示例#1
0
        public async Task <ActionResult <CreatedApiKey> > CreateApiKey(Guid id, ApiKeyDto dto, [FromServices] IApiKeyGenerator apiKeyGenerator, [FromServices] IMeansValueHasher hasher)
        {
            var apiKey = apiKeyGenerator.Generate();

            var meansResult = await Publisher.SendRequest <ICreateAuthenticationMeans, IIdentifierResult>(
                new CreateAuthenticationMeans(
                    Guid.NewGuid(), dto.Label, MeansMethod.ApiKey, hasher.Hash(apiKey), DateTimeOffset.UtcNow, null
                    ));

            if (!meansResult.Successful || !meansResult.Id.HasValue)
            {
                throw meansResult.ToException();
            }

            await Publisher.SendRequest <ICreateAssignmentToUser, IIdentifierResult>(
                new CreateAssignmentToUser(Guid.NewGuid(), meansResult.Id.Value, DateTimeOffset.UtcNow, null, id, false)
                );

            return(new CreatedApiKey(meansResult.Id.Value, apiKey));
        }
示例#2
0
        public async Task <ActionResult <CreatedApiKey> > CreateApiKey(Guid id, ApiKeyDto dto, [FromServices] IApiKeyGenerator apiKeyGenerator, [FromServices] IMeansValueHasher hasher)
        {
            await _authLoader.AssertResourceAccessAsync(User, id, IsOwnerPolicy.Instance);

            var apiKey = apiKeyGenerator.Generate();

            var meansResult = await Publisher.SendRequest <ICreateAuthenticationMeans, IIdentifierResult>(
                new CreateAuthenticationMeans(
                    Guid.NewGuid(), dto.Label, MeansMethod.ApiKey, hasher.Hash(apiKey), DateTimeOffset.UtcNow, null
                    ));

            if (!meansResult.Successful || !meansResult.Id.HasValue)
            {
                throw meansResult.ToException();
            }

            await Publisher.SendRequest <ICreateAssignmentToPointOfSale, IIdentifierResult>(
                new CreateAssignmentToPointOfSale(Guid.NewGuid(), meansResult.Id.Value, DateTimeOffset.UtcNow, null, id)
                );

            return(new CreatedApiKey(meansResult.Id.Value, apiKey));
        }
示例#3
0
        public async Task <ActionResult> SetPassword(Guid id, SetPasswordDto pwDto, [FromServices] IMeansValueHasher pwHasher)
        {
            var userId = id;

            if ((await _usersService.GetUser(userId)) is null)
            {
                throw new BaristaException("user_not_found", $"Could not find user with ID '{userId}'");
            }

            var passwordPage = await _identityService.BrowseMeansAssignedToUser(userId, new BrowseAssignedMeans { IsValid = true, Method = MeansMethod.Password, ResultsPerPage = 1 });

            if (passwordPage.TotalResults == 1)
            {
                var means = passwordPage.Items.Single();
                return(await SendAndHandleOperationCommand(new UpdateAuthenticationMeansValue(means.Id, pwHasher.Hash(pwDto.NewPassword))));
            }
            else if (passwordPage.TotalResults > 1)
            {
                _logger.LogWarning("The user {userId} has more than one password authentication means assigned. They will be purged before the new password is set.", userId);

                int deletedPasswordMeans;
                var query = new BrowseAssignedMeans {
                    IsValid = true, Method = MeansMethod.Password
                };

                do
                {
                    deletedPasswordMeans = 0;

                    var passwordMeansPage = await _identityService.BrowseMeansAssignedToUser(userId, query);

                    foreach (var passwordMeans in passwordMeansPage.Items)
                    {
                        await Publisher.SendRequest(new DeleteAuthenticationMeans(passwordMeans.Id));

                        _logger.LogInformation("Purged one of multiple passwords assigned to user {userId} with means ID {meansId}", userId, passwordMeans.Id);
                        deletedPasswordMeans++;
                    }
                } while (deletedPasswordMeans > 0);
            }

            var meansCreation = await Publisher.SendRequest <ICreateAuthenticationMeans, IIdentifierResult>(
                new CreateAuthenticationMeans(Guid.NewGuid(), null, MeansMethod.Password, pwHasher.Hash(pwDto.NewPassword), DateTimeOffset.UtcNow, null)
                );

            if (!meansCreation.Successful)
            {
                throw meansCreation.ToException();
            }

            var meansAssignment = await Publisher.SendRequest <ICreateAssignmentToUser, IIdentifierResult>(
                new CreateAssignmentToUser(Guid.NewGuid(), meansCreation.Id.Value, DateTimeOffset.UtcNow, null, userId, false)
                );

            if (!meansAssignment.Successful)
            {
                throw meansAssignment.ToException();
            }

            return(Ok());
        }
示例#4
0
        public async Task <ActionResult> ChangePassword(ChangePasswordDto newPwDto, [FromServices] IUserPasswordAuthenticator userPwAuthenticator, [FromServices] IMeansValueHasher pwHasher)
        {
            var userId = User.GetUserId();
            var user   = await _usersService.GetUser(userId);

            if (user is null)
            {
                return(NotFound());
            }

            var authResult = await userPwAuthenticator.AuthenticateAsync(user.EmailAddress, newPwDto.OldPassword);

            if (authResult is null)
            {
                return(BadRequest(new ErrorDto("invalid_old_password", "The old password does not match. Please try again.")));
            }

            if (newPwDto.NewPassword != newPwDto.NewPasswordAgain)
            {
                return(BadRequest(new ErrorDto("invalid_new_passwords", "The new passwords do not match. Please try again.")));
            }

            return(await SendAndHandleOperationCommand(new UpdateAuthenticationMeansValue(authResult.MeansId, pwHasher.Hash(newPwDto.NewPassword))));
        }