public async Task <IHttpActionResult> ActivateAccount(AccountActivationInput activationInput, string appCtx = null) { try { var activationOutput = await Auth.ActivateAccountAsync(CustomUserAccountService.GetInstance("MapHiveMbr"), activationInput.VerificationKey, activationInput.InitialPassword); //need to resend email with new verification key, as the previous one was stale if (activationOutput.VerificationKeyStale) { var dbCtx = new MapHiveDbContext("MapHiveMeta"); var emailStuff = await GetEmailStuffAsync("activate_account_stale", appCtx, dbCtx); //basically need to send an email the verification key has expired and send a new one var user = await dbCtx.Users.Where(u => u.Email == activationOutput.Email).FirstOrDefaultAsync(); //since got an email off mbr, user should not be null, but just in a case... if (user == null) { return(BadRequest()); } //prepare the email template tokens var tokens = new Dictionary <string, object> { { "UserName", $"{user.GetFullUserName()} ({user.Email})" }, { "Email", user.Email }, { "RedirectUrl", this.GetRequestSource().Split('#')[0] }, { "VerificationKey", activationOutput.VerificationKey }, { "InitialPassword", "" } }; //prepare and send the email EmailSender.Send(emailStuff.Item1, emailStuff.Item2.Prepare(tokens), user.Email); } //mbr has not found a user, so bad, bad, bad request it was if (activationOutput.UnknownUser) { return(BadRequest()); } //wipe out some potentially sensitive data activationOutput.Email = null; activationOutput.VerificationKey = null; return(Ok(activationOutput)); } catch (Exception ex) { return(HandleException(ex)); } }
public async Task <IActionResult> ActivateAccountAsync([FromBody] AccountActivationInput activationInput, [FromRoute] string app = null, [FromQuery] EmailAccount ea = null) { try { //work out user id from token var activationOutput = await Auth.ActivateAccountAsync(activationInput.VerificationKey); //aspnet identity has not found a user, so bad, bad, bad request it was if (activationOutput.UnknownUser) { return(BadRequest()); } //basically need to send an email the verification key has expired and send a new one var user = await GetDefaultDbContext().Users.FirstOrDefaultAsync(u => u.Uuid == Auth.ExtractIdFromMergedToken(activationInput.VerificationKey)); //since got an email off mbr, user should not be null, but just in a case... if (user == null) { return(BadRequest()); } //need to resend email with new verification key, as the previous one was stale if (activationOutput.VerificationKeyStale) { var(emailAccount, emailTemplate) = await GetEmailStuffAsync("activate_account_stale", app); //use custom email account if provided if (ea != null && ea.SeemsComplete()) { emailAccount = ea; } //prepare the email template tokens var tokens = new Dictionary <string, object> { { "UserName", $"{user.GetFullUserName()} ({user.Email})" }, { "Email", user.Email }, { "RedirectUrl", this.GetRequestSource(HttpContext).Split('#')[0] }, { "VerificationKey", activationOutput.VerificationKey }, { "InitialPassword", "" } }; //prepare and send the email EmailSender.Send(emailAccount, emailTemplate.Prepare(tokens), user.Email); } //going to save, so need to impersonate Cartomatic.Utils.Identity.ImpersonateGhostUser(); //mark user rec as activated if (activationOutput.Success) { user.IsAccountVerified = true; Cartomatic.Utils.Identity.ImpersonateUserViaHttpContext(user.Uuid); //nee to impersonate, as otherwise dbctx will fail to save changes! await user.UpdateAsync(GetDefaultDbContext()); } //wipe out some potentially sensitive data activationOutput.Email = null; activationOutput.VerificationKey = null; return(Ok(activationOutput)); } catch (Exception ex) { return(HandleException(ex)); } }