mirror of
https://github.com/streetwriters/notesnook-sync-server.git
synced 2026-02-12 19:22:45 +00:00
Compare commits
3 Commits
v1.0-beta.
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
|
014c4e3b32 | ||
|
|
bf70a32b95 | ||
|
|
d047bd052e |
@@ -33,9 +33,6 @@ namespace Streetwriters.Data.DbContexts
|
|||||||
public static IMongoClient CreateMongoDbClient(IDbSettings dbSettings)
|
public static IMongoClient CreateMongoDbClient(IDbSettings dbSettings)
|
||||||
{
|
{
|
||||||
var settings = MongoClientSettings.FromConnectionString(dbSettings.ConnectionString);
|
var settings = MongoClientSettings.FromConnectionString(dbSettings.ConnectionString);
|
||||||
settings.MaxConnectionPoolSize = 500;
|
|
||||||
settings.MinConnectionPoolSize = 0;
|
|
||||||
settings.HeartbeatInterval = TimeSpan.FromSeconds(60);
|
|
||||||
return new MongoClient(settings);
|
return new MongoClient(settings);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -97,12 +97,12 @@ namespace Streetwriters.Identity.Controllers
|
|||||||
}
|
}
|
||||||
case TokenType.RESET_PASSWORD:
|
case TokenType.RESET_PASSWORD:
|
||||||
{
|
{
|
||||||
if (!await UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword", code))
|
// if (!await UserManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword", code))
|
||||||
return BadRequest("Invalid token.");
|
return BadRequest("Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience.");
|
||||||
|
|
||||||
var authorizationCode = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "PasswordResetAuthorizationCode");
|
// var authorizationCode = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "PasswordResetAuthorizationCode");
|
||||||
var redirectUrl = $"{client.AccountRecoveryRedirectURL}?userId={userId}&code={authorizationCode}";
|
// var redirectUrl = $"{client.AccountRecoveryRedirectURL}?userId={userId}&code={authorizationCode}";
|
||||||
return RedirectPermanent(redirectUrl);
|
// return RedirectPermanent(redirectUrl);
|
||||||
}
|
}
|
||||||
default:
|
default:
|
||||||
return BadRequest("Invalid type.");
|
return BadRequest("Invalid type.");
|
||||||
@@ -149,21 +149,22 @@ namespace Streetwriters.Identity.Controllers
|
|||||||
[EnableRateLimiting("strict")]
|
[EnableRateLimiting("strict")]
|
||||||
public async Task<IActionResult> ResetUserPassword([FromForm] ResetPasswordForm form)
|
public async Task<IActionResult> ResetUserPassword([FromForm] ResetPasswordForm form)
|
||||||
{
|
{
|
||||||
var client = Clients.FindClientById(form.ClientId);
|
return BadRequest(new { error = "Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
|
||||||
if (client == null) return BadRequest("Invalid client_id.");
|
// var client = Clients.FindClientById(form.ClientId);
|
||||||
|
// if (client == null) return BadRequest("Invalid client_id.");
|
||||||
|
|
||||||
var user = await UserManager.FindByEmailAsync(form.Email) ?? throw new Exception("User not found.");
|
// var user = await UserManager.FindByEmailAsync(form.Email) ?? throw new Exception("User not found.");
|
||||||
if (!await UserService.IsUserValidAsync(UserManager, user, form.ClientId)) return Ok();
|
// if (!await UserService.IsUserValidAsync(UserManager, user, form.ClientId)) return Ok();
|
||||||
|
|
||||||
var code = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword");
|
// var code = await UserManager.GenerateUserTokenAsync(user, TokenOptions.DefaultProvider, "ResetPassword");
|
||||||
var callbackUrl = Url.TokenLink(user.Id.ToString(), code, client.Id, TokenType.RESET_PASSWORD);
|
// var callbackUrl = Url.TokenLink(user.Id.ToString(), code, client.Id, TokenType.RESET_PASSWORD);
|
||||||
#if (DEBUG || STAGING)
|
// #if (DEBUG || STAGING)
|
||||||
return Ok(callbackUrl);
|
// return Ok(callbackUrl);
|
||||||
#else
|
// #else
|
||||||
logger.LogInformation("Password reset email sent to: {Email}, callback URL: {CallbackUrl}", user.Email, callbackUrl);
|
// logger.LogInformation("Password reset email sent to: {Email}, callback URL: {CallbackUrl}", user.Email, callbackUrl);
|
||||||
await EmailSender.SendPasswordResetEmailAsync(user.Email, callbackUrl, client);
|
// await EmailSender.SendPasswordResetEmailAsync(user.Email, callbackUrl, client);
|
||||||
return Ok();
|
// return Ok();
|
||||||
#endif
|
// #endif
|
||||||
}
|
}
|
||||||
|
|
||||||
[HttpPost("logout")]
|
[HttpPost("logout")]
|
||||||
@@ -250,31 +251,33 @@ namespace Streetwriters.Identity.Controllers
|
|||||||
}
|
}
|
||||||
case "change_password":
|
case "change_password":
|
||||||
{
|
{
|
||||||
ArgumentNullException.ThrowIfNull(form.OldPassword);
|
