mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2025-02-22 22:25:28 +01:00
Code Issues Projects Releases Packages Wiki Activity
btcpayserver/BTCPayServer/Controllers/UIServerController.Users.cs

337 lines
14 KiB
C#
Raw Normal View History

Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
using System;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using System.Linq;
using System.Threading.Tasks;
Refactoring: Move WellKnownTempData into Abstractions.Constants This allows plugins to reuse the status message mechanism.
2022-02-21 15:46:43 +01:00
using BTCPayServer.Abstractions.Constants;
Plugins: Allow creation of independent DbContexts This allows plugins to create custom dbcontexts, which would be namespaced in the scheme with a prefix. Migrations are supported too and the table would be prefixed too
2020-11-17 13:46:23 +01:00
using BTCPayServer.Abstractions.Extensions;
using BTCPayServer.Abstractions.Models;
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
using BTCPayServer.Data;
using BTCPayServer.Events;
using BTCPayServer.Models;
using BTCPayServer.Models.ServerViewModels;
Allow resending verification email for users (#3726) * Allow resending verification email for users Partially address #3645 * Replace RequiresEmailConfirmation with Verified * Use confirmation modal Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
2022-05-26 21:36:47 -07:00
using BTCPayServer.Services;
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
Allow resending verification email for users (#3726) * Allow resending verification email for users Partially address #3645 * Replace RequiresEmailConfirmation with Verified * Use confirmation modal Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
2022-05-26 21:36:47 -07:00
using Microsoft.AspNetCore.Routing;
Code formatting updates (#4502) * Editorconfig: Add space_before_self_closing setting This was a difference between the way dotnet-format and Rider format code. See https://www.jetbrains.com/help/rider/EditorConfig_Index.html * Editorconfig: Keep 4 spaces indentation for Swagger JSON files They are all formatted that way, let's keep it like that. * Apply dotnet-format, mostly white-space related changes
2023-01-06 14:18:07 +01:00
using Microsoft.EntityFrameworkCore;
Store Emails (#3611) * Store Emails * fix test * Update email rules layout * Cleanups * Test cleanups * Add back comments * Update view; add test * Show email rules link even if email settings aren't completed * Validate email addresses * No redirect, display warning * Fix test * Refactoring: Change email argument types to MailAddress * Test fix * Refactoring: Use MailboxAddress * Parse emails properly in controllers and backend Co-authored-by: Dennis Reimann <mail@dennisreimann.de> Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
2022-06-22 05:05:32 +02:00
using MimeKit;
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
namespace BTCPayServer.Controllers
{
Rename UI controllers
2022-01-07 12:32:00 +09:00
public partial class UIServerController
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
{
[Route("server/users")]
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
public async Task<IActionResult> ListUsers(
Optimize admin user list
2021-11-15 10:27:19 +01:00
[FromServices] RoleManager<IdentityRole> roleManager,
UsersViewModel model,
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
string sortOrder = null
)
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
{
Add Created date to user, add verified column in list and make user list use same model as modern lists
2020-10-03 14:12:55 +02:00
model = this.ParseListQuery(model ?? new UsersViewModel());
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
var usersQuery = _UserManager.Users;
if (!string.IsNullOrWhiteSpace(model.SearchTerm))
{
Remove warnings
2021-04-13 17:06:11 +09:00
#pragma warning disable CA1307 // Specify StringComparison
// Entity Framework don't support StringComparison
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
