internal void SendResetEmail(Login_DTO_Create dto, string token)
{
Resources.BBCode bbc = new Resources.BBCode();
using (eMail email = new eMail())
{
string Body = "";
string Subject = "";
string InvitationUrl = "";
Body = Label.Get("email.body.account-reset", dto.LngIsoCode);
Subject = Label.Get("email.subject.account-reset", dto.LngIsoCode);
InvitationUrl = "[url=" + Configuration_BSO.GetCustomConfig(ConfigType.global, "url.application") + Utility.GetCustomConfig("APP_COOKIELINK_INVITATION_1FA") + '/' + dto.CcnUsername + '/' + token + "]" + "[/url]";
Body = Body + Environment.NewLine + InvitationUrl;
Body = bbc.Transform(Body, true);
email.Body = Body;
email.Subject = Subject;
email.To.Add(dto.CcnEmail);
email.Send();
}
}
internal int CreateLogin(Login_DTO_Create dto, string samAccountName, string token = null)
{
List <ADO_inputParams> inputParamList = new List <ADO_inputParams>()
{
new ADO_inputParams()
{
name = "@CcnUsernameCreator", value = samAccountName
},
new ADO_inputParams()
{
name = "@CcnUsername", value = dto.CcnUsername
},
};
if (token != null)
{
inputParamList.Add(new ADO_inputParams()
{
name = "@LgnToken1FA", value = token
});
}
// A return parameter is required for the operation
ADO_returnParam retParam = new ADO_returnParam();
retParam.name = "return";
retParam.value = 0;
//Attempting to create the new entity
ado.ExecuteNonQueryProcedure("Security_Login_Create", inputParamList, ref retParam);
//Assign the returned value for checking and output
return(retParam.value);
}
private void SendEmail(Login_DTO_Create lDto, string token, string nextMethod)
{
string url = Configuration_BSO.GetCustomConfig(ConfigType.global, "url.application") + "?method=" + nextMethod + "&email=" + lDto.CcnEmail + '&' + "name=" + Uri.EscapeUriString(lDto.CcnDisplayname) + '&' + "token=" + token;
string link = "<a href = " + url + ">" + Label.Get("email.body.header.anchor-text", lDto.LngIsoCode) + "</a>";
string subject = string.Format(Label.Get("email.subject.update-1fa", lDto.LngIsoCode), Configuration_BSO.GetCustomConfig(ConfigType.global, "title"));
string to = lDto.CcnEmail;
string header = string.Format(Label.Get("email.body.header.update-1fa", lDto.LngIsoCode), lDto.CcnDisplayname, Configuration_BSO.GetCustomConfig(ConfigType.global, "title"));
string subHeader = string.Format(Label.Get("email.body.sub-header.update-1fa"), link);
string footer = string.Format(Label.Get("email.body.footer", lDto.LngIsoCode), lDto.CcnDisplayname);
Email_BSO.SendLoginTemplateEmail(subject, new List <string>()
{
to
}, header, url, footer, subHeader, lDto.LngIsoCode);
}
internal bool CreateLogin(Login_DTO_Create dto, string samAccountName, string token = null)
{
Login_ADO lAdo = new Login_ADO(ado);
return(lAdo.CreateLogin(dto, samAccountName, token) > 0);
}
/// <summary>
/// Execute
/// </summary>
/// <returns></returns>
protected override bool Execute()
{
//A power user may not create an Administrator
if (IsPowerUser() && DTO.PrvCode.Equals(Resources.Constants.C_SECURITY_PRIVILEGE_ADMINISTRATOR))
{
Log.Instance.Debug("A power user may not create an Administrator");
Response.error = Label.Get("error.privilege");
return(false);
}
//We need to check if the requested user is NOT in Active Directory, otherwise we refuse the request.
ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO();
ActiveDirectory_DTO adDto = adAdo.GetUser(Ado, DTO);
if (adDto.CcnUsername != null)
{
Log.Instance.Debug("Account exists already");
Response.error = Label.Get("error.create");
return(false);
}
//Validation of parameters and user have been successful. We may now proceed to read from the database
var adoAccount = new Account_ADO();
//First we must check if the Account exists already (we can't have duplicates)
if (adoAccount.Exists(Ado, DTO.CcnEmail))
{
//This Account exists already, we can't proceed
Log.Instance.Debug("Account exists already");
Response.error = Label.Get("error.duplicate");
return(false);
}
//Next check if the email exists
if (adoAccount.ExistsByEmail(Ado, DTO.CcnEmail))
{
//This Account exists already, we can't proceed
Log.Instance.Debug("Account exists already");
Response.error = Label.Get("error.duplicate");
return(false);
}
//make sure this email isn't an AD email - they should not become local users
var aduser = adAdo.GetAdSpecificDataForEmail(DTO.CcnEmail);
if (aduser != null)
{
//This Account exists in AD, we can't proceed
Log.Instance.Debug("Account exists in AD");
Response.error = Label.Get("error.create");
return(false);
}
//Create the Account - and retrieve the newly created Id
int newId = adoAccount.Create(Ado, new Account_DTO_Create()
{
CcnUsername = DTO.CcnUsername, CcnNotificationFlag = DTO.CcnNotificationFlag, LngIsoCode = DTO.LngIsoCode, PrvCode = DTO.PrvCode, CcnDisplayName = DTO.CcnDisplayName, CcnEmail = DTO.CcnEmail
}, SamAccountName, false);
if (newId == 0)
{
Log.Instance.Debug("adoAccount.Create - can't create Account");
Response.error = Label.Get("error.create");
return(false);
}
Login_DTO_Create lDto = new Login_DTO_Create()
{
CcnUsername = DTO.CcnEmail, LngIsoCode = DTO.LngIsoCode, CcnEmail = DTO.CcnEmail, CcnDisplayname = DTO.CcnDisplayName
};
Login_BSO lBso = new Login_BSO(Ado);
string token = Utility.GetRandomSHA256(newId.ToString());
if (lBso.CreateLogin(lDto, SamAccountName, token))
{
SendEmail(lDto, token, "PxStat.Security.Login_API.Create1FA");
}
else
{
Response.error = Label.Get("error.create");
return(false);
}
Response.data = JSONRPC.success;
return(true);
}
/// <summary>
/// Execute
/// </summary>
/// <returns></returns>
protected override bool Execute()
{
if (!ReCAPTCHA.Validate(DTO.Captcha))
{
Response.error = Label.Get("error.authentication");
return(false);
}
if (DTO.CcnUsername == null)
{
DTO.CcnUsername = DTO.CcnEmail;
}
//Not allowed for AD users
ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO();
ActiveDirectory_DTO adDto = adAdo.GetUser(Ado, DTO);
if (adDto.CcnDisplayName != null)
{
Response.data = JSONRPC.success;
return(true);
}
Account_ADO ccnAdo = new Account_ADO();
var user = ccnAdo.Read(Ado, new Account_DTO_Read()
{
CcnUsername = DTO.CcnEmail
});
if (!user.hasData)
{
Response.data = JSONRPC.success;
return(true);
}
if (user.data[0].CcnEmail.Equals(DBNull.Value) || user.data[0].CcnDisplayName.Equals(DBNull.Value))
{
Response.data = JSONRPC.success;
return(true);
}
DTO.CcnEmail = user.data[0].CcnEmail;
Login_BSO lBso = new Login_BSO(Ado);
string loginToken = Utility.GetRandomSHA256(user.data[0].CcnId.ToString());
Login_DTO_Create ldto = new Login_DTO_Create()
{
CcnUsername = DTO.CcnEmail, LngIsoCode = DTO.LngIsoCode, CcnEmail = DTO.CcnEmail, CcnDisplayname = user.data[0].CcnDisplayName
};
if (lBso.Update1FaTokenForUser(DTO.CcnEmail, loginToken) != null)
{
SendEmail(new Login_DTO_Create()
{
CcnUsername = user.data[0].CcnUsername, LngIsoCode = DTO.LngIsoCode, CcnEmail = user.data[0].CcnEmail, CcnDisplayname = user.data[0].CcnDisplayName
}, loginToken, "PxStat.Security.Login_API.Update1FA");
Response.data = JSONRPC.success;
return(true);
}
else
{
Response.error = Label.Get("error.create");
return(false);
}
}
