public async Task <User> RegisterUser(RegisterUserModel model) { if (!await registerUserPolicy.IsValid(model)) { throw new PolicyViolationException(registerUserPolicy.PolicyViolations); } model.Password = "******"; var salt = encrypter.GenerateSalt(); var hashedPassword = encrypter.GenerateHash(model.Password, salt); var user = dbContext.Users.Add(new User(userInfoProvider.Username) { CreatedBy = userInfoProvider.Username, LastModifiedBy = userInfoProvider.Username, Firstname = model.Firstname, Lastname = model.Lastname, Username = model.Username, ResetPasswordOnNextLogin = true, PasswordHash = model.IsAdUser ? null : hashedPassword, Salt = salt, IsActiveDirectoryUser = model.IsAdUser, Email = model.Email }); CreateRoles(model.Roles, user.Entity); await dbContext.SaveChangesAsync(); return(user.Entity); }
public async Task <PasswordResetRequestResponseModel> RequestPasswordReset(PasswordResetRequestModel model) { if (!await requestPasswordResetPolicy.IsValid(model)) { throw new PolicyViolationException(requestPasswordResetPolicy.PolicyViolations); } var user = await dbContext .Users .Where(n => n.Username.Trim().ToUpper() == model.Username.Trim().ToUpper()) .FirstAsync(); //Expire Old Password Reset Requests var existingRequests = await dbContext.PasswordResetRequests.Where(n => n.UserId == user.UserId && n.IsActive).ToListAsync(); foreach (var existingRequest in existingRequests) { existingRequest.IsActive = false; } //Generate New Request var resetRequest = new PasswordResetRequest(user.UserId); dbContext.PasswordResetRequests.Add(resetRequest); await dbContext.SaveChangesAsync(); var email = this.commsService.GetBaseEmail(); email.Subject = "JonkerBudgetCore.Api - Password Reset"; email.IsBodyHtml = true; email.Body = $@"<style type=""text / css""> p {{ font-family: ""sans-serif""; font-size: 15px; }} </style> <p> Hi {user.Firstname},<br /> <br /> A password reset has been requested for your account ({user.Username}) on JonkerBudgetCore.Api ({websiteConfiguration.BaseAddress}).<br /> If you did not request a password reset or believe this is in error, please contact the administrator immediately.<br /> <br /> To reset your password, please click the following link:<br /> <a href=""{websiteConfiguration.BaseAddress}/reset-password/{resetRequest.UserId}/{resetRequest.Token}"">Reset My Password</a> <br /> <br /> Regards, <br /> JonkerBudgetCore.Api<br /> </p>"; email.To = user.Email; var emailResult = await this.commsService.SendEmail(email); return(new PasswordResetRequestResponseModel() { EmailAddress = user.Email }); }
public async Task <bool> IsValid(RegisterUserModel model) { policyViolations = new List <PolicyViolation>(); if (!await usernamePolicy.IsValid(new UsernameModel { Username = model.Username })) { policyViolations.AddRange(usernamePolicy.PolicyViolations); } return(!(policyViolations?.Count > 0)); }
public async Task <ResetPasswordResponseModel> ResetPassword(ResetPasswordModel model) { if (!await resetPasswordPolicy.IsValid(model)) { throw new PolicyViolationException(resetPasswordPolicy.PolicyViolations); } var passwordModel = new PasswordModel() { Password = model.Password }; if (!await passwordPolicy.IsValid(passwordModel)) { throw new PolicyViolationException(passwordPolicy.PolicyViolations); } var user = await dbContext .Users .Where(n => n.UserId == model.UserId) .FirstAsync(); var resetRequest = await dbContext .PasswordResetRequests .Where(n => n.UserId == user.UserId) .OrderByDescending(n => n.DateTimeIn) .FirstOrDefaultAsync(); resetRequest.IsActive = false; resetRequest.PasswordResetTime = DateTime.Now; IEncrypter encrypter = new Encrypter(); user.PasswordHash = encrypter.GenerateHash(model.Password, user.Salt); user.LockoutExpiryDate = null; user.FailedLoginAttempts = 0; user.ResetPasswordOnNextLogin = false; await dbContext.SaveChangesAsync(); return(new ResetPasswordResponseModel() { Username = user.Username }); }
public async Task <User> RegisterDomainUser(RegisterDomainUserModel model) { if (!await registerDomainUserPolicy.IsValid(model)) { throw new PolicyViolationException(registerDomainUserPolicy.PolicyViolations); } var user = dbContext.Users.Add(new User(userInfoProvider.Username) { CreatedBy = userInfoProvider.Username, LastModifiedBy = userInfoProvider.Username, Username = model.Username, IsActiveDirectoryUser = true }); CreateRoles(model.Roles, user.Entity); await dbContext.SaveChangesAsync(); return(user.Entity); }
public async Task <User> UpdateUser(UpdateUserModel model) { if (!await updateUserPolicy.IsValid(model)) { throw new PolicyViolationException(updateUserPolicy.PolicyViolations); } var userToUpdate = dbContext.Users.Include("UserRoles").First(match => match.UserId == model.UserId); userToUpdate.LastModifiedBy = userInfoProvider.Username; userToUpdate.LastModifiedDateUtc = DateTime.UtcNow; userToUpdate.Firstname = model.Firstname; userToUpdate.Lastname = model.Lastname; userToUpdate.Username = model.Username; userToUpdate.ResetPasswordOnNextLogin = true; userToUpdate.IsActiveDirectoryUser = model.IsAdUser; userToUpdate.Email = model.Email; UpdateRoles(model.Roles, userToUpdate); await dbContext.SaveChangesAsync(); return(userToUpdate); }