usersQuery = usersQuery.Where(u => u.Email.Contains(model.SearchTerm));
Remove warnings
2021-04-13 17:06:11 +09:00
#pragma warning restore CA1307 // Specify StringComparison
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
}
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
if (sortOrder != null)
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
{
switch (sortOrder)
{
case "desc":
ViewData["NextUserEmailSortOrder"] = "asc";
usersQuery = usersQuery.OrderByDescending(user => user.Email);
break;
case "asc":
usersQuery = usersQuery.OrderBy(user => user.Email);
ViewData["NextUserEmailSortOrder"] = "desc";
break;
}
}
Optimize admin user list
2021-11-15 10:27:19 +01:00
model.Roles = roleManager.Roles.ToDictionary(role => role.Id, role => role.Name);
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
model.Users = await usersQuery
Optimize admin user list
2021-11-15 10:27:19 +01:00
.Include(user => user.UserRoles)
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
.Skip(model.Skip)
.Take(model.Count)
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
.Select(u => new UsersViewModel.UserViewModel
{
Name = u.UserName,
Email = u.Email,
Add Created date to user, add verified column in list and make user list use same model as modern lists
2020-10-03 14:12:55 +02:00
Id = u.Id,
Verified = u.EmailConfirmed || !u.RequiresEmailConfirmation,
Optimize admin user list
2021-11-15 10:27:19 +01:00
Created = u.Created,
Allow Users to be disabled/enabled (#3639) * Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2022-04-26 14:27:35 +02:00
Roles = u.UserRoles.Select(role => role.RoleId),
Disabled = u.LockoutEnabled && u.LockoutEnd != null && DateTimeOffset.UtcNow < u.LockoutEnd.Value.UtcDateTime
Add user email search and sort (#2305) * Add user sort by email * Add user search by email
2021-03-29 22:32:44 -07:00
})
.ToListAsync();
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
Add Created date to user, add verified column in list and make user list use same model as modern lists
2020-10-03 14:12:55 +02:00
return View(model);
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
}
[Route("server/users/{userId}")]
public new async Task<IActionResult> User(string userId)
{
var user = await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
var roles = await _UserManager.GetRolesAsync(user);
Add Created date to user, add verified column in list and make user list use same model as modern lists
2020-10-03 14:12:55 +02:00
var userVM = new UsersViewModel.UserViewModel
{
Id = user.Id,
Email = user.Email,
Verified = user.EmailConfirmed || !user.RequiresEmailConfirmation,
Fix: If user get locked out, unlocking or deleting user fails This is due to the fact our UserService is a singleton, and it had a reference on UserManager which is scoped. UserManager is caching user entities at the scope level. UserService then had a view completely unsynchronized with the database.
2023-02-15 14:28:34 +09:00
IsAdmin = Roles.HasServerAdmin(roles)
Add Created date to user, add verified column in list and make user list use same model as modern lists
2020-10-03 14:12:55 +02:00
};
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
return View(userVM);
}
[Route("server/users/{userId}")]
[HttpPost]
Add Created date to user, add verified column in list and make user list use same model as modern lists
2020-10-03 14:12:55 +02:00
public new async Task<IActionResult> User(string userId, UsersViewModel.UserViewModel viewModel)
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
{
var user = await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
var admins = await _UserManager.GetUsersInRoleAsync(Roles.ServerAdmin);
var roles = await _UserManager.GetRolesAsync(user);
Fix: If user get locked out, unlocking or deleting user fails This is due to the fact our UserService is a singleton, and it had a reference on UserManager which is scoped. UserManager is caching user entities at the scope level. UserService then had a view completely unsynchronized with the database.
