private async void VerifyUserEmailAsync(ApplicationUser user) { //Verify email address is confirmed with identity var emailConfirmed = userManager.IsEmailConfirmedAsync(user).Result; if (!emailConfirmed) { string emailVerificationToken = userManager.GenerateEmailConfirmationTokenAsync(user).Result; var result = userManager.ConfirmEmailAsync(user, emailVerificationToken).Result; if (result.Succeeded) { var emailVerification = emailVerificationRepository.Find(null, p => p.PersonId == user.PersonId && p.IsVerified != true)?.Items?.FirstOrDefault(); if (emailVerification != null) { var verifiedEmailAddress = personEmailRepository.Find(null, p => p.Address.Equals(emailVerification.Address, StringComparison.OrdinalIgnoreCase))?.Items?.FirstOrDefault(); if (verifiedEmailAddress == null) { var personEmail = new PersonEmail() { EmailVerificationId = emailVerification.Id, IsPrimaryEmail = true, PersonId = emailVerification.PersonId, Address = emailVerification.Address }; personEmailRepository.Add(personEmail); } //Verification completed emailVerification.IsVerified = true; emailVerificationRepository.Update(emailVerification); } } } }
public async Task <IActionResult> UpdateOrganizationMember(UpdateTeamMemberViewModel request, string personId, string organizationId) { var currentUser = await _userManager.FindByEmailAsync(_accessor.HttpContext.User.Identity.Name); OrganizationMember currentOrgMember = _organzationMemberRepo.Find(null, o => o.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault(); if (!currentOrgMember.IsAdministrator ?? false || currentOrgMember.OrganizationId != Guid.Parse(organizationId)) { throw new UnauthorizedOperationException("Only admins of this organization can update existing users", EntityOperationType.Update); } var userToUpdate = _aspNetUsersRepository.Find(null, u => u.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault(); var personToUpdate = _personRepo.Find(null, p => p.Id == Guid.Parse(personId)).Items?.FirstOrDefault(); ApplicationUser appUser = await _userManager.FindByIdAsync(userToUpdate.Id).ConfigureAwait(false); //check password's validity if one was provided if (!string.IsNullOrEmpty(request.Password)) { if (!IsPasswordValid(request.Password)) { throw new Exception(PasswordRequirementMessage(request.Password)); } } //if email was provided check its availability if (!string.IsNullOrEmpty(request.Email)) { //if email is not the same as user's current email if (!appUser.NormalizedEmail.Equals(request.Email.ToUpper())) { var existingEmailUser = _aspNetUsersRepository.Find(null, u => u.Email == request.Email).Items?.FirstOrDefault(); if (existingEmailUser != null) { throw new Exception("A user already exists for the provided email address"); } var personEmailToUpdate = _personEmailRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault(); var emailVerificationToUpdate = _emailVerificationRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault(); //update application user's email appUser.Email = request.Email; appUser.NormalizedEmail = request.Email.ToUpper(); appUser.UserName = request.Email; appUser.NormalizedUserName = request.Email.ToUpper(); //update additional email tables personEmailToUpdate.Address = request.Email; emailVerificationToUpdate.Address = request.Email; _personEmailRepository.Update(personEmailToUpdate); _emailVerificationRepository.Update(emailVerificationToUpdate); } } //update name if one was provided if (!string.IsNullOrEmpty(request.Name)) { appUser.Name = request.Name; personToUpdate.Name = request.Name; _personRepo.Update(personToUpdate); } //update password if (!string.IsNullOrEmpty(request.Password)) { appUser.ForcedPasswordChange = false; var token = await _userManager.GeneratePasswordResetTokenAsync(appUser); IdentityResult result = await _userManager.ResetPasswordAsync(appUser, token, request.Password); if (!result.Succeeded) { throw new Exception("Failed to set new password"); } } //update application user if (!string.IsNullOrEmpty(request.Password) || !string.IsNullOrEmpty(request.Email)) { _userManager.UpdateAsync(appUser); } return(new OkObjectResult(appUser)); }