public async Task <User> CreateUser(string email, string password, List <Claim> claims = null)
{
logger.ScopeTrace($"Creating user '{email}', Route '{RouteBinding.Route}'.");
ValidateEmail(email);
var user = new User {
UserId = Guid.NewGuid().ToString()
};
await user.SetIdAsync(new User.IdKey {
TenantName = RouteBinding.TenantName, TrackName = RouteBinding.TrackName, Email = email
});
await secretHashLogic.AddSecretHashAsync(user, password);
if (claims?.Count() > 0)
{
user.Claims = claims.ToClaimAndValues();
}
await ThrowIfUserExists(email);
await ValidatePasswordPolicy(email, password);
await tenantRepository.CreateAsync(user);
logger.ScopeTrace($"User '{email}' created, with user id '{user.UserId}'.");
return(user);
}
public async Task <User> SetTwoFactorAppSecretUser(string email, string newSecret, string secretExternalName, string twoFactorAppRecoveryCode)
{
logger.ScopeTrace(() => $"Set two-factor app secret user '{email}', Route '{RouteBinding?.Route}'.");
var id = await User.IdFormat(new User.IdKey {
TenantName = RouteBinding.TenantName, TrackName = RouteBinding.TrackName, Email = email
});
var user = await tenantRepository.GetAsync <User>(id, required : false);
if (user == null || user.DisableAccount)
{
throw new UserNotExistsException($"User '{user.Email}' do not exist or is disabled, trying to set two-factor app secret.");
}
if (!secretExternalName.IsNullOrEmpty())
{
user.TwoFactorAppSecretExternalName = await externalSecretLogic.SetExternalSecretByExternalNameAsync(secretExternalName, newSecret);
}
else
{
user.TwoFactorAppSecretExternalName = await externalSecretLogic.SetExternalSecretByNameAsync(secretName, newSecret);
}
var recoveryCode = new TwoFactorAppRecoveryCode();
await secretHashLogic.AddSecretHashAsync(recoveryCode, twoFactorAppRecoveryCode);
user.TwoFactorAppRecoveryCode = recoveryCode;
await tenantRepository.SaveAsync(user);
logger.ScopeTrace(() => $"User '{user.Email}', two-factor app secret set.", triggerEvent: true);
return(user);
}
public async Task <User> CreateUser(string email, string password, bool changePassword = false, List <Claim> claims = null, string tenantName = null, string trackName = null, bool checkUserAndPasswordPolicy = true, bool confirmAccount = true, bool emailVerified = false, bool disableAccount = false)
{
logger.ScopeTrace($"Creating user '{email}', Route '{RouteBinding?.Route}'.");
email = email?.ToLower();
ValidateEmail(email);
var user = new User {
UserId = Guid.NewGuid().ToString(), ConfirmAccount = confirmAccount, EmailVerified = emailVerified, DisableAccount = disableAccount
};
var userIdKey = new User.IdKey {
TenantName = tenantName ?? RouteBinding.TenantName, TrackName = trackName ?? RouteBinding.TrackName, Email = email?.ToLower()
};
await user.SetIdAsync(userIdKey);
await secretHashLogic.AddSecretHashAsync(user, password);
if (claims?.Count() > 0)
{
user.Claims = claims.ToClaimAndValues();
}
if (checkUserAndPasswordPolicy)
{
if (await tenantRepository.ExistsAsync <User>(await User.IdFormat(userIdKey)))
{
throw new UserExistsException($"User '{email}' already exists.");
}
await ValidatePasswordPolicy(email, password);
}
user.ChangePassword = changePassword;
await tenantRepository.CreateAsync(user);
logger.ScopeTrace($"User '{email}' created, with user id '{user.UserId}'.");
return(user);
}