public async Task UpdateAccountPasswordAsync(ChangePasswordModel parameters)
{
if (parameters == null)
{
throw new ArgumentNullException(nameof(parameters));
}
var user = await _userManager.FindByIdAsync(parameters.UserId);
if (user == null)
{
throw new Exception(HESException.GetMessage(HESCode.UserNotFound));
}
var isValidPassword = await _userManager.CheckPasswordAsync(user, parameters.OldPassword);
if (!isValidPassword)
{
throw new Exception(HESException.GetMessage(HESCode.IncorrectCurrentPassword));
}
var changePasswordResult = await _userManager.ChangePasswordAsync(user, parameters.OldPassword, parameters.NewPassword);
if (!changePasswordResult.Succeeded)
{
throw new Exception(HESException.GetIdentityResultErrors(changePasswordResult.Errors));
}
}
public async Task UpdateProfileInfoAsync(UserProfileModel parameters)
{
var user = await _userManager.FindByIdAsync(parameters.UserId);
if (user == null)
{
throw new HESException(HESCode.UserNotFound);
}
if (parameters.FullName != user.FullName)
{
user.FullName = parameters.FullName;
var userResult = await _userManager.UpdateAsync(user);
if (!userResult.Succeeded)
{
throw new Exception(HESException.GetIdentityResultErrors(userResult.Errors));
}
}
if (parameters.PhoneNumber != user.PhoneNumber)
{
var setPhoneResult = await _userManager.SetPhoneNumberAsync(user, parameters.PhoneNumber);
if (!setPhoneResult.Succeeded)
{
throw new Exception(HESException.GetIdentityResultErrors(setPhoneResult.Errors));
}
}
}
public async Task ConfirmEmailChangeAsync(UserConfirmEmailChangeModel parameters)
{
var user = await _userManager.FindByIdAsync(parameters.UserId);
if (user == null)
{
throw new HESException(HESCode.UserNotFound);
}
using (TransactionScope transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
{
// Update FIDO credentials
var credentials = await _fidoCredentialsRepository.Query().Where(x => x.Username == user.Email).ToListAsync();
foreach (var item in credentials)
{
item.UserId = Encoding.UTF8.GetBytes(parameters.Email);
item.UserHandle = Encoding.UTF8.GetBytes(parameters.Email);
item.Username = parameters.Email;
}
await _fidoCredentialsRepository.UpdatRangeAsync(credentials);
// Change email
var changeEmailResult = await _userManager.ChangeEmailAsync(user, parameters.Email, parameters.Code);
if (!changeEmailResult.Succeeded)
{
throw new Exception(HESException.GetIdentityResultErrors(changeEmailResult.Errors));
}
// In our UI email and user name are one and the same, so when we update the email we need to update the user name.
var setUserNameResult = await _userManager.SetUserNameAsync(user, parameters.Email);
if (!setUserNameResult.Succeeded)
{
throw new Exception(HESException.GetIdentityResultErrors(setUserNameResult.Errors));
}
transactionScope.Complete();
}
}
private async Task LoginWithPasswordAsync()
{
try
{
await ButtonSpinner.SpinAsync(async() =>
{
var response = await IdentityApiClient.LoginWithPasswordAsync(PasswordSignInModel);
response.ThrowIfFailed();
if (response.Succeeded)
{
NavigationManager.NavigateTo(Routes.Dashboard, true);
return;
}
if (response.RequiresTwoFactor)
{
NavigationManager.NavigateTo($"{Routes.LoginWith2Fa}?returnUrl={ReturnUrl}", true);
return;
}
if (response.IsLockedOut)
{
NavigationManager.NavigateTo(Routes.Lockout, true);
return;
}
});
}
catch (HESException ex) when(ex.Code == HESCode.InvalidLoginAttempt)
{
ValidationErrorMessage.DisplayError(nameof(PasswordSignInModel.Password), HESException.GetMessage(ex.Code));
}
catch (Exception ex)
{
Logger.LogError(ex.Message);
SetErrorMessage(ex.Message);
}
}
private async Task NextAsync()
{
try
{
await ButtonSpinner.SpinAsync(async() =>
{
var user = await ApplicationUserService.GetUserByEmailAsync(UserEmailModel.Email);
if (user == null)
{
ValidationErrorMessage.DisplayError(nameof(UserEmailModel.Email), HESException.GetMessage(HESCode.UserNotFound));
return;
}
PasswordSignInModel.Email = UserEmailModel.Email;
HasSecurityKey = (await Fido2Service.GetCredentialsByUserEmail(UserEmailModel.Email)).Count > 0;
AuthenticationStep = AuthenticationStep.EnterPassword;
});
}
catch (HESException ex)
{
ValidationErrorMessage.DisplayError(nameof(UserEmailModel.Email), ex.Message);
}
catch (Exception ex)
{
Logger.LogError(ex.Message);
SetErrorMessage(ex.Message);
}
}
private async Task NextAsync()
{
try
{
await Button.SpinAsync(async() =>
{
var user = await ApplicationUserService.GetUserByEmailAsync(UserEmailModel.Email);
if (user == null)
{
ValidationErrorMessage.DisplayError(nameof(UserEmailModel.Email), HESException.GetMessage(HESCode.UserNotFound));
return;
}
await SignInWithSecurityKeyAsync();
});
}
catch (Exception ex)
{
Logger.LogError(ex.Message);
SetErrorMessage(ex.Message);
}
}
