public async Task <ResponseModelBase> ChangeEmail([FromBody] ChangeEmailRequestModel model) { if (!ModelState.IsValid) { return(ErrorModel.Of("invalid_request")); } UserModel usr; if (await ldb.ValidateAccount(model.EmailAddress, model.Password)) { return(ErrorModel.Of("username_or_password_incorrect")); } //retrieve the user usr = await ldb.FindByEmailAddress(model.EmailAddress); if (usr == null) { return(ErrorModel.Of("user_not_found")); } //make sure that the email address isn't in use var other = await ldb.FindByEmailAddress(model.NewEmailAddress); if (other != null) { return(ErrorModel.Of("email_address_in_use")); } usr.EmailAddress = model.NewEmailAddress; usr.UniqueConfirmationCode = Guid.NewGuid(); usr.EmailConfirmationSent = DateTime.Now; usr.IsEmailConfirmed = false; Task.WaitAll( ldb.UpdateUser(usr), Backend.EmailSender.SendEmail(usr, Backend.EmailSender.RegistrationTemplate) ); return(Models.OkModel.Of("email_address_changed")); }
public async Task <ResponseModelBase> ChangePassword([FromBody] ChangePasswordRequestModel model) { if (!ModelState.IsValid) { return(ErrorModel.Of("invalid_request")); } if (!await ldb.ValidateAccount(model.EmailAddress, model.OldPassword)) { return(ErrorModel.Of("username_or_password_incorrect")); } if (model.NewPassword.Length < 8) { return(ErrorModel.Of("password_too_short")); } //Change their password var user = await ldb.FindByEmailAddress(model.EmailAddress); if (user == null) { return(ErrorModel.Of("user_not_found")); } user.PasswordHashes = await Task.Run(() => PasswordHasher.GenerateHashPermutations(model.NewPassword)); //Clear all sessions ldb.DBContext.Sessions.RemoveRange(user.ActiveSessions); user.ActiveSessions.Clear(); //And login tokens ldb.DBContext.ServerTokens.RemoveRange(user.ActiveServerTokens); user.ActiveServerTokens.Clear(); //Update await ldb.UpdateUser(user); return(OkModel.Of("password_changed")); }
public async Task <ResponseModelBase> ChangeForgottenPassword([FromBody] ForgotPasswordDoChangeRequestModel model) { if (!ModelState.IsValid) { return(ErrorModel.Of("invalid_request")); } if (model.NewPassword.Length < 8) { return(ErrorModel.Of("password_too_short")); } //Change their password var user = await ldb.FindByUniqueId(model.UserId); //validate user if (user == null) { return(ErrorModel.Of("user_not_found")); } //and code if (user.UniqueConfirmationCode != model.ConfirmationCode) { return(ErrorModel.Of("email_confirmation_code_incorrect")); } user.PasswordHashes = await Task.Run(() => PasswordHasher.GenerateHashPermutations(model.NewPassword)); user.UniqueConfirmationCode = Guid.NewGuid(); //Clear all sessions ldb.DBContext.Sessions.RemoveRange(user.ActiveSessions); user.ActiveSessions.Clear(); //And login tokens ldb.DBContext.ServerTokens.RemoveRange(user.ActiveServerTokens); user.ActiveServerTokens.Clear(); //And save await ldb.UpdateUser(user); return(Models.OkModel.Of("password_changed")); }
public async Task <ResponseModelBase <UserServerTokenResponseModel> > CreateServerToken([FromBody] AuthenticatedRequestModel model) { if (!ModelState.IsValid) { return(ErrorModel.Of <UserServerTokenResponseModel>(null, "invalid_request")); } var session = await ldb.GetSessionFromKey(model.SessionKey); if (session == null) { return(ErrorModel.Of <UserServerTokenResponseModel>(null, "not_logged_in")); //Auth failed } var token = new UserServerTokenModel(); token.ExpiryDate = DateTime.UtcNow + TimeSpan.FromMinutes(2); token.ServerToken = Guid.NewGuid().ToString("N"); session.Owner.AddToken(token); await ldb.UpdateUser(session.Owner); return(OkModel.Of(new UserServerTokenResponseModel(token))); }
public async Task <ResponseModelBase> RedeemProduct([FromBody] RedeemProductRequestModel model) { if (!ModelState.IsValid) { return(ErrorModel.Of("invalid_request")); } var user = await ldb.FindBySessionKey(model.SessionKey); if (user == null) { return(ErrorModel.Of("not_logged_in")); } var tableStorageString = Startup.Configuration["Data:TableStorageConnectionString"]; //update var account = CloudStorageAccount.Parse(tableStorageString); var client = account.CreateCloudTableClient(); var table = client.GetTableReference("ZSBProductKeys"); var partitionKey = model.ProductKey.Substring(0, 4); var key = model.ProductKey.ToUpper().Replace("-", ""); var result = await table.ExecuteAsync( TableOperation.Retrieve <ProductKeyStorageModel>(partitionKey, key)); if (result.HttpStatusCode != 200) //error { return(Models.ErrorModel.Of("product_key_not_found")); } //Do stuff (update the db) var obj = (ProductKeyStorageModel)result.Result; if (obj.HasBeenRedeemed) { return(ErrorModel.Of("product_key_already_redeemed")); } obj.HasBeenRedeemed = true; obj.RedemptionDate = DateTime.UtcNow; obj.RedeemerAccountId = user.UniqueId; obj.RedeemerAccountEmailAddress = user.EmailAddress; //and update the user user.OwnedProducts.Add(new UserOwnedProductModel { EditionId = obj.EditionId, ProductId = obj.ProductId, ProductKey = obj.Key, RedemptionDate = DateTime.UtcNow }); await table.ExecuteAsync(TableOperation.Merge(obj)); await ldb.UpdateUser(user); await Backend.EmailSender.SendEmail(user, Backend.EmailSender.ProductKeyRedeemedTemplate, new Dictionary <string, string>() { { "-displayName-", obj.DisplayName }, { "-productName-", obj.ProductName }, { "-productId-", obj.ProductId.ToString() }, { "-editionName-", obj.EditionName }, { "-editionId-", obj.EditionId.ToString() }, { "-productKey-", obj.Key }, { "-downloadUrl-", (await Backend.ProductDatabase.GetProduct(obj.ProductId, obj.EditionId)).Product.DownloadUrl }, { "-redemptionDate-", DateTime.UtcNow.ToString("G") } }); return(OkModel.Of("product_key_redeemed")); }