public void WhenIRecieveTheUpdateEmailAddressVerificationCode()
{
var email = _tokenManager.GetTokenByKey(BindingData.UserEmailAddressTokenName);
var user = _userReadRepository.Get(email);
_tokenManager.SetToken(BindingData.NewEmailAddressVerificationCode, user.PendingUsernameCode);
_tokenManager.SetToken(BindingData.PasswordTokenName, BindingData.Password);
}
public void UpdateUsername(Guid userId, string newUsername)
{
var user = _userReadRepository.Get(userId);
user.PendingUsername = newUsername;
user.PendingUsernameCode = _codeGenerator.GenerateAlphaNumeric();
_userWriteRepository.Save(user);
}
public void WhenIGetTokenToResetPassword()
{
var email = _tokenManager.GetTokenByKey(BindingData.UserEmailAddressTokenName);
var user = _userReadRepository.Get(email);
if (user != null)
{
_tokenManager.SetToken(BindingData.PasswordResetCodeTokenName, user.PasswordResetCode);
}
}
public void WhenIGetTokenForMyNewlyCreatedAccount()
{
var email = _tokenManager.GetTokenByKey(BindingData.UserEmailAddressTokenName);
var user = _userReadRepository.Get(email);
if (user != null)
{
_tokenManager.SetToken(BindingData.ActivationCodeTokenName, user.ActivationCode);
}
}
public bool IsUsernameAvailable(string username)
{
Condition.Requires(username).IsNotNullOrEmpty();
_logger.Debug("Calling UserAccountService to discover if the username {0} is available.", username);
// check status of user (unactivated account should also be considered "available")
var user = _userReadRepository.Get(username, false);
return(user == null || user.Status == UserStatuses.PendingActivation);
}
public void SendPasswordResetCode(string username)
{
var user = _userReadRepository.Get(username, false);
if (user == null)
{
_logger.Info(string.Format("Cannot send password reset code, username not found: \"{0}\".", username));
return;
}
var candidate = _candidateReadRepository.Get(user.EntityId);
var currentDateTime = DateTime.Now;
var expiry = currentDateTime.AddDays(_passwordResetCodeExpiryDays);
string passwordResetCode;
if (!string.IsNullOrEmpty(user.PasswordResetCode) && (user.PasswordResetCodeExpiry > currentDateTime))
{
// Reuse existing token and set new expiry date
passwordResetCode = user.PasswordResetCode;
}
else
{
// generate new code and send
passwordResetCode = _codeGenerator.GenerateAlphaNumeric();
}
user.SetStatePasswordResetCode(passwordResetCode, expiry);
_userWriteRepository.Save(user);
// Send Password Reset Code
SendPasswordResetCodeViaCommunicationService(candidate, user.PasswordResetCode);
}
public void SendSavedSearchAlerts(Guid batchId)
{
var allCandidatesSavedSearchAlerts = _savedSearchAlertRepository.GetCandidatesSavedSearchAlerts();
foreach (var candidateId in allCandidatesSavedSearchAlerts.Keys)
{
var candidate = _candidateReadRepository.Get(candidateId);
var user = _userReadRepository.Get(candidateId);
var candidateSavedSearchAlerts = allCandidatesSavedSearchAlerts[candidateId];
if (candidate.AllowsCommunication() && user.IsActive())
{
var communicationRequest = CommunicationRequestFactory.GetSavedSearchAlertCommunicationRequest(candidate, candidateSavedSearchAlerts);
_serviceBus.PublishMessage(communicationRequest);
// Update candidates saved search alerts to sent
candidateSavedSearchAlerts.ToList().ForEach(dd =>
{
dd.BatchId = batchId;
_savedSearchAlertRepository.Save(dd);
});
}
else
{
// Soft delete candidates saved search status alerts by setting batch id to empty
candidateSavedSearchAlerts.ToList().ForEach(dd =>
{
dd.BatchId = Guid.Empty;
_savedSearchAlertRepository.Save(dd);
});
}
}
}
public void SendAccountUnlockCode(string username)
{
var user = _userReadRepository.Get(username);
user.AssertState("Send unlock code", UserStatuses.Locked);
var candidate = _candidateReadRepository.Get(user.EntityId);
if (user.AccountUnlockCodeExpiry < DateTime.Now)
{
// Account unlock code has expired, renew it.
