public async Task <bool> ForgotPasswordAsync(string email)
{
var user = _usersRepository.GetUserByEmail(email);
if (user == null || !user.IsActive)
{
throw new Exception("User does not exists");
}
var newPassword = Guid.NewGuid().ToString().Substring(1, 6);
string salt;
string passwordHash;
PasswordHelpers.GenerateSaltAndHash(newPassword, out salt, out passwordHash);
await _usersRepository.ChangePasswordAsync(user.Id, passwordHash, salt);
var message = "Hi " + user.FirstName + " " + user.LastName + ",<br><br>" +
"Your username is <b>" + user.Email + "</b> and new password is <b>" + newPassword + "</b>." +
"<br><br><br>Thanks<br>COH Team";
EmailService.SendEmail("*****@*****.**", user.Email, "Reset password for COH", message);
return(true);
}
public async Task <bool> SendEmailAsync(int id, int clientId, int userId)
{
if (!await _permissionManager.HasPermission(clientId, userId, Permission.CanDeleteUser))
{
throw new Exception("User has not permission to perform this operation");
}
var user = await _usersRepository.GetUserByIdAsync(id);
if (user == null)
{
throw new Exception("User does not exists");
}
var newPassword = Guid.NewGuid().ToString().Substring(1, 6);
string salt;
string passwordHash;
PasswordHelpers.GenerateSaltAndHash(newPassword, out salt, out passwordHash);
await _usersRepository.ChangePasswordAsync(user.Id, passwordHash, salt);
var message = "Hi " + user.FirstName + " " + user.LastName + ",<br><br>" +
"Your username is <b>" + user.Email + "</b> and new password is <b>" + newPassword + "</b>." +
"<br><br><br>Thanks<br>COH Team";
EmailService.SendEmail("*****@*****.**", user.Email, "COH Credential Info", message);
return(true);
}
public async Task <bool> ChangePasswordAsync(string oldPassword, string newPassword, int userId)
{
var existing = await _usersRepository.GetUserByIdAsync(userId);
if (existing == null)
{
throw new Exception("User does not exists");
}
if (PasswordHelpers.GenerateHashForSaltAndPassword(existing.Salt, oldPassword) != existing.PasswordHash)
{
throw new Exception("Old password is not valid");
}
if (!PasswordHelpers.IsValidPassword(newPassword, new PasswordRequirements()))
{
throw new Exception("Password doesn't meet requirements");
}
string salt;
string passwordHash;
PasswordHelpers.GenerateSaltAndHash(newPassword, out salt, out passwordHash);
return(await _usersRepository.ChangePasswordAsync(userId, passwordHash, salt));
}
public async Task <ClientModel> AddAsync(ClientModel model, int userId)
{
if (model == null)
{
throw new ArgumentNullException();
}
var client = _clientMapper.ConvertToDataModel(model);
client.IsActive = true;
client.CreatedOn = DateTime.UtcNow;
client.UpdatedOn = DateTime.UtcNow;
client.Application = new Application()
{
Name = client.OrganizationName + "Mobile App",
ClientId = Guid.NewGuid(),
ClientSecret = Guid.NewGuid(),
Scope = "mobile",
CreatedOn = DateTime.UtcNow,
UpdatedOn = DateTime.UtcNow
};
var clientAdmin = new User()
{
FirstName = "Client",
LastName = "Admin",
Email = client.Email,
Role = (int)UserRoles.ClientAdmin,
IsActive = true,
CreatedOn = DateTime.UtcNow,
UpdatedOn = DateTime.UtcNow
};
var password = Guid.NewGuid().ToString().Substring(1, 6);
string salt;
string passwordHash;
PasswordHelpers.GenerateSaltAndHash(password, out salt, out passwordHash);
clientAdmin.Salt = salt;
clientAdmin.PasswordHash = passwordHash;
client.Users.Add(clientAdmin);
client = await _clientRepository.AddAsync(client);
return(_clientMapper.ConvertToModel(client));
}
public async Task <UserModel> AddAsync(UserModel model, string password, int clientId, int userId)
{
if (!await _permissionManager.HasPermission(clientId, userId, Permission.CanAddUser))
{
throw new Exception("User has not permission to perform this operation");
}
var existing = _usersRepository.GetUserByEmail(model.Email);
if (existing != null)
{
throw new Exception("Email already exists");
//errors = "Email already exists";
//return new EnumerableQuery<MonsciergeDataModel.User>(new MonsciergeDataModel.User[0]);
}
if (!PasswordHelpers.IsValidPassword(password, new PasswordRequirements()))
{
throw new Exception("Password doesn't meet requirements");
//errors = "Password doesn't meet requirements";
//return new EnumerableQuery<MonsciergeDataModel.User>(new MonsciergeDataModel.User[0]);
}
var user = new User()
{
FirstName = model.FirstName,
LastName = model.LastName,
Email = model.Email,
ClientId = clientId,
Role = (int)UserRoles.HRUser,
IsActive = true,
CreatedOn = DateTime.UtcNow,
UpdatedOn = DateTime.UtcNow
};
string salt;
string passwordHash;
PasswordHelpers.GenerateSaltAndHash(password, out salt, out passwordHash);
user.Salt = salt;
user.PasswordHash = passwordHash;
user = await _usersRepository.AddAsync(user);
return(_usersMapper.ConvertToModel(user));
}
