WIP password reset

2023-09-15 14:23:22 +02:00 · 2023-09-15 14:23:22 +02:00 · 9686fed805
parent 637c8ae4ba
commit 9686fed805
4 changed files with 80 additions and 4 deletions
--- a/csharp/App/Backend/Controller.cs
+++ b/csharp/App/Backend/Controller.cs
@ -237,8 +237,6 @@ public class Controller : ControllerBase
    {
        var user = Db.GetSession(authToken)?.User;
        "GetAllFoldersAndInstallations".WriteLine();
        if (user is null)
            return Unauthorized();
@ -444,6 +442,35 @@ public class Controller : ControllerBase
             : Unauthorized();
    }
    [HttpGet(nameof(ResetPasswordRequest))]
    public ActionResult<IEnumerable<Object>> ResetPasswordRequest(String username)
    {
        var user = Db.GetUserByEmail(username);
        if (user is null)
            return Unauthorized();
        var session = new Session(user.HidePassword().HideParentIfUserHasNoAccessToParent(user));
        return Db.Create(session) && Db.SendPasswordResetEmail(user, session.Token)
            ? Ok() 
              : Unauthorized();
    }
    [HttpPost(nameof(ResetPassword))]
    public ActionResult<IEnumerable<Object>> ResetPassword(Token authToken)
    {
        var user = Db.GetSession(authToken)?.User;
        if (user is null)
            return Unauthorized();
        return Db.DeleteUserPassword(user)
            ? RedirectToRoute("https://monitor.innov.energy") 
            : Unauthorized();
    }
 }
--- a/csharp/App/Backend/Database/Db.cs
+++ b/csharp/App/Backend/Database/Db.cs
@ -168,4 +168,15 @@ public static partial class Db
        }
    }
    public static Boolean SendPasswordResetEmail(User user, String sessionToken)
    {
        return Mailer.Mailer.SendPasswordResetMessage(user, sessionToken);
    }
    public static Boolean DeleteUserPassword(User user)
    {
        user.Password = "";
        user.MustResetPassword = true;
        return Update(user);
    }
 }
--- a/csharp/App/Backend/Mailer/Mailer.cs
+++ b/csharp/App/Backend/Mailer/Mailer.cs
@ -40,4 +40,41 @@ public static class Mailer
            return true;
        }
    public static Boolean SendPasswordResetMessage (User emailRecipientUser, String token)
    {
        var config = JsonSerializer.Deserialize<SmptConfig>(File.OpenRead("./Resources/smtpConfig.json"))!;
        var email = new MimeMessage();
        //todo build me dynamically
        const String resetLink = "https://monitor.innov.energy/resetPassword";
        try
        {
            email.From.Add(new MailboxAddress("InnovEnergy", "noreply@innov.energy"));
            email.To.Add(new MailboxAddress(emailRecipientUser.Name, emailRecipientUser.Email));
            email.Subject = "Reset the password of your Innovenergy-Account";
            email.Body = new TextPart(MimeKit.Text.TextFormat.Plain) { 
                Text = "Dear " + emailRecipientUser.Name 
                               + "\n To reset your password open this link:" 
                               + resetLink + "/"
                               + token
            };
            using var smtp = new SmtpClient();
            smtp.Connect(config.Url, config.Port, false);
            smtp.Authenticate(config.Username, config.Password);
            smtp.Send(email);
            smtp.Disconnect(true);
        }
        catch (Exception)
        {
            return false;
        }
        return true;
    }
    }
--- a/csharp/App/S3Explorer/Program.cs
+++ b/csharp/App/S3Explorer/Program.cs
@ -1,4 +1,5 @@
-using InnovEnergy.App.Backend.S3;
+using System.ComponentModel;
 using InnovEnergy.App.Backend.S3;
 using InnovEnergy.Lib.Utils;
 namespace S3Explorer;