Create Users Manually (Email still required) (#1381)

* Implemented a manual button to allow users to setup an account, even after they invited. Updated error toast to put "Error" in the title of the toast. * Updated the exception middleware to always send full context instead of generic "Internal Server Error"
2022-07-17 11:43:03 -04:00 · 2022-07-17 11:43:03 -04:00 · 1d806bf622
commit 1d806bf622
parent 63d74ecf9a
10 changed files with 1668 additions and 17 deletions
--- a/API/Controllers/AccountController.cs
+++ b/API/Controllers/AccountController.cs
@ -348,6 +348,24 @@ namespace API.Controllers
            return BadRequest("There was an exception when updating the user");
        }

+        /// <summary>
+        /// Requests the Invite Url for the UserId. Will return error if user is already validated.
+        /// </summary>
+        /// <param name="userId"></param>
+        /// <param name="withBaseUrl">Include the "https://ip:port/" in the generated link</param>
+        /// <returns></returns>
+        [Authorize(Policy = "RequireAdminRole")]
+        [HttpGet("invite-url")]
+        public async Task<ActionResult<string>> GetInviteUrl(int userId, bool withBaseUrl)
+        {
+            var user = await _unitOfWork.UserRepository.GetUserByIdAsync(userId);
+            if (user.EmailConfirmed)
+                return BadRequest("User is already confirmed");
+            if (string.IsNullOrEmpty(user.ConfirmationToken))
+                return BadRequest("Manual setup is unable to be completed. Please cancel and recreate the invite.");
+
+            return GenerateEmailLink(user.ConfirmationToken, "confirm-email", user.Email, withBaseUrl);
+        }


        /// <summary>
@ -428,12 +446,10 @@ namespace API.Controllers
                    lib.AppUsers.Add(user);
                }

-                await _unitOfWork.CommitAsync();
-
-
                var token = await _userManager.GenerateEmailConfirmationTokenAsync(user);
                if (string.IsNullOrEmpty(token)) return BadRequest("There was an issue sending email");

+
                var emailLink = GenerateEmailLink(token, "confirm-email", dto.Email);
                _logger.LogCritical("[Invite User]: Email Link for {UserName}: {Link}", user.UserName, emailLink);
                var host = _environment.IsDevelopment() ? "localhost:4200" : Request.Host.ToString();
@ -447,6 +463,11 @@ namespace API.Controllers
                        ServerConfirmationLink = emailLink
                    });
                }
+
+                user.ConfirmationToken = token;
+
+                await _unitOfWork.CommitAsync();
+
                return Ok(new InviteUserResponse
                {
                    EmailLink = emailLink,
@ -486,6 +507,7 @@ namespace API.Controllers
            if (!await ConfirmEmailToken(dto.Token, user)) return BadRequest("Invalid Email Token");

            user.UserName = dto.Username;
+            user.ConfirmationToken = null;
            var errors = await _accountService.ChangeUserPassword(user, dto.Password);
            if (errors.Any())
            {
@ -617,12 +639,11 @@ namespace API.Controllers
            return Ok(emailLink);
        }

-        private string GenerateEmailLink(string token, string routePart, string email)
+        private string GenerateEmailLink(string token, string routePart, string email, bool withHost = true)
        {
            var host = _environment.IsDevelopment() ? "localhost:4200" : Request.Host.ToString();
-            var emailLink =
-                $"{Request.Scheme}://{host}{Request.PathBase}/registration/{routePart}?token={HttpUtility.UrlEncode(token)}&email={HttpUtility.UrlEncode(email)}";
-            return emailLink;
+            if (withHost) return $"{Request.Scheme}://{host}{Request.PathBase}/registration/{routePart}?token={HttpUtility.UrlEncode(token)}&email={HttpUtility.UrlEncode(email)}";
+            return $"registration/{routePart}?token={HttpUtility.UrlEncode(token)}&email={HttpUtility.UrlEncode(email)}";
        }

        /// <summary>