_lockUserStrategy.LockUser(user);
}
var unlockCodeExpiryDays = _configurationManager.GetAppSetting <int>("UnlockCodeExpiryDays");
var firstName = candidate.RegistrationDetails.FirstName;
var emailAddress = candidate.RegistrationDetails.EmailAddress;
var accountUnlockCode = user.AccountUnlockCode;
var expiryInDays = string.Format(unlockCodeExpiryDays == 1 ? "{0} day" : "{0} days", unlockCodeExpiryDays);
var tokens = new[]
{
new CommunicationToken(CommunicationTokens.CandidateFirstName, firstName),
new CommunicationToken(CommunicationTokens.Username, emailAddress),
new CommunicationToken(CommunicationTokens.AccountUnlockCode, accountUnlockCode),
new CommunicationToken(CommunicationTokens.AccountUnlockCodeExpiryDays, expiryInDays)
};
_communicationService.SendMessageToCandidate(
candidate.EntityId, MessageTypes.SendAccountUnlockCode, tokens);
}
public Candidate RegisterCandidate(Candidate newCandidate, string password)
{
var username = newCandidate.RegistrationDetails.EmailAddress;
var activationCode = _codeGenerator.GenerateAlphaNumeric();
var user = _userReadRepository.Get(username, false);
if (user == null)
{
// Process registration for brand new username
var newCandidateId = Guid.NewGuid();
_authenticationService.CreateUser(newCandidateId, password);
_userAccountService.Register(username, newCandidateId, activationCode, UserRoles.Candidate);
return(SaveAndNotifyCandidate(newCandidateId, newCandidate, activationCode));
}
user.AssertState("Register candidate", UserStatuses.PendingActivation);
if (user.ActivateCodeExpiry != null && user.ActivateCodeExpiry > DateTime.Now)
{
// Process existing username in unexpired pending activation status
return(SaveAndNotifyCandidate(user.EntityId, newCandidate, user.ActivationCode));
}
// Process existing username in an expired pending activation status
_authenticationService.ResetUserPassword(user.EntityId, password);
_userAccountService.Register(username, user.EntityId, activationCode, UserRoles.Candidate);
return(SaveAndNotifyCandidate(user.EntityId, newCandidate, activationCode));
}
public Candidate AuthenticateCandidate(string username, string password)
{
var user = _userReadRepository.Get(username, false);
if (user != null)
{
user.AssertState("Authenticate user", UserStatuses.Active, UserStatuses.PendingActivation, UserStatuses.Locked);
if (_authenticationService.AuthenticateUser(user.EntityId, password))
{
var candidate = _candidateReadRepository.Get(user.EntityId);
if (user.LoginIncorrectAttempts > 0)
{
user.SetStateActive();
_userWriteRepository.Save(user);
}
return(candidate);
}
RegisterFailedLogin(user);
}
return(null);
}
protected override bool DoHandle(User user, Candidate candidate)
{
if (user == null || candidate == null)
{
return(false);
}
if (user.Status != UserStatuses.Dormant)
{
return(false);
}
var housekeepingCyclesSinceLastLogin = GetHousekeepingCyclesSince(user.GetLastLogin());
if (housekeepingCyclesSinceLastLogin >= Configuration.DormantAccountStrategy.SetPendingDeletionAfterCycles)
{
var existingUser = _userReadRepository.Get(user.Username, false);
if (existingUser == null || !existingUser.IsInState(UserStatuses.PendingDeletion))
{
return(_setUserStatusPendingDeletionStrategy.SetUserStatusPendingDeletion(user));
}
}
return(false);
}
public void ShouldCreateAndReadUser()
{
var user = CreateAndSaveUserInMongoDb();
var returnUser = _userReadRepository.Get(user.Username);
returnUser.Should().NotBeNull();
}
private void CreateCandidate(CreateCandidateRequest request)
{
try
{
_logger.Debug("Creating candidate Id: {0}", request.CandidateId);
var user = _userReadRepository.Get(request.CandidateId);
user.AssertState("Create legacy user", UserStatuses.Active, UserStatuses.Locked);
var candidate = _candidateReadRepository.Get(request.CandidateId, true);