return BadRequest(new { error = "Password change is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
|
||||||
ArgumentNullException.ThrowIfNull(form.NewPassword);
|
// ArgumentNullException.ThrowIfNull(form.OldPassword);
|
||||||
var result = await UserManager.ChangePasswordAsync(user, form.OldPassword, form.NewPassword);
|
// ArgumentNullException.ThrowIfNull(form.NewPassword);
|
||||||
if (result.Succeeded)
|
// var result = await UserManager.ChangePasswordAsync(user, form.OldPassword, form.NewPassword);
|
||||||
{
|
// if (result.Succeeded)
|
||||||
await SendLogoutMessageAsync(user.Id.ToString(), "Password changed.");
|
// {
|
||||||
return Ok();
|
// await SendLogoutMessageAsync(user.Id.ToString(), "Password changed.");
|
||||||
}
|
// return Ok();
|
||||||
return BadRequest(result.Errors.ToErrors());
|
// }
|
||||||
|
// return BadRequest(result.Errors.ToErrors());
|
||||||
}
|
}
|
||||||
case "reset_password":
|
case "reset_password":
|
||||||
{
|
{
|
||||||
ArgumentNullException.ThrowIfNull(form.NewPassword);
|
return BadRequest(new { error = "Password reset is temporarily disabled due to some issues. It should be back soon. We apologize for the inconvenience." });
|
||||||
var result = await UserManager.RemovePasswordAsync(user);
|
// ArgumentNullException.ThrowIfNull(form.NewPassword);
|
||||||
if (result.Succeeded)
|
// var result = await UserManager.RemovePasswordAsync(user);
|
||||||
{
|
// if (result.Succeeded)
|
||||||
await MFAService.ResetMFAAsync(user);
|
// {
|
||||||
result = await UserManager.AddPasswordAsync(user, form.NewPassword);
|
// await MFAService.ResetMFAAsync(user);
|
||||||
if (result.Succeeded)
|
// result = await UserManager.AddPasswordAsync(user, form.NewPassword);
|
||||||
{
|
// if (result.Succeeded)
|
||||||
await SendLogoutMessageAsync(user.Id.ToString(), "Password reset.");
|
// {
|
||||||
return Ok();
|
// await SendLogoutMessageAsync(user.Id.ToString(), "Password reset.");
|
||||||
}
|
// return Ok();
|
||||||
}
|
// }
|
||||||
return BadRequest(result.Errors.ToErrors());
|
// }
|
||||||
|
// return BadRequest(result.Errors.ToErrors());
|
||||||
}
|
}
|
||||||
case "change_marketing_consent":
|
case "change_marketing_consent":
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -53,6 +53,7 @@ using Streetwriters.Identity.Interfaces;
|
|||||||
using Streetwriters.Identity.Jobs;
|
using Streetwriters.Identity.Jobs;
|
||||||
using Streetwriters.Identity.Services;
|
using Streetwriters.Identity.Services;
|
||||||
using Streetwriters.Identity.Validation;
|
using Streetwriters.Identity.Validation;
|
||||||
|
using IdentityServer4.MongoDB.Configuration;
|
||||||
|
|
||||||
namespace Streetwriters.Identity
|
namespace Streetwriters.Identity
|
||||||
{
|
{
|
||||||
@@ -107,11 +108,6 @@ namespace Streetwriters.Identity
|
|||||||
options.UsersCollection = "users";
|
options.UsersCollection = "users";
|
||||||
// options.MigrationCollection = "migration";
|
// options.MigrationCollection = "migration";
|
||||||
options.ConnectionString = connectionString;
|
options.ConnectionString = connectionString;
|
||||||
options.ClusterConfigurator = builder =>
|
|
||||||
{
|
|
||||||
builder.ConfigureConnectionPool((c) => c.With(maxConnections: 500, minConnections: 0));
|
|
||||||
builder.ConfigureServer(s => s.With(heartbeatInterval: TimeSpan.FromSeconds(60)));
|
|
||||||
};
|
|
||||||
}).AddDefaultTokenProviders();
|
}).AddDefaultTokenProviders();
|
||||||
|
|
||||||
services.AddIdentityServer(
|
services.AddIdentityServer(
|
||||||
@@ -137,6 +133,11 @@ namespace Streetwriters.Identity
|
|||||||
.AddKeyManagement()
|
.AddKeyManagement()
|
||||||
.AddFileSystemPersistence(Path.Combine(WebHostEnvironment.ContentRootPath, @"keystore"));
|
.AddFileSystemPersistence(Path.Combine(WebHostEnvironment.ContentRootPath, @"keystore"));
|
||||||
|
|
||||||
|
services.Configure<MongoDBConfiguration>(options =>
|
||||||
|
{
|
||||||
|
options.ConnectionString = connectionString;
|
||||||
|
});
|
||||||
|
|
||||||
services.Configure<DataProtectionTokenProviderOptions>(options =>
|
services.Configure<DataProtectionTokenProviderOptions>(options =>
|
||||||
{
|
{
|
||||||
options.TokenLifespan = TimeSpan.FromHours(2);
|
options.TokenLifespan = TimeSpan.FromHours(2);
|
||||||
|
|||||||
@@ -218,6 +218,8 @@ const server = Bun.serve({
|
|||||||
status: 200,
|
status: 200,
|
||||||
headers: {
|
headers: {
|
||||||
"Content-Type": "text/html; charset=utf-8",
|
"Content-Type": "text/html; charset=utf-8",
|
||||||
|
"Content-Security-Policy": "frame-ancestors *",
|
||||||
|
"X-Frame-Options": "ALLOWALL",
|
||||||
},
|
},
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user