2023-02-15 14:28:34 +09:00
var wasAdmin = Roles.HasServerAdmin(roles);
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
if (!viewModel.IsAdmin && admins.Count == 1 && wasAdmin)
{
TempData[WellKnownTempData.ErrorMessage] = "This is the only Admin, so their role can't be removed until another Admin is added.";
return View(viewModel); // return
}
if (viewModel.IsAdmin != wasAdmin)
{
Fixed issue with users when disabling then setting admin Concurrency issue; moved user update from controller to service
2022-06-06 18:42:59 -07:00
var success = await _userService.SetAdminUser(user.Id, viewModel.IsAdmin);
if (success)
{
TempData[WellKnownTempData.SuccessMessage] = "User successfully updated";
}
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
else
Fixed issue with users when disabling then setting admin Concurrency issue; moved user update from controller to service
2022-06-06 18:42:59 -07:00
{
TempData[WellKnownTempData.ErrorMessage] = "Error updating user";
}
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
}
return RedirectToAction(nameof(User), new { userId = userId });
}
[Route("server/users/new")]
[HttpGet]
Allow resolution of any settings via DI
2022-05-24 13:18:16 +09:00
public IActionResult CreateUser()
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
{
Allow resolution of any settings via DI
2022-05-24 13:18:16 +09:00
ViewData["AllowRequestEmailConfirmation"] = _policiesSettings.RequiresConfirmedEmail;
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
return View();
}
[Route("server/users/new")]
[HttpPost]
public async Task<IActionResult> CreateUser(RegisterFromAdminViewModel model)
{
Allow resolution of any settings via DI
2022-05-24 13:18:16 +09:00
var requiresConfirmedEmail = _policiesSettings.RequiresConfirmedEmail;
Make CSSThemeManager really only focus on theme (#2457) * Make Settings Repository cache in memory * Make use of SettingsRepo directly instead of CssThemeManager * Completely remove CssThemeManager
2021-07-27 14:08:54 +02:00
ViewData["AllowRequestEmailConfirmation"] = requiresConfirmedEmail;
Introduce cheat mode (#2965)
2021-10-11 12:32:09 +09:00
if (!_Options.CheatMode)
Do not ignore IsAdmin settings when creating a new user via the Users page (Fix #1954)
2020-10-08 11:56:58 +09:00
model.IsAdmin = false;
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
if (ModelState.IsValid)
{
IdentityResult result;
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
var user = new ApplicationUser
{
UserName = model.Email,
Email = model.Email,
EmailConfirmed = model.EmailConfirmed,
RequiresEmailConfirmation = requiresConfirmedEmail,
Created = DateTimeOffset.UtcNow
};
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
if (!string.IsNullOrEmpty(model.Password))
{
result = await _UserManager.CreateAsync(user, model.Password);
}
else
{
result = await _UserManager.CreateAsync(user);
}
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
if (result.Succeeded)
{
if (model.IsAdmin && !(await _UserManager.AddToRoleAsync(user, Roles.ServerAdmin)).Succeeded)
model.IsAdmin = false;
var tcs = new TaskCompletionSource<Uri>();
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
_eventAggregator.Publish(new UserRegisteredEvent()
{
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
RequestUri = Request.GetAbsoluteRootUri(),
User = user,
Admin = model.IsAdmin is true,
CallbackUrlGenerated = tcs
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
});
var callbackUrl = await tcs.Task;
if (user.RequiresEmailConfirmation && !user.EmailConfirmed)
{
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
TempData.SetStatusMessageModel(new StatusMessageModel()
{
Severity = StatusMessageModel.StatusSeverity.Success,
AllowDismiss = false,
Html =
$"Account created without a set password. An email will be sent (if configured) to set the password.<br/> You may alternatively share this link with them: <a class='alert-link' href='{callbackUrl}'>{callbackUrl}</a>"
});
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
}
else if (!await _UserManager.HasPasswordAsync(user))
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
{
TempData.SetStatusMessageModel(new StatusMessageModel()
{
Severity = StatusMessageModel.StatusSeverity.Success,
AllowDismiss = false,
Html =
$"Account created without a set password. An email will be sent (if configured) to set the password.<br/> You may alternatively share this link with them: <a class='alert-link' href='{callbackUrl}'>{callbackUrl}</a>"
});
}
return RedirectToAction(nameof(ListUsers));
}
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
Delete confirmation modals (#2614) * Refactor confirm view: separate modal * Add delete confirmation modals for apps and FIDO2 * Add delete confirmation modals for 2FA actions * Add delete confirmation modals for api keys and webhooks * Add delete confirmation modals for stores and store users * Add delete confirmation modals for LND seed and SSH * Add delete confirmation modals for rate rule scripting * Test fixes and improvements * Add delete confirmation modals for dynamic DNS * Add delete confirmation modals for store access tokens * Add confirmation modals for pull payment archiving * Refactor confirm modal code * Add confirmation input, update wording * Update modal styles * Upgrade ChromeDriver * Simplify and unify confirmation input * Test fixes * Fix wording * Add modals for wallet replace and removal
2021-09-07 04:55:53 +02:00
[HttpGet("server/users/{userId}/delete")]
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
public async Task<IActionResult> DeleteUser(string userId)
{
var user = userId == null ? null : await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
var roles = await _UserManager.GetRolesAsync(user);
Fix: If user get locked out, unlocking or deleting user fails This is due to the fact our UserService is a singleton, and it had a reference on UserManager which is scoped. UserManager is caching user entities at the scope level. UserService then had a view completely unsynchronized with the database.
