public async Task <IHttpActionResult> ChangePasswordRequest(string username)
{
if (string.IsNullOrWhiteSpace(username))
{
return(BadRequest("E-mail is required"));
}
try
{
var user = await this.AppUserManager.FindByNameAsync(username);
if (user == null)
{
return(BadRequest("No user with this email"));
}
//The call back URL is stored in the database. This makes it easy to switch between DEV/UAT/PROD
DynamicParameters p = new DynamicParameters();
p.Add("@Name", "CHANGE_PASSWORD_URL", dbType: DbType.String, direction: ParameterDirection.Input);
AppSettings settings = DatabaseGet.GetSingle <AppSettings>(p, "dbo.sp_AppSettingsGetByName");
if (settings == null)
{
throw new ArgumentNullException("settings");
}
string code = await AppUserManager.GeneratePasswordResetTokenAsync(user.Id);
code = HttpUtility.UrlEncode(code);
NameValueCollection queryString = HttpUtility.ParseQueryString(string.Empty);
queryString["userId"] = user.Id;
queryString["code"] = code;
string callbackUrl = settings.Value + queryString.ToString();
await this.AppUserManager.SendEmailAsync(user.Id, "Password Reset", "Reset your password by clicking <a href=\"" + callbackUrl + "\">here</a>");
return(Ok());
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return(BadRequest(ModelState));
}
}
public async Task <IHttpActionResult> OrganizationGet()
{
var user = await this.AppUserManager.FindByNameAsync(User.Identity.Name);
if (user == null)
{
return(BadRequest("Invalid Request"));
}
DynamicParameters p = new DynamicParameters();
p.Add("@Id", user.Id, dbType: DbType.String, direction: ParameterDirection.Input);
Organization org = DatabaseGet.GetSingle <Organization>(p, "dbo.sp_OrganizationGet");
if (org != null)
{
return(Ok(org));
}
return(NotFound());
}
public async Task <IHttpActionResult> Register(UserModel userModel)
{
if (!ModelState.IsValid)
{
string firstError = string.Empty;
foreach (ModelState modelState in ModelState.Values)
{
foreach (ModelError error in modelState.Errors)
{
firstError = error.ErrorMessage;
break;
}
}
return(BadRequest(firstError));
}
try
{
var user = new ApplicationUser()
{
UserName = userModel.Email,
Email = userModel.Email,
FirstName = string.Empty,
LastName = string.Empty,
JoinDate = DateTime.Now.Date,
};
IdentityResult addUserResult = await this.AppUserManager.CreateAsync(user, userModel.Password);
if (!addUserResult.Succeeded)
{
return(GetErrorResult(addUserResult));
}
// User has been created, insert a record in the organization table so it's avaiable for updating later
DynamicParameters pSignup = new DynamicParameters();
pSignup.Add("@Id", user.Id, dbType: DbType.String, direction: ParameterDirection.Input);
DatabaseUpdate.Update(pSignup, "dbo.sp_SignUp");
//The call back URL is stored in the database. This makes it easy to switch between DEV/UAT/PROD
DynamicParameters pReg = new DynamicParameters();
pReg.Add("@Name", "CONFIRM_REGISTRATION_URL", dbType: DbType.String, direction: ParameterDirection.Input);
AppSettings settings = DatabaseGet.GetSingle <AppSettings>(pReg, "dbo.sp_AppSettingsGetByName");
if (settings == null)
{
throw new ArgumentNullException("settings");
}
string code = await AppUserManager.GenerateEmailConfirmationTokenAsync(user.Id);
code = HttpUtility.UrlEncode(code);
NameValueCollection queryString = HttpUtility.ParseQueryString(string.Empty);
queryString["userId"] = user.Id;
queryString["code"] = code;
string callbackUrl = settings.Value + queryString.ToString();
await AppUserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
Uri locationHeader = new Uri(Url.Link("GetUserById", new { id = user.Id }));
return(Created(locationHeader, TheModelFactory.Create(user)));
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return(BadRequest(ModelState));
}
}