WIP password reset

2023-09-15 14:23:22 +02:00 · 2023-09-15 14:23:22 +02:00 · 9686fed805
parent 637c8ae4ba
commit 9686fed805
4 changed files with 80 additions and 4 deletions
--- a/csharp/App/Backend/Controller.cs
+++ b/csharp/App/Backend/Controller.cs
@ -237,8 +237,6 @@ public class Controller : ControllerBase
    {
        var user = Db.GetSession(authToken)?.User;
        
-        "GetAllFoldersAndInstallations".WriteLine();
-        
        if (user is null)
            return Unauthorized();

@ -444,6 +442,35 @@ public class Controller : ControllerBase
             : Unauthorized();
        
    }
+    [HttpGet(nameof(ResetPasswordRequest))]
+    public ActionResult<IEnumerable<Object>> ResetPasswordRequest(String username)
+    {
+        var user = Db.GetUserByEmail(username);
+        
+        if (user is null)
+            return Unauthorized();
+        
+        var session = new Session(user.HidePassword().HideParentIfUserHasNoAccessToParent(user));
+
+        return Db.Create(session) && Db.SendPasswordResetEmail(user, session.Token)
+            ? Ok() 
+              : Unauthorized();
+    }
+    
+    [HttpPost(nameof(ResetPassword))]
+    public ActionResult<IEnumerable<Object>> ResetPassword(Token authToken)
+    {
+        var user = Db.GetSession(authToken)?.User;
+        
+        if (user is null)
+            return Unauthorized();
+        
+        return Db.DeleteUserPassword(user)
+            ? RedirectToRoute("https://monitor.innov.energy") 
+            : Unauthorized();
+    }
+    
+    
 }


--- a/csharp/App/Backend/Database/Db.cs
+++ b/csharp/App/Backend/Database/Db.cs
@ -168,4 +168,15 @@ public static partial class Db
        }
    }

+    public static Boolean SendPasswordResetEmail(User user, String sessionToken)
+    {
+        return Mailer.Mailer.SendPasswordResetMessage(user, sessionToken);
+    }
+
+    public static Boolean DeleteUserPassword(User user)
+    {
+        user.Password = "";
+        user.MustResetPassword = true;
+        return Update(user);
+    }
 }
--- a/csharp/App/Backend/Mailer/Mailer.cs
+++ b/csharp/App/Backend/Mailer/Mailer.cs
@ -38,6 +38,43 @@ public static class Mailer
                return false;
            }

+            return true;
+        }
+    public static Boolean SendPasswordResetMessage (User emailRecipientUser, String token)
+    {
+        var config = JsonSerializer.Deserialize<SmptConfig>(File.OpenRead("./Resources/smtpConfig.json"))!;
+        var email = new MimeMessage();
+        
+        //todo build me dynamically
+        const String resetLink = "https://monitor.innov.energy/resetPassword";
+
+        try
+        {
+                
+            email.From.Add(new MailboxAddress("InnovEnergy", "noreply@innov.energy"));
+            email.To.Add(new MailboxAddress(emailRecipientUser.Name, emailRecipientUser.Email));
+
+            email.Subject = "Reset the password of your Innovenergy-Account";
+            email.Body = new TextPart(MimeKit.Text.TextFormat.Plain) { 
+                Text = "Dear " + emailRecipientUser.Name 
+                               + "\n To reset your password open this link:" 
+                               + resetLink + "/"
+                               + token
+            };
+            
+            using var smtp = new SmtpClient();
+            smtp.Connect(config.Url, config.Port, false);
+
+            smtp.Authenticate(config.Username, config.Password);
+
+            smtp.Send(email);
+            smtp.Disconnect(true);
+        }
+        catch (Exception)
+        {
+            return false;
+        }
+
        return true;
    }
    }
--- a/csharp/App/S3Explorer/Program.cs
+++ b/csharp/App/S3Explorer/Program.cs
@ -1,4 +1,5 @@
-using InnovEnergy.App.Backend.S3;
+using System.ComponentModel;
+using InnovEnergy.App.Backend.S3;
 using InnovEnergy.Lib.Utils;

 namespace S3Explorer;