public async Task <ActionResult> ConfirmUser(UserConfirmModel model)
{
try
{
// Save user credentials
User user = await _users.SaveUserCredentials(model.Token, model.Password);
// Audit log
_auditLog.Log(AuditStream.UserSecurity, "Registration Completed",
new
{
userId = user.ID
},
new
{
remote_ip = Request.UserHostAddress,
browser = Request.Browser.Browser
});
}
catch (EmailExpiredException)
{
return(View("EmailLinkExpired", new Models.ErrorModel {
Message = ConfigurationManager.AppSettings["DataLinkerContactEmail"]
}));
}
Toastr.Success("Email verification process was successfully completed.");
return(View("EmailConfirmed", new Models.ErrorModel()));
}
public async Task <IActionResult> OnPostAsync()
{
if (this.HttpContext.User?.Identity?.Name != null)
{
string userName = this.HttpContext.User.Identity.Name;
if (!Request.Cookies.ContainsKey(UserConstants.SkillsConfirmationCookieName))
{
UserProfile userProfile = _userProfileService.GetUser();
UserConfirmModel confirmSkillsModel = new UserConfirmModel()
{
Name = userProfile.Fullname,
Username = userName,
};
ValidatedApiResponse <User> confirmResult = await _usersApiClient.ConfirmSkills(userProfile.Id, confirmSkillsModel);
if (confirmResult.StatusCode != HttpStatusCode.OK)
{
throw new InvalidOperationException($"Failed to confirm skills for {userName}");
}
SetCookie();
}
}
return(Redirect("/"));
}
public async Task <ActionResult> UserConfirm(string userId, string code, string Nt)
{
AppUser user = UserManager.FindById(userId);
double timeInt = Convert.ToDouble(Nt);
if (timeInt + 3 * 3600 <= TimeHelper.ConvertDateTimeInt(DateTime.UtcNow) || timeInt > TimeHelper.ConvertDateTimeInt(DateTime.UtcNow) || timeInt == 0)
{
return(RedirectToAction("Error404", "Account", new { ErrorMessage = "Link Has Expired" }));
}
EnsureLoggedOut();
if (userId == null || code == null || user == null)
{
return(RedirectToLocal());
}
if (await UserManager.IsEmailConfirmedAsync(userId))
{
return(RedirectToLocal());
}
UserConfirmModel mode = new UserConfirmModel()
{
Code = code,
Id = userId
};
ViewBag.UserName = user.PayRollUser;
return(View(mode));
}
public async Task <IActionResult> UpdateHasConfirmedSkills()
{
if (EnableAuthBypass())
{
return(Ok());
}
if (!User.Identity.IsAuthenticated)
{
return(new UnauthorizedResult());
}
UserProfile userProfile = _userProfileService.GetUser();
UserConfirmModel confirmSkillsModel = new UserConfirmModel
{
Name = userProfile.Fullname,
Username = User.Identity.Name
};
ValidatedApiResponse <User> confirmResult = await _usersApiClient.ConfirmSkills(userProfile.Id, confirmSkillsModel);
if (confirmResult.StatusCode == HttpStatusCode.OK)
{
return(Ok());
}
return(confirmResult.ModelState == null?BadRequest("Could not confirm user skills") : BadRequest(confirmResult.ModelState));
}
public async Task ConfirmSkills()
{
string id = NewRandomString();
UserConfirmModel model = new UserConfirmModel();
await AssertPostRequest($"confirm-skills?userId={id}",
model,
new ApiUser(),
() => _client.ConfirmSkills(id, model));
}
private FilterDefinition <User> ByUserConfirm(UserConfirmModel model)
{
if (!string.IsNullOrEmpty(model.UserId) && ObjectId.TryParse(model.UserId, out ObjectId id) &&
!string.IsNullOrEmpty(model.Code) && Guid.TryParse(model.Code, out Guid code))
{
return(Query.Filter.And(ById(id), ByCodeConfirm(code.ToString())));
