrlActionContext
            {
                Action     = "Index",
                Controller = "Home",
                Protocol   = HttpContext.Request.Scheme
            });

            if (!model.RequireConfirmedEmail)
            {
                // no need for round-trip email confirmation
                try
                {
                    var success = await EmailChangeHandler.HandleEmailChangeWithoutUserConfirmation(model, user, token, siteUrl);

                    if (success)
                    {
                        this.AlertSuccess(model.SuccessNotification, true);
                    }
                    else
                    {
                        this.AlertDanger(model.SuccessNotification, true);
                    }
                }
                catch (Exception ex)
                {
                    this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."], true);
                    Log.LogError(ex, $"Unexpected error occurred changing email address for user ID '{user.Id}'.");
                }
            }
            else
            {
                // send token in confirmation email
                try
                {
                    var confirmationUrl = Url.Action(new UrlActionContext
                    {
                        Action     = "ConfirmEmailChange",
                        Controller = "Manage",
                        Values     = new { userId = user.Id.ToString(), newEmail = model.NewEmail, code = token },
                        Protocol   = HttpContext.Request.Scheme
                    });

                    var success = await EmailChangeHandler.HandleEmailChangeWithUserConfirmation(model, user, token, confirmationUrl, siteUrl);

                    if (success)
                    {
                        this.AlertSuccess(model.SuccessNotification, true);
                        return(View("EmailChangeConfirmationSent", model));
                    }
                    else
                    {
                        this.AlertDanger(model.SuccessNotification, true);
                    }
                }
                catch (Exception ex)
                {
                    this.AlertDanger(StringLocalizer["Error - email could not be changed. Contact the site administrator for support."], true);
                    Log.LogError(ex, $"Unexpected error occurred sending email change confirmation for user ID '{user.Id}'.");
                }
            }

            return(await Index());  // Route back to Index Page, taking toast alerts along
        }