CalvinBackup/notesnook-sync-server_customPrivateV1
1
0
Fork 0
mirror of https://github.com/streetwriters/notesnook-sync-server.git synced 2026-02-12 11:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

identity: temporarily disable password recovery & changing

Browse Source
This commit is contained in:
Abdullah Atta
2026-01-19 09:12:39 +05:00
parent d047bd052e
commit bf70a32b95
1 changed files with 43 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
Streetwriters.Identity/Controllers/AccountController.cs
View File

@@ -97,12 +97,12 @@ namespace Streetwriters.Identity.Controllers
} }
case TokenType.RESET_PASSWORD: case TokenType.RESET_PASSWORD:
{ {
if (!await UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword", code)) // if (!await UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword", code))
return BadRequest("Invalid token."); return BadRequest("Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience.");
var authorizationCode = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "PasswordResetAuthorizationCode"); // var authorizationCode = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "PasswordResetAuthorizationCode");
var redirectUrl = $"{client.AccountRecoveryRedirectURL}?userId={userId}&code={authorizationCode}"; // var redirectUrl = $"{client.AccountRecoveryRedirectURL}?userId={userId}&code={authorizationCode}";
return RedirectPermanent(redirectUrl); // return RedirectPermanent(redirectUrl);
} }
default: default:
return BadRequest("Invalid type."); return BadRequest("Invalid type.");
@@ -149,21 +149,22 @@ namespace Streetwriters.Identity.Controllers
[EnableRateLimiting("strict")] [EnableRateLimiting("strict")]
public async Task<IActionResult> ResetUserPassword([FromForm] ResetPasswordForm form) public async Task<IActionResult> ResetUserPassword([FromForm] ResetPasswordForm form)
{ {
var client = Clients.FindClientById(form.ClientId); return BadRequest(new { error = "Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
if (client == null) return BadRequest("Invalid client_id."); // var client = Clients.FindClientById(form.ClientId);
// if (client == null) return BadRequest("Invalid client_id.");
var user = await UserManager.FindByEmailAsync(form.Email) ?? throw new Exception("User not found."); // var user = await UserManager.FindByEmailAsync(form.Email) ?? throw new Exception("User not found.");
if (!await UserService.IsUserValidAsync(UserManager, user, form.ClientId)) return Ok(); // if (!await UserService.IsUserValidAsync(UserManager, user, form.ClientId)) return Ok();
var code = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword"); // var code = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword");
var callbackUrl = Url.TokenLink(user.Id.ToString(), code, client.Id, TokenType.RESET_PASSWORD); // var callbackUrl = Url.TokenLink(user.Id.ToString(), code, client.Id, TokenType.RESET_PASSWORD);
#if (DEBUG || STAGING) // #if (DEBUG || STAGING)
return Ok(callbackUrl); // return Ok(callbackUrl);
#else // #else
logger.LogInformation("Password reset email sent to: {Email}, callback URL: {CallbackUrl}", user.Email, callbackUrl); // logger.LogInformation("Password reset email sent to: {Email}, callback URL: {CallbackUrl}", user.Email, callbackUrl);
await EmailSender.SendPasswordResetEmailAsync(user.Email, callbackUrl, client); // await EmailSender.SendPasswordResetEmailAsync(user.Email, callbackUrl, client);
return Ok(); // return Ok();
#endif // #endif
} }
[HttpPost("logout")] [HttpPost("logout")]
@@ -250,31 +251,33 @@ namespace Streetwriters.Identity.Controllers
} }
case "change_password": case "change_password":
{ {
ArgumentNullException.ThrowIfNull(form.OldPassword); return BadRequest(new { error = "Password change is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
ArgumentNullException.ThrowIfNull(form.NewPassword); // ArgumentNullException.ThrowIfNull(form.OldPassword);
var result = await UserManager.ChangePasswordAsync(user, form.OldPassword, form.NewPassword); // ArgumentNullException.ThrowIfNull(form.NewPassword);
if (result.Succeeded) // var result = await UserManager.ChangePasswordAsync(user, form.OldPassword, form.NewPassword);
{ // if (result.Succeeded)
await SendLogoutMessageAsync(user.Id.ToString(), "Password changed."); // {
return Ok(); // await SendLogoutMessageAsync(user.Id.ToString(), "Password changed.");
} // return Ok();
return BadRequest(result.Errors.ToErrors()); // }
// return BadRequest(result.Errors.ToErrors());
} }
case "reset_password": case "reset_password":
{ {
ArgumentNullException.ThrowIfNull(form.NewPassword); return BadRequest(new { error = "Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
var result = await UserManager.RemovePasswordAsync(user); // ArgumentNullException.ThrowIfNull(form.NewPassword);
if (result.Succeeded) // var result = await UserManager.RemovePasswordAsync(user);
{ // if (result.Succeeded)
await MFAService.ResetMFAAsync(user); // {
result = await UserManager.AddPasswordAsync(user, form.NewPassword); // await MFAService.ResetMFAAsync(user);
if (result.Succeeded) // result = await UserManager.AddPasswordAsync(user, form.NewPassword);
{ // if (result.Succeeded)
await SendLogoutMessageAsync(user.Id.ToString(), "Password reset."); // {
return Ok(); // await SendLogoutMessageAsync(user.Id.ToString(), "Password reset.");
} // return Ok();
} // }
return BadRequest(result.Errors.ToErrors()); // }
// return BadRequest(result.Errors.ToErrors());
} }
case "change_marketing_consent": case "change_marketing_consent":
{ {