}
return(null);
}
public async Task <User> FilterAsync(UserConfirmModel model)
{
FilterDefinition <User> filter = ByUserConfirm(model);
if (filter != null)
{
return(await Collection.Find(filter).SingleOrDefaultAsync());
}
return(null);
}
public User Filter(UserConfirmModel model)
{
FilterDefinition <User> filter = ByUserConfirm(model);
if (filter != null)
{
return(Collection.Find(filter).SingleOrDefault());
}
return(null);
}
public async Task <ActionResult> UserConfirm(UserConfirmModel viewModel)
{
if (!ModelState.IsValid)
{
return(View(viewModel));
}
var user = UserManager.FindById(viewModel.Id);
if (user != null)
{
IdentityResult result = UserManager.ConfirmEmail(viewModel.Id, viewModel.Code);
if (result.Succeeded)
{
//await UserManager.ResetPasswordAsync(user.Id, viewModel.code, viewModel.Password);
var resultPW = UserManager.ChangePassword(user.Id, "Pay123456", viewModel.Password);
if (resultPW.Succeeded)
{
Employee e = user.Employee.SingleOrDefault();
e.F124 = 0;
db.SaveChanges();
await ApplicationSignInManager.PasswordSignInAsync(user.UserName, viewModel.Password, true, shouldLockout : false);
SignCookieAsync(user);
return(RedirectToLocal());
}
else
{
AddErrors(resultPW);
return(View(viewModel));
};
}
else
{
AddErrors(result);
return(View(viewModel));
}
}
return(View(viewModel));
}
public ActionResult ConfirmUser(string token)
{
try
{
// Check whether token is valid for setup users credentials
_users.GetUserByEmailConfirmationToken(token);
}
catch (EmailExpiredException)
{
return(View("EmailLinkExpired", new Models.ErrorModel {
Message = ConfigurationManager.AppSettings["DataLinkerContactEmail"]
}));
}
// Setup model
var model = new UserConfirmModel
{
Token = token
};
// Return result
return(View(model));
}
public async Task <ValidatedApiResponse <User> > ConfirmSkills(string userId, UserConfirmModel userConfirmModel)
{
Guard.IsNullOrWhiteSpace(userId, nameof(userId));
return(await ValidatedPostAsync <User, UserConfirmModel>($"confirm-skills?userId={userId}", userConfirmModel));
}
public async Task OnPostAsync_GivenCookieDoesNotAlreadyExistsAndCallingConfirmSkillsReturnsNoContent_SetsCookieReturnsRedirectResult()
{
//Arrange
const string upn = "*****@*****.**";
IIdentity identity = Substitute.For <IIdentity>();
identity
.Name
.Returns(upn);
ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(identity);
HttpContext httpContext = Substitute.For <HttpContext>();
httpContext
.User
.Returns(claimsPrincipal);
UserConfirmModel userConfirmModel = new UserConfirmModel();
User user = new User();
UserProfile userProfile = new UserProfile()
{
Firstname = "First",
Lastname = "Last",
Id = "123",
UPN = upn
};
IUserProfileService userProfileService = CreateUserProfileService();
userProfileService
.GetUser()
.Returns(userProfile);
IUsersApiClient apiClient = CreateUsersApiClient();
apiClient
.ConfirmSkills(Arg.Is("123"), Arg.Is <UserConfirmModel>(u => u.Username == upn && u.Name == userProfile.Fullname))
.Returns(new ValidatedApiResponse <User>(HttpStatusCode.OK, user));
ConfirmSkillsModel pageModel = CreatePageModel(apiClient, userProfileService);
pageModel.PageContext = new PageContext
{
HttpContext = httpContext
};
//Act
IActionResult result = await pageModel.OnPostAsync();
//Assert
result
.Should()
.BeOfType <RedirectResult>()
.Which
.Url
.Should()
.Be("/");
}
