mirror of
https://github.com/streetwriters/notesnook-sync-server.git
synced 2026-02-12 11:12:44 +00:00
Compare commits
3 Commits
v1.0-beta.
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
014c4e3b32 | ||
|
|
bf70a32b95 | ||
|
|
d047bd052e |
@@ -33,9 +33,6 @@ namespace Streetwriters.Data.DbContexts
|
||||
public static IMongoClient CreateMongoDbClient(IDbSettings dbSettings)
|
||||
{
|
||||
var settings = MongoClientSettings.FromConnectionString(dbSettings.ConnectionString);
|
||||
settings.MaxConnectionPoolSize = 500;
|
||||
settings.MinConnectionPoolSize = 0;
|
||||
settings.HeartbeatInterval = TimeSpan.FromSeconds(60);
|
||||
return new MongoClient(settings);
|
||||
}
|
||||
|
||||
|
||||
@@ -97,12 +97,12 @@ namespace Streetwriters.Identity.Controllers
|
||||
}
|
||||
case TokenType.RESET_PASSWORD:
|
||||
{
|
||||
if (!await UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword", code))
|
||||
return BadRequest("Invalid token.");
|
||||
// if (!await UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword", code))
|
||||
return BadRequest("Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience.");
|
||||
|
||||
var authorizationCode = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "PasswordResetAuthorizationCode");
|
||||
var redirectUrl = $"{client.AccountRecoveryRedirectURL}?userId={userId}&code={authorizationCode}";
|
||||
return RedirectPermanent(redirectUrl);
|
||||
// var authorizationCode = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "PasswordResetAuthorizationCode");
|
||||
// var redirectUrl = $"{client.AccountRecoveryRedirectURL}?userId={userId}&code={authorizationCode}";
|
||||
// return RedirectPermanent(redirectUrl);
|
||||
}
|
||||
default:
|
||||
return BadRequest("Invalid type.");
|
||||
@@ -149,21 +149,22 @@ namespace Streetwriters.Identity.Controllers
|
||||
[EnableRateLimiting("strict")]
|
||||
public async Task<IActionResult> ResetUserPassword([FromForm] ResetPasswordForm form)
|
||||
{
|
||||
var client = Clients.FindClientById(form.ClientId);
|
||||
if (client == null) return BadRequest("Invalid client_id.");
|
||||
return BadRequest(new { error = "Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
|
||||
// var client = Clients.FindClientById(form.ClientId);
|
||||
// if (client == null) return BadRequest("Invalid client_id.");
|
||||
|
||||
var user = await UserManager.FindByEmailAsync(form.Email) ?? throw new Exception("User not found.");
|
||||
if (!await UserService.IsUserValidAsync(UserManager, user, form.ClientId)) return Ok();
|
||||
// var user = await UserManager.FindByEmailAsync(form.Email) ?? throw new Exception("User not found.");
|
||||
// if (!await UserService.IsUserValidAsync(UserManager, user, form.ClientId)) return Ok();
|
||||
|
||||
var code = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword");
|
||||
var callbackUrl = Url.TokenLink(user.Id.ToString(), code, client.Id, TokenType.RESET_PASSWORD);
|
||||
#if (DEBUG || STAGING)
|
||||
return Ok(callbackUrl);
|
||||
#else
|
||||
logger.LogInformation("Password reset email sent to: {Email}, callback URL: {CallbackUrl}", user.Email, callbackUrl);
|
||||
await EmailSender.SendPasswordResetEmailAsync(user.Email, callbackUrl, client);
|
||||
return Ok();
|
||||
#endif
|
||||
// var code = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword");
|
||||
// var callbackUrl = Url.TokenLink(user.Id.ToString(), code, client.Id, TokenType.RESET_PASSWORD);
|
||||
// #if (DEBUG || STAGING)
|
||||
// return Ok(callbackUrl);
|
||||
// #else
|
||||
// logger.LogInformation("Password reset email sent to: {Email}, callback URL: {CallbackUrl}", user.Email, callbackUrl);
|
||||
// await EmailSender.SendPasswordResetEmailAsync(user.Email, callbackUrl, client);
|
||||
// return Ok();
|
||||
// #endif
|
||||
}
|
||||
|
||||
[HttpPost("logout")]
|
||||
@@ -250,31 +251,33 @@ namespace Streetwriters.Identity.Controllers
