public virtual async Task <ActionResult> ChangeEmail(UserAccountViewModel model) { if (!ModelState.IsValidField("ChangeEmail.NewEmail")) { return(AccountView(model)); } var user = GetCurrentUser(); if (user.HasPassword()) { if (!ModelState.IsValidField("ChangeEmail.Password")) { return(AccountView(model)); } Credential _; if (!_authService.ValidatePasswordCredential(user.Credentials, model.ChangeEmail.Password, out _)) { ModelState.AddModelError("ChangeEmail.Password", Strings.CurrentPasswordIncorrect); return(AccountView(model)); } } // No password? We can't do any additional verification... if (string.Equals(model.ChangeEmail.NewEmail, user.LastSavedEmailAddress, StringComparison.OrdinalIgnoreCase)) { // email address unchanged - accept return(RedirectToAction(actionName: "Account", controllerName: "Users")); } try { await _userService.ChangeEmailAddress(user, model.ChangeEmail.NewEmail); } catch (EntityException e) { ModelState.AddModelError("ChangeEmail.NewEmail", e.Message); return(AccountView(model)); } if (user.Confirmed) { var confirmationUrl = Url.ConfirmEmail(user.Username, user.EmailConfirmationToken, relativeUrl: false); _messageService.SendEmailChangeConfirmationNotice(new MailAddress(user.UnconfirmedEmailAddress, user.Username), confirmationUrl); TempData["Message"] = Strings.EmailUpdated_ConfirmationRequired; } else { TempData["Message"] = Strings.EmailUpdated; } return(RedirectToAction(actionName: "Account", controllerName: "Users")); }
private void UpdateUserAccountModel(User account, UserAccountViewModel model) { model.CredentialGroups = GetCredentialGroups(account); model.SignInCredentialCount = model .CredentialGroups .Where(p => p.Key == CredentialKind.Password || p.Key == CredentialKind.External) .Sum(p => p.Value.Count); model.ExpirationInDaysForApiKeyV1 = _config.ExpirationInDaysForApiKeyV1; model.ChangePassword = model.ChangePassword ?? new ChangePasswordViewModel(); model.ChangePassword.EnablePasswordLogin = model.HasPassword; }
public virtual async Task <ActionResult> ChangeEmailSubscription(UserAccountViewModel model) { var user = GetCurrentUser(); await _userService.ChangeEmailSubscriptionAsync( user, model.ChangeNotifications.EmailAllowed, model.ChangeNotifications.NotifyPackagePushed); TempData["Message"] = Strings.EmailPreferencesUpdated; return(RedirectToAction("Account")); }
public virtual async Task <ActionResult> CancelChangeEmail(UserAccountViewModel model) { var user = GetCurrentUser(); if (string.IsNullOrWhiteSpace(user.UnconfirmedEmailAddress)) { return(RedirectToAction(actionName: "Account", controllerName: "Users")); } await _userService.CancelChangeEmailAddress(user); TempData["Message"] = Strings.CancelEmailAddress; return(RedirectToAction(actionName: "Account", controllerName: "Users")); }
public virtual async Task <ActionResult> ChangePassword(UserAccountViewModel model) { var user = GetCurrentUser(); var oldPassword = user.Credentials.FirstOrDefault( c => c.Type.StartsWith(CredentialTypes.Password.Prefix, StringComparison.OrdinalIgnoreCase)); if (oldPassword == null) { // User is requesting a password set email var resetResultType = await _authService.GeneratePasswordResetToken(user, Constants.PasswordResetTokenExpirationHours * 60); if (resetResultType == PasswordResetResultType.UserNotConfirmed) { ModelState.AddModelError("ChangePassword", Strings.UserIsNotYetConfirmed); return(AccountView(model)); } return(SendPasswordResetEmail(user, forgotPassword: false)); } else { if (!model.ChangePassword.EnablePasswordLogin) { return(await RemovePassword()); } if (!ModelState.IsValidField("ChangePassword")) { return(AccountView(model)); } if (model.ChangePassword.NewPassword != model.ChangePassword.VerifyPassword) { ModelState.AddModelError("ChangePassword.VerifyPassword", Strings.PasswordDoesNotMatch); return(AccountView(model)); } if (!await _authService.ChangePassword(user, model.ChangePassword.OldPassword, model.ChangePassword.NewPassword)) { ModelState.AddModelError("ChangePassword.OldPassword", Strings.CurrentPasswordIncorrect); return(AccountView(model)); } TempData["Message"] = Strings.PasswordChanged; return(RedirectToAction("Account")); } }