if (candidate.LegacyCandidateId == 0)
{
_logger.Info("Sending request to create candidate in legacy system: Candidate Id: \"{0}\"", request.CandidateId);
var legacyCandidateId = _legacyCandidateProvider.CreateCandidate(candidate);
candidate.LegacyCandidateId = legacyCandidateId;
_candidateWriteRepository.Save(candidate);
_logger.Info("Candidate created in legacy system: Candidate Id: \"{0}\", Legacy Candidate Id: \"{1}\"", request.CandidateId, legacyCandidateId);
}
else
{
_logger.Warn("User has already been activated in legacy system: Candidate Id: \"{0}\"", request.CandidateId);
}
}
catch (Exception ex)
{
_logger.Error(string.Format("Create candidate with id {0} request async process failed", request.CandidateId), ex);
Requeue(request);
}
}
public Candidate AuthenticateCandidate(string username, string password)
{
var user = _userReadRepository.Get(username, false);
if (user != null)
{
user.AssertState("Authenticate user", UserStatuses.Active, UserStatuses.PendingActivation, UserStatuses.Locked, UserStatuses.Dormant);
if (_authenticationService.AuthenticateUser(user.EntityId, password))
{
var candidate = _candidateReadRepository.Get(user.EntityId);
if (user.LoginIncorrectAttempts > 0)
{
user.LoginIncorrectAttempts = 0;
}
if (user.Status == UserStatuses.Dormant)
{
user.Status = UserStatuses.Active;
}
user.LastLogin = DateTime.UtcNow;
_userWriteRepository.Save(user);
_serviceBus.PublishMessage(new CandidateUserUpdate(user.EntityId, CandidateUserUpdateType.Update));
return(candidate);
}
RegisterFailedLogin(user);
}
return(null);
}
public IEnumerable <Candidate> GetActivatedCandidatesWithUnsetLegacyId()
{
var activatedCandidatesWithUnsetLegacyId = new List <Candidate>();
//Message queue back off strategy is to wait 30 seconds before initial retry then 5 minutes for each subsequent retry
//6 Minutes provides enough time for three attempts
var outsideLikelyUpdateTime = DateTime.Now.AddMinutes(60);
var candidatesWithUnsetLegacyId = Collection.AsQueryable().Where(c => c.DateUpdated < outsideLikelyUpdateTime && c.LegacyCandidateId == 0);
foreach (var mongoCandidate in candidatesWithUnsetLegacyId)
{
var user = _userReadRepository.Get(mongoCandidate.EntityId);
if (user.ActivationCode != null)
{
continue;
}
var candidate = _mapper.Map <MongoCandidate, Candidate>(mongoCandidate);
_logger.Debug("Candidate {0} is associated with an activated user but does not have a valid legacy candidate id from the legacy service", candidate.EntityId);
activatedCandidatesWithUnsetLegacyId.Add(candidate);
}
return(activatedCandidatesWithUnsetLegacyId);
}
public void ResendActivationCode(string username)
{
var user = _userReadRepository.Get(username, false);
if (user == null)
{
throw new CustomException("Unknown username", UserErrorCodes.UnknownUserError);
}
user.AssertState("Resend activate code", UserStatuses.PendingActivation);
var candidate = _candidateReadRepository.Get(user.EntityId);
var currentDateTime = DateTime.Now;
var expiry = currentDateTime.AddDays(_activationCodeExpiryDays);
if (!string.IsNullOrEmpty(user.ActivationCode) && (user.ActivateCodeExpiry > currentDateTime))
{
// Reuse existing token and set new expiry date
user.PasswordResetCodeExpiry = expiry;
}
else
{
// generate new code and set expiry date
var activationCode = _codeGenerator.GenerateAlphaNumeric();
user.SetStatePendingActivation(activationCode, expiry);
}
_userWriteRepository.Save(user);
SendActivationCode(candidate, user.ActivationCode);
}
public void ResetForgottenPassword(string username, string passwordCode, string newPassword)
{
var user = _userReadRepository.Get(username);
var candidate = _candidateReadRepository.Get(user.EntityId);
if (user.PasswordResetCode != null && user.PasswordResetCode.Equals(passwordCode, StringComparison.CurrentCultureIgnoreCase))
