public async Task <IActionResult> Login( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "permissions/Login")] HttpRequestMessage req, HttpRequest request, ILogger log) { UsersSecretsDto data = await req.Content.ReadAsAsync <UsersSecretsDto>(); var email = data.Email == null ? "" : data.Email; var password = data.Password == null ? "" : data.Password; if (String.IsNullOrEmpty(email) || String.IsNullOrEmpty(password)) { return(new BadRequestObjectResult(_errors.NotAuthorized)); } var dataResult = await _controller.Login(data.Email, data.Password, request); if (!dataResult.Success) { if (dataResult.Message.Contains("Block")) { return(new BadRequestObjectResult(dataResult.Message)); } return(new BadRequestObjectResult(_errors.NotAuthorized)); } return(new OkObjectResult(dataResult.Value)); }
public async Task <IActionResult> ChangePasswordToUser( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "permissions/ChangePasswordToUser")] HttpRequestMessage req, HttpRequest request, ILogger log) { UsersSecretsDto data = await req.Content.ReadAsAsync <UsersSecretsDto>(); var email = data.Email == null ? "" : data.Email; var password = data.Password == null ? "" : data.Password; if (String.IsNullOrEmpty(email) || String.IsNullOrEmpty(password)) { return(new BadRequestObjectResult(_errors.ValuesNotValid)); } var resultAuth = validAdmin(req, request, new List <string>() { "admin.update" }); if (!resultAuth.Success) { return(new BadRequestObjectResult(resultAuth.Message)); } var dataResult = await _controller.ChangePassword(email, password); if (!dataResult.Success) { return(new BadRequestObjectResult(dataResult.Message)); } return(new OkObjectResult(dataResult.Value)); }
public async Task <IActionResult> CreateUser( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "permissions/Register")] HttpRequestMessage req, ILogger log) { UsersSecretsDto data = await req.Content.ReadAsAsync <UsersSecretsDto>(); var email = data.Email == null ? "" : data.Email; var password = data.Password == null ? "" : data.Password; if (String.IsNullOrEmpty(email) || String.IsNullOrEmpty(password)) { return(new BadRequestObjectResult(_errors.ValuesNotValid)); } var dataResult = await _controller.Register(data.Id, data.Email, data.Password); if (!dataResult.Success) { return(new BadRequestObjectResult(dataResult.Message)); } // optional var dataScope = await _controller.UpdateScopes(dataResult.Value, new List <string> { "users.read" }); // optional // tenants can be grouped by example: "mycompany/surcusals" group is first element and child second // using * means all, if you are grouping that refrence to all with the same group by example "mycompany/*" var dataTenants = await _controller.UpdateTenants(dataResult.Value, new List <string>() { "mycompany/*", "mycompany/surcusals" }); var token = _controller.ForgotPasswordOrRegister(email); // you can build you custom address with the token generated // example https://mysite.com/onRoute/?validEmailToken=" + token // and send an email to requester including the address in the email body // you can call to change password api whit the token recived from email // exmaple: https://localhost/api/permissions/ValidEmail?token=" + token // It is important use the parameter named token // Remember not return the token only if has been calling internally by the server // use return new OkResult(); instead return(new OkObjectResult(dataResult.Value)); }
public async Task <IActionResult> ChangePassword( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "permissions/ChangePassword")] HttpRequestMessage req, HttpRequest request, ILogger log) { var token = req.RequestUri.ParseQueryString().Get("changepasswordtoken"); var emailToken = ""; if (!String.IsNullOrEmpty(token)) { emailToken = _controller.ValidateToken(token); if (String.IsNullOrEmpty(emailToken)) { return(new BadRequestObjectResult(_errors.NotAuthorized)); } } else { var resultAuth = validAuthorized(req, request); if (!resultAuth.Success) { if (resultAuth.Message == _errors.NotAuthorized) { return(new UnauthorizedResult()); } else { var objectResult = new ObjectResult(resultAuth.Message) { StatusCode = StatusCodes.Status401Unauthorized }; return(objectResult); } } } UsersSecretsDto data = await req.Content.ReadAsAsync <UsersSecretsDto>(); var email = data.Email == null ? "" : data.Email; var password = data.Password == null ? "" : data.Password; if (!String.IsNullOrEmpty(emailToken)) { email = emailToken; } if (String.IsNullOrEmpty(email) || String.IsNullOrEmpty(password)) { return(new BadRequestObjectResult(_errors.ValuesNotValid)); } var dataResult = await _controller.ChangePassword(email, password); if (!dataResult.Success) { return(new BadRequestObjectResult(dataResult.Message)); } return(new OkObjectResult(dataResult.Value)); }