public async Task CompleteAdmin(Guid code, string password, string passwordMatch, string email)
{
var pendingIdentity = await _pendingIdentityRepository.GetAsync(code, email);
if (pendingIdentity is null)
{
throw new VmsException(Codes.InvalidCredentials, "The credentials are invalid.");
}
var existing = await _identityRepository.GetByEmailAndRole(email, Roles.SystemAdmin);
if (existing != null)
{
throw new VmsException(Codes.EmailInUse, "Their has already been an account created with this email.");
}
if (password != passwordMatch)
{
throw new VmsException(Codes.InvalidCredentials, "The credentials are invalid.");
}
var pword = _passwordManager.EncryptPassword(password);
var identity = new Domain.Identity(email, pword.Hash, pword.Salt, Roles.SystemAdmin);
await _identityRepository.AddAsync(identity);
}
public async Task CompleteUser(Guid code, string email, string password, string passwordConfirm)
{
var pending = await _pendingIdentityRepository.GetAsync(code, email);
if (pending is null)
{
_logger.LogWarning($"Pending user not found with code: {code} and email: {email}");
throw new VmsException(Codes.InvalidCredentials, "The account registration has not been made.");
}
//TODO: make sure this check is done on creation of account pending.
//var existing = await _identityRepository.GetByEmailAndRole(email, Roles.);
//if (existing != null)
// throw new VmsException(Codes.EmailInUse, "Their has already been an account created with this email.");
if (password != passwordConfirm)
{
throw new VmsException(Codes.InvalidCredentials, "The credentials are invalid.");
}
var pword = _passwordManager.EncryptPassword(password);
var numberCode = await GetCode(pending.BusinessId);
var identity = new Domain.Identity(email, pword.Hash, pword.Salt, pending.Role, pending.BusinessId, numberCode);
await _identityRepository.AddAsync(identity);
await _pendingIdentityRepository.RemoveAsync(pending);
_publisher.PublishEvent(new UserAccountCreated(identity.Id, identity.Email, identity.Code), RequestInfo.Empty);
}