diff --git a/Moonlight/App/Models/Misc/AuditLogType.cs b/Moonlight/App/Models/Misc/AuditLogