private User GetUser(string userName, string password)
{
if (userName.IsNullOrEmptyOrWhiteSpace() || password.IsNullOrEmptyOrWhiteSpace())
{
return(null);
}
// Check user in geonetwork
object geonetworkUser = null;
try
{
using (var client = restApiService.GetClient(new UserPrincipal {
UserName = userName, Password = password
}))
{
geonetworkUser = restApiService.GetRequest <object>(client, "me");
}
}
catch (Exception e)
{
logger.Error(e);
}
User user = null;
if (userName.IsNotNullOrEmpty())
{
using (contextManager.NewConnection())
{
user = accountService.GetByUserName(userName);
}
}
if (geonetworkUser != null)
{
return(user);
}
if (user?.Password == null ||
password?.IsNotNullOrEmpty() != true ||
!PasswordTools.ValidatePassword(password, user.Password))
{
return(null);
}
return(user);
}
public ActionResult ChangePassword(ChangePasswordViewModel model)
{
ModelState.Clear();
// Validate captcha control
if (!captchaService.Validate(Request["g-recaptcha-response"]))
{
ModelState.AddModelError(string.Empty, Resource.WrongCaptchaMessage);
}
User user = null;
if (model.Token.IsNotNullOrEmpty())
{
user = GetUserByToken(model.Token);
}
else if (User?.Id != null)
{
using (ContextManager.NewConnection())
{
user = accountService.GetByUserName(User.UserName);
}
// Validate old password - if is same as login user password
if (model.OldPassword.IsNullOrEmpty() ||
!PasswordTools.ValidatePassword(model.OldPassword, user.Password))
{
ModelState.AddModelError("OldPassword", Resource.PasswordsDoesNotMatch);
}
}
if (user == null)
{
throw new WarningException(Resource.InvalidToken);
}
model.IsAdmin = user.IsAdmin;
model.UserId = user.Id.Value;
if (!TryValidateModel(model) || !ModelState.IsValid)
{
return(View("ChangePassword", model));
}
using (var client = restApiService.GetClient(new UserPrincipal {
UserName = ConfigurationReader.GeoNetworkAdminUser, Password = ConfigurationReader.GeoNetworkAdminPass
}))
{
restApiService.PostRequest(
client,
$"users/{user.GeoNetworkId}/actions/forget-password?password={model.Password}&password2={model.ConfirmPassword}");
}
model.Password = PasswordTools.CreateHash(model.Password);
var userPrincipal = Mapper.Map <IUser, UserPrincipal>(user);
using (var transaction = ContextManager.NewTransaction(new RequestData(userPrincipal)))
{
userService.ChangePassword(Mapper.Map <ChangePasswordModel>(model));
// If user is not active - activate it
if (model.Token.IsNotNullOrEmpty() && user.Status.Id == EnumHelper.GetStatusIdByEnum(UserStatus.InActive))
{
userService.ChangeStatus(
EnumHelper.GetStatusIdByEnum(UserStatus.Active),
user.Id.Value,
ConfigurationReader.AutomationUserId);
}
transaction.Commit();
}
return(RedirectToAction("Login"));
}