{
if (user.PasswordResetCodeExpiry != null && DateTime.UtcNow > user.PasswordResetCodeExpiry)
{
throw new CustomException("Password reset code has expired.", Interfaces.Users.ErrorCodes.UserPasswordResetCodeExpiredError);
}
_authenticationService.ResetUserPassword(user.EntityId, newPassword);
user.SetStateActive();
user.LastLogin = DateTime.UtcNow;
_userWriteRepository.Save(user);
_serviceBus.PublishMessage(new CandidateUserUpdate(user.EntityId, CandidateUserUpdateType.Update));
_auditRepository.Audit(user, AuditEventTypes.UserResetPassword, user.EntityId);
SendPasswordResetConfirmationMessage(candidate);
}
else
{
RegisterFailedPasswordReset(user);
throw new CustomException("Password reset code \"{0}\" is invalid for user \"{1}\"", Interfaces.Users.ErrorCodes.UserPasswordResetCodeIsInvalid, passwordCode, username);
}
}
public ServiceBusMessageStates Consume(CandidateHousekeeping candidateHousekeeping)
{
var candidateId = candidateHousekeeping.CandidateId;
_logService.Debug("Running housekeeping strategies for CandidateId: {0}", candidateId);
var user = _userReadRepository.Get(candidateId);
var candidate = _candidateReadRepository.Get(candidateId);
if (user == null && candidate == null)
{
_logService.Info("No User or Candidate found for CandidateId: {0}. Likely deleted by another housekeeping sweep", candidateId);
}
else
{
foreach (var housekeepingChain in _housekeepingChains)
{
housekeepingChain.Handle(user, candidate);
}
}
_logService.Debug("Housekeeping for CandidateId: {0} complete", candidateId);
return(ServiceBusMessageStates.Complete);
}
public void ThenMyAccountUnlockCodeHasBeenRenewed()
{
var user = _userReadRepository.Get(BindingData.UserEmailAddress);
var accountUnlockCode = _tokenManager.GetTokenByKey(BindingData.AccountUnlockCodeTokenName);
// Ensure account unlock code has changed.
accountUnlockCode.Should().NotBeNull();
user.AccountUnlockCode.Should().NotBeNull();
accountUnlockCode.Should().NotBe(user.AccountUnlockCode);
// Ensure account unlock code has been renewed.
user.AccountUnlockCodeExpiry.Should().BeAfter(DateTime.UtcNow);
}
public void ActivateCandidate(Guid id, string activationCode)
{
var user = _userReadRepository.Get(id);
user.AssertState("Activate user", UserStatuses.PendingActivation);
_registrationService.Activate(id, activationCode);
}
public bool SetCandidateDeletionPending(Candidate candidate)
{
Condition.Requires(candidate);
_logger.Info(
$"Calling CandidateService to Set status to Deletion Pending for account of the user with Id={candidate.EntityId}");
var user = _userReadRepository.Get(candidate.EntityId);
return(user != null && _setCandidateDeletionPendingStrategy.SetUserStatusPendingDeletion(user));
}
public Candidate GetCandidate(string username)
{
var candidates = _candidateReadRepository.Get(username).ToList();
if (candidates.Count == 1)
{
return(candidates.Single());
}
var user = _userReadRepository.Get(username);
return(_candidateReadRepository.Get(user.EntityId));
}
public void SendPendingUsernameCode(Guid userId)
{
var user = _userReadRepository.Get(userId);
if (user == null)
{
_logger.Info(string.Format("Cannot send pending username code, userid not found: \"{0}\".", userId));
return;
}
var candidate = _candidateReadRepository.Get(user.EntityId);
SendPendingUsernameCodeViaCommunicationService(user, candidate);
}
public void Activate(string username, string activationCode)
{
var user = _userReadRepository.Get(username);
user.AssertState("Activate user", UserStatuses.PendingActivation);
if (!user.ActivationCode.Equals(activationCode, StringComparison.InvariantCultureIgnoreCase))
{
throw new CustomException("Invalid activation code \"{0}\" for user \"{1}\"", ErrorCodes.UserActivationCodeError, activationCode, username);
}