2023-02-15 14:28:34 +09:00
if (Roles.HasServerAdmin(roles))
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
{
Allow Users to be disabled/enabled (#3639) * Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2022-04-26 14:27:35 +02:00
if (await _userService.IsUserTheOnlyOneAdmin(user))
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
{
// return
Delete confirmation modals (#2614) * Refactor confirm view: separate modal * Add delete confirmation modals for apps and FIDO2 * Add delete confirmation modals for 2FA actions * Add delete confirmation modals for api keys and webhooks * Add delete confirmation modals for stores and store users * Add delete confirmation modals for LND seed and SSH * Add delete confirmation modals for rate rule scripting * Test fixes and improvements * Add delete confirmation modals for dynamic DNS * Add delete confirmation modals for store access tokens * Add confirmation modals for pull payment archiving * Refactor confirm modal code * Add confirmation input, update wording * Update modal styles * Upgrade ChromeDriver * Simplify and unify confirmation input * Test fixes * Fix wording * Add modals for wallet replace and removal
2021-09-07 04:55:53 +02:00
return View("Confirm", new ConfirmModel("Delete admin",
Fix several HTML injections (#4545)
2023-01-22 03:08:12 +09:00
$"Unable to proceed: As the user <strong>{Html.Encode(user.Email)}</strong> is the last enabled admin, it cannot be removed."));
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
}
Delete confirmation modals (#2614) * Refactor confirm view: separate modal * Add delete confirmation modals for apps and FIDO2 * Add delete confirmation modals for 2FA actions * Add delete confirmation modals for api keys and webhooks * Add delete confirmation modals for stores and store users * Add delete confirmation modals for LND seed and SSH * Add delete confirmation modals for rate rule scripting * Test fixes and improvements * Add delete confirmation modals for dynamic DNS * Add delete confirmation modals for store access tokens * Add confirmation modals for pull payment archiving * Refactor confirm modal code * Add confirmation input, update wording * Update modal styles * Upgrade ChromeDriver * Simplify and unify confirmation input * Test fixes * Fix wording * Add modals for wallet replace and removal
2021-09-07 04:55:53 +02:00
return View("Confirm", new ConfirmModel("Delete admin",
Fix several HTML injections (#4545)
2023-01-22 03:08:12 +09:00
$"The admin <strong>{Html.Encode(user.Email)}</strong> will be permanently deleted. This action will also delete all accounts, users and data associated with the server account. Are you sure?",
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
"Delete"));
}
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
Fix several HTML injections (#4545)
2023-01-22 03:08:12 +09:00
return View("Confirm", new ConfirmModel("Delete user", $"The user <strong>{Html.Encode(user.Email)}</strong> will be permanently deleted. Are you sure?", "Delete"));
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
}
Delete confirmation modals (#2614) * Refactor confirm view: separate modal * Add delete confirmation modals for apps and FIDO2 * Add delete confirmation modals for 2FA actions * Add delete confirmation modals for api keys and webhooks * Add delete confirmation modals for stores and store users * Add delete confirmation modals for LND seed and SSH * Add delete confirmation modals for rate rule scripting * Test fixes and improvements * Add delete confirmation modals for dynamic DNS * Add delete confirmation modals for store access tokens * Add confirmation modals for pull payment archiving * Refactor confirm modal code * Add confirmation input, update wording * Update modal styles * Upgrade ChromeDriver * Simplify and unify confirmation input * Test fixes * Fix wording * Add modals for wallet replace and removal
2021-09-07 04:55:53 +02:00
[HttpPost("server/users/{userId}/delete")]
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
