ConfirmAuth: PasswordChange
This commit is contained in:
parent
1c506fbf1f
commit
6d815608a0
@ -52,12 +52,24 @@ namespace ASC.Api.Core.Auth
|
||||
case ConfirmType.EmailChange:
|
||||
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + SecurityContext.CurrentAccount.ID, key, validInterval);
|
||||
break;
|
||||
case ConfirmType.PasswordChange:
|
||||
var userHash = Request.TryGetValue("p", out var p) && p == "1";
|
||||
var hash = string.Empty;
|
||||
|
||||
if (userHash)
|
||||
{
|
||||
var tenantId = CoreContext.TenantManager.GetCurrentTenant().TenantId;
|
||||
hash = CoreContext.Authentication.GetUserPasswordHash(tenantId, CoreContext.UserManager.GetUserByEmail(tenantId, _email).ID);
|
||||
}
|
||||
|
||||
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type + (string.IsNullOrEmpty(hash) ? string.Empty : Hasher.Base64Hash(hash)), key, validInterval);
|
||||
break;
|
||||
default:
|
||||
checkKeyResult = EmailValidationKeyProvider.ValidateEmailKey(_email + _type, key, validInterval);
|
||||
break;
|
||||
}
|
||||
|
||||
var claims = new List<Claim>()
|
||||
var claims = new List<Claim>()
|
||||
{
|
||||
new Claim(ClaimTypes.Role, _type.ToString())
|
||||
};
|
||||
|
@ -588,7 +588,7 @@ namespace ASC.Employee.Core.Controllers
|
||||
|
||||
return new ThumbnailsDataWrapper(Tenant, user.ID);
|
||||
}
|
||||
|
||||
|
||||
public FormFile Base64ToImage(string base64String, string fileName)
|
||||
{
|
||||
byte[] imageBytes = Convert.FromBase64String(base64String);
|
||||
@ -617,7 +617,7 @@ namespace ASC.Employee.Core.Controllers
|
||||
|
||||
SecurityContext.DemandPermissions(Tenant, new UserSecurityProvider(userId), Constants.Action_EditUser);
|
||||
|
||||
var userPhoto = Base64ToImage(model.base64CroppedImage, "userPhoto_"+ userId.ToString());
|
||||
var userPhoto = Base64ToImage(model.base64CroppedImage, "userPhoto_" + userId.ToString());
|
||||
var defaultUserPhoto = Base64ToImage(model.base64DefaultImage, "defaultPhoto" + userId.ToString());
|
||||
|
||||
if (userPhoto.Length > SetupInfo.MaxImageUploadSize)
|
||||
@ -867,7 +867,7 @@ namespace ASC.Employee.Core.Controllers
|
||||
}
|
||||
|
||||
[Update("{userid}/password")]
|
||||
[Authorize(AuthenticationSchemes = "confirm", Roles = "EmailChange,Administrators")]
|
||||
[Authorize(AuthenticationSchemes = "confirm", Roles = "PasswordChange,EmailChange,Administrators")]
|
||||
public EmployeeWraperFull ChangeUserPassword(Guid userid, MemberModel memberModel)
|
||||
{
|
||||
ApiContext.AuthByClaim();
|
||||
|
Loading…
Reference in New Issue
Block a user