WIP password reset

This commit is contained in:
Kim 2023-09-15 14:23:22 +02:00
parent 637c8ae4ba
commit 9686fed805
4 changed files with 80 additions and 4 deletions

View File

@ -236,8 +236,6 @@ public class Controller : ControllerBase
public ActionResult<IEnumerable<Object>> GetAllFoldersAndInstallations(Token authToken)
{
var user = Db.GetSession(authToken)?.User;
"GetAllFoldersAndInstallations".WriteLine();
if (user is null)
return Unauthorized();
@ -444,6 +442,35 @@ public class Controller : ControllerBase
: Unauthorized();
}
[HttpGet(nameof(ResetPasswordRequest))]
public ActionResult<IEnumerable<Object>> ResetPasswordRequest(String username)
{
var user = Db.GetUserByEmail(username);
if (user is null)
return Unauthorized();
var session = new Session(user.HidePassword().HideParentIfUserHasNoAccessToParent(user));
return Db.Create(session) && Db.SendPasswordResetEmail(user, session.Token)
? Ok()
: Unauthorized();
}
[HttpPost(nameof(ResetPassword))]
public ActionResult<IEnumerable<Object>> ResetPassword(Token authToken)
{
var user = Db.GetSession(authToken)?.User;
if (user is null)
return Unauthorized();
return Db.DeleteUserPassword(user)
? RedirectToRoute("https://monitor.innov.energy")
: Unauthorized();
}
}

View File

@ -167,5 +167,16 @@ public static partial class Db
await installation.RenewS3Credentials();
}
}
public static Boolean SendPasswordResetEmail(User user, String sessionToken)
{
return Mailer.Mailer.SendPasswordResetMessage(user, sessionToken);
}
public static Boolean DeleteUserPassword(User user)
{
user.Password = "";
user.MustResetPassword = true;
return Update(user);
}
}

View File

@ -40,4 +40,41 @@ public static class Mailer
return true;
}
public static Boolean SendPasswordResetMessage (User emailRecipientUser, String token)
{
var config = JsonSerializer.Deserialize<SmptConfig>(File.OpenRead("./Resources/smtpConfig.json"))!;
var email = new MimeMessage();
//todo build me dynamically
const String resetLink = "https://monitor.innov.energy/resetPassword";
try
{
email.From.Add(new MailboxAddress("InnovEnergy", "noreply@innov.energy"));
email.To.Add(new MailboxAddress(emailRecipientUser.Name, emailRecipientUser.Email));
email.Subject = "Reset the password of your Innovenergy-Account";
email.Body = new TextPart(MimeKit.Text.TextFormat.Plain) {
Text = "Dear " + emailRecipientUser.Name
+ "\n To reset your password open this link:"
+ resetLink + "/"
+ token
};
using var smtp = new SmtpClient();
smtp.Connect(config.Url, config.Port, false);
smtp.Authenticate(config.Username, config.Password);
smtp.Send(email);
smtp.Disconnect(true);
}
catch (Exception)
{
return false;
}
return true;
}
}

View File

@ -1,4 +1,5 @@
using InnovEnergy.App.Backend.S3;
using System.ComponentModel;
using InnovEnergy.App.Backend.S3;
using InnovEnergy.Lib.Utils;
namespace S3Explorer;