user.SetStateActive();
_userWriteRepository.Save(user);
}
public override void Handle(CommunicationRequest communicationRequest)
{
var candidateId = GetCandidateId(communicationRequest);
var user = _userReadRepository.Get(candidateId);
var candidate = _candidateReadRepository.Get(candidateId);
if (!ShouldCommunicateWithUser(user))
{
_logService.Info("Will NOT send any messages to user '{0}' email '{1}' in state '{2}'",
user.EntityId, user.Username, user.Status);
return;
}
HandleEmailMessage(candidate, communicationRequest);
HandleSmsMessage(candidate, communicationRequest);
}
public void ActivateCandidate(string username, string activationCode)
{
var user = _userReadRepository.Get(username);
user.AssertState("Activate user", UserStatuses.PendingActivation);
var candidate = _candidateReadRepository.Get(user.EntityId);
if (candidate.LegacyCandidateId == 0)
{
// Create candidate on legacy system before activating
var legacyCandidateId = _legacyCandidateProvider.CreateCandidate(candidate);
candidate.LegacyCandidateId = legacyCandidateId;
_candidateWriteRepository.Save(candidate);
}
_registrationService.Activate(username, activationCode);
}
public void ResetForgottenPassword(string username, string passwordCode, string newPassword)
{
var user = _userReadRepository.Get(username);
var candidate = _candidateReadRepository.Get(user.EntityId);
if (candidate.LegacyCandidateId == 0)
{
// Candidate record does not exist on legacy system, create it now.
var legacyCandidateId = _legacyCandidateProvider.CreateCandidate(candidate);
candidate.LegacyCandidateId = legacyCandidateId;
_candidateWriteRepository.Save(candidate);
}
_resetForgottenPasswordStrategy.ResetForgottenPassword(username, passwordCode, newPassword);
}
public void ActivateCandidate(string username, string activationCode)
{
var user = _userReadRepository.Get(username);
user.AssertState("Activate candidate", UserStatuses.PendingActivation);
// Activate user before message submission so that they can continue using the site
_registrationService.Activate(username, activationCode);
// queue request for submission to legacy
var message = new CreateCandidateRequest
{
CandidateId = user.EntityId
};
_logService.Info("Publishing CreateCandidateRequest for Candidate with Id: {0}", message.CandidateId);
_messageBus.PublishMessage(message);
_logService.Info("Successfully published CreateCandidateRequest for Candidate with Id: {0}", message.CandidateId);
}
public void Register(string username, Guid userId, string activationCode, UserRoles roles)
{
var user = _userReadRepository.Get(username, false);
if (user != null && !user.IsInState(UserStatuses.PendingActivation, UserStatuses.PendingDeletion))
{
throw new CustomException("Username already in use and is not in pending activation or deletion status", Domain.Entities.ErrorCodes.EntityStateError);
}
var newUser = new User
{
EntityId = userId,
Username = username,
Roles = roles
};
newUser.SetStatePendingActivation(activationCode, DateTime.UtcNow.AddDays(_activationCodeExpiryDays));
_userWriteRepository.Save(newUser);
}
public void Activate(Guid id, string activationCode)
{
var user = _userReadRepository.Get(id);
user.AssertState("Activate user", UserStatuses.PendingActivation);
if (!user.ActivationCode.Equals(activationCode, StringComparison.InvariantCultureIgnoreCase))
{
throw new CustomException("Invalid activation code \"{0}\" for user with id \"{1}\"", ErrorCodes.UserActivationCodeError, activationCode, id);
}
user.SetStateActive();
user.ActivationDate = DateTime.UtcNow;
user.LastLogin = DateTime.UtcNow;
_userWriteRepository.Save(user);
_serviceBus.PublishMessage(new CandidateUserUpdate(user.EntityId, CandidateUserUpdateType.Update));
_auditRepository.Audit(user, AuditEventTypes.UserActivatedAccount, user.EntityId);
}