public async Task<IActionResult> DeleteUserPost(string userId)
{
var user = userId == null ? null : await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
Add user service
2021-03-14 12:24:32 -07:00
await _userService.DeleteUserAndAssociatedData(user);
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
TempData[WellKnownTempData.SuccessMessage] = "User deleted";
return RedirectToAction(nameof(ListUsers));
}
Allow Users to be disabled/enabled (#3639) * Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2022-04-26 14:27:35 +02:00
[HttpGet("server/users/{userId}/toggle")]
public async Task<IActionResult> ToggleUser(string userId, bool enable)
{
var user = userId == null ? null : await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
if (!enable && await _userService.IsUserTheOnlyOneAdmin(user))
{
return View("Confirm", new ConfirmModel("Disable admin",
Fix several HTML injections (#4545)
2023-01-22 03:08:12 +09:00
$"Unable to proceed: As the user <strong>{Html.Encode(user.Email)}</strong> is the last enabled admin, it cannot be disabled."));
Allow Users to be disabled/enabled (#3639) * Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2022-04-26 14:27:35 +02:00
}
Fix several HTML injections (#4545)
2023-01-22 03:08:12 +09:00
return View("Confirm", new ConfirmModel($"{(enable ? "Enable" : "Disable")} user", $"The user <strong>{Html.Encode(user.Email)}</strong> will be {(enable ? "enabled" : "disabled")}. Are you sure?", (enable ? "Enable" : "Disable")));
Allow Users to be disabled/enabled (#3639) * Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2022-04-26 14:27:35 +02:00
}
Code formatting updates (#4502) * Editorconfig: Add space_before_self_closing setting This was a difference between the way dotnet-format and Rider format code. See https://www.jetbrains.com/help/rider/EditorConfig_Index.html * Editorconfig: Keep 4 spaces indentation for Swagger JSON files They are all formatted that way, let's keep it like that. * Apply dotnet-format, mostly white-space related changes
2023-01-06 14:18:07 +01:00
Allow Users to be disabled/enabled (#3639) * Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2022-04-26 14:27:35 +02:00
[HttpPost("server/users/{userId}/toggle")]
public async Task<IActionResult> ToggleUserPost(string userId, bool enable)
{
var user = userId == null ? null : await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
if (!enable && await _userService.IsUserTheOnlyOneAdmin(user))
{
TempData[WellKnownTempData.SuccessMessage] = $"User was the last enabled admin and could not be disabled.";
return RedirectToAction(nameof(ListUsers));
}
Code formatting updates (#4502) * Editorconfig: Add space_before_self_closing setting This was a difference between the way dotnet-format and Rider format code. See https://www.jetbrains.com/help/rider/EditorConfig_Index.html * Editorconfig: Keep 4 spaces indentation for Swagger JSON files They are all formatted that way, let's keep it like that. * Apply dotnet-format, mostly white-space related changes
2023-01-06 14:18:07 +01:00
await _userService.ToggleUser(userId, enable ? null : DateTimeOffset.MaxValue);
Allow Users to be disabled/enabled (#3639) * Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2022-04-26 14:27:35 +02:00
Code formatting updates (#4502) * Editorconfig: Add space_before_self_closing setting This was a difference between the way dotnet-format and Rider format code. See https://www.jetbrains.com/help/rider/EditorConfig_Index.html * Editorconfig: Keep 4 spaces indentation for Swagger JSON files They are all formatted that way, let's keep it like that. * Apply dotnet-format, mostly white-space related changes
2023-01-06 14:18:07 +01:00
TempData[WellKnownTempData.SuccessMessage] = $"User {(enable ? "enabled" : "disabled")}";
Allow Users to be disabled/enabled (#3639) * Allow Users to be disabled/enabled * rebrand to locked for api * Update BTCPayServer/Views/UIAccount/Lockout.cshtml Co-authored-by: d11n <mail@dennisreimann.de> * fix docker compose and an uneeded check in api handler * fix * Add enabled user test Co-authored-by: d11n <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2022-04-26 14:27:35 +02:00