|
||||
}
|
||||
case "change_password":
|
||||
{
|
||||
ArgumentNullException.ThrowIfNull(form.OldPassword);
|
||||
ArgumentNullException.ThrowIfNull(form.NewPassword);
|
||||
var result = await UserManager.ChangePasswordAsync(user, form.OldPassword, form.NewPassword);
|
||||
if (result.Succeeded)
|
||||
{
|
||||
await SendLogoutMessageAsync(user.Id.ToString(), "Password changed.");
|
||||
return Ok();
|
||||
}
|
||||
return BadRequest(result.Errors.ToErrors());
|
||||
return BadRequest(new { error = "Password change is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
|
||||
// ArgumentNullException.ThrowIfNull(form.OldPassword);
|
||||
// ArgumentNullException.ThrowIfNull(form.NewPassword);
|
||||
// var result = await UserManager.ChangePasswordAsync(user, form.OldPassword, form.NewPassword);
|
||||
// if (result.Succeeded)
|
||||
// {
|
||||
// await SendLogoutMessageAsync(user.Id.ToString(), "Password changed.");
|
||||
// return Ok();
|
||||
// }
|
||||
// return BadRequest(result.Errors.ToErrors());
|
||||
}
|
||||
case "reset_password":
|
||||
{
|
||||
ArgumentNullException.ThrowIfNull(form.NewPassword);
|
||||
var result = await UserManager.RemovePasswordAsync(user);
|
||||
if (result.Succeeded)
|
||||
{
|
||||
await MFAService.ResetMFAAsync(user);
|
||||
result = await UserManager.AddPasswordAsync(user, form.NewPassword);
|
||||
if (result.Succeeded)
|
||||
{
|
||||
await SendLogoutMessageAsync(user.Id.ToString(), "Password reset.");
|
||||
return Ok();
|
||||
}
|
||||
}
|
||||
return BadRequest(result.Errors.ToErrors());
|
||||
return BadRequest(new { error = "Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
|
||||
// ArgumentNullException.ThrowIfNull(form.NewPassword);
|
||||
// var result = await UserManager.RemovePasswordAsync(user);
|
||||
// if (result.Succeeded)
|
||||
// {
|
||||
// await MFAService.ResetMFAAsync(user);
|
||||
// result = await UserManager.AddPasswordAsync(user, form.NewPassword);
|
||||
// if (result.Succeeded)
|
||||
// {
|
||||
// await SendLogoutMessageAsync(user.Id.ToString(), "Password reset.");
|
||||
// return Ok();
|
||||
// }
|
||||
// }
|
||||
// return BadRequest(result.Errors.ToErrors());
|
||||
}
|
||||
case "change_marketing_consent":
|
||||
{
|
||||
|
||||
@@ -53,6 +53,7 @@ using Streetwriters.Identity.Interfaces;
|
||||
using Streetwriters.Identity.Jobs;
|
||||
using Streetwriters.Identity.Services;
|
||||
using Streetwriters.Identity.Validation;
|
||||
using IdentityServer4.MongoDB.Configuration;
|
||||
|
||||
namespace Streetwriters.Identity
|
||||
{
|
||||
@@ -107,11 +108,6 @@ namespace Streetwriters.Identity
|
||||
options.UsersCollection = "users";
|
||||
// options.MigrationCollection = "migration";
|
||||
options.ConnectionString = connectionString;
|
||||
options.ClusterConfigurator = builder =>
|
||||
{
|
||||
builder.ConfigureConnectionPool((c) => c.With(maxConnections: 500, minConnections: 0));
|
||||
builder.ConfigureServer(s => s.With(heartbeatInterval: TimeSpan.FromSeconds(60)));
|
||||
};
|
||||
}).AddDefaultTokenProviders();
|
||||
|
||||
services.AddIdentityServer(
|
||||
@@ -137,6 +133,11 @@ namespace Streetwriters.Identity
|
||||
.AddKeyManagement()
|
||||
.AddFileSystemPersistence(Path.Combine(WebHostEnvironment.ContentRootPath, @"keystore"));
|
||||
|
||||
services.Configure<MongoDBConfiguration>(options =>
|
||||
{
|
||||
options.ConnectionString = connectionString;
|
||||
});
|
||||
|
||||
services.Configure<DataProtectionTokenProviderOptions>(options =>
|
||||
{
|
||||
options.TokenLifespan = TimeSpan.FromHours(2);
|
||||
|
||||
@@ -218,6 +218,8 @@ const server = Bun.serve({
|
||||
status: 200,
|
||||
headers: {
|
||||
"Content-Type": "text/html; charset=utf-8",
|
||||
"Content-Security-Policy": "frame-ancestors *",
|
||||
"X-Frame-Options": "ALLOWALL",
|
||||
},
|
||||
});
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user