return RedirectToAction(nameof(ListUsers));
}
Allow resending verification email for users (#3726) * Allow resending verification email for users Partially address #3645 * Replace RequiresEmailConfirmation with Verified * Use confirmation modal Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
2022-05-26 21:36:47 -07:00
[HttpGet("server/users/{userId}/verification-email")]
public async Task<IActionResult> SendVerificationEmail(string userId)
{
var user = userId == null ? null : await _UserManager.FindByIdAsync(userId);
if (user == null)
return NotFound();
Code formatting updates (#4502) * Editorconfig: Add space_before_self_closing setting This was a difference between the way dotnet-format and Rider format code. See https://www.jetbrains.com/help/rider/EditorConfig_Index.html * Editorconfig: Keep 4 spaces indentation for Swagger JSON files They are all formatted that way, let's keep it like that. * Apply dotnet-format, mostly white-space related changes
2023-01-06 14:18:07 +01:00
Fix several HTML injections (#4545)
2023-01-22 03:08:12 +09:00
return View("Confirm", new ConfirmModel("Send verification email", $"This will send a verification email to <strong>{Html.Encode(user.Email)}</strong>.", "Send"));
Allow resending verification email for users (#3726) * Allow resending verification email for users Partially address #3645 * Replace RequiresEmailConfirmation with Verified * Use confirmation modal Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
2022-05-26 21:36:47 -07:00
}
[HttpPost("server/users/{userId}/verification-email")]
public async Task<IActionResult> SendVerificationEmailPost(string userId)
{
var user = await _UserManager.FindByIdAsync(userId);
if (user == null)
{
throw new ApplicationException($"Unable to load user with ID '{userId}'.");
}
var code = await _UserManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = _linkGenerator.EmailConfirmationLink(user.Id, code, Request.Scheme, Request.Host, Request.PathBase);
Improve email settings validation and UX (#3891)
2022-06-23 13:41:52 +09:00
(await _emailSenderFactory.GetEmailSender()).SendEmailConfirmation(user.GetMailboxAddress(), callbackUrl);
Allow resending verification email for users (#3726) * Allow resending verification email for users Partially address #3645 * Replace RequiresEmailConfirmation with Verified * Use confirmation modal Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
2022-05-26 21:36:47 -07:00
TempData[WellKnownTempData.SuccessMessage] = "Verification email sent";
return RedirectToAction(nameof(ListUsers));
}
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
}
public class RegisterFromAdminViewModel
{
[Required]
[EmailAddress]
[Display(Name = "Email")]
public string Email { get; set; }
[StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
[DataType(DataType.Password)]
[Display(Name = "Password (leave blank to generate invite-link)")]
public string Password { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm password")]
[Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
[Display(Name = "Is administrator?")]
public bool IsAdmin { get; set; }
[Display(Name = "Email confirmed?")]
Run dotnet format (#3244)
2021-12-31 16:59:02 +09:00
public bool EmailConfirmed { get; set; }
Allow admins to invite new users * This refactors the email sending so that all the logic related to users and emails are now contained in one location. * The Reset password screen has been updated from its ugly plain self to use the same layout as the login. * An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email * An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email. * The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password. * When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
2020-09-05 12:16:48 +02:00
}
}
Reference in a new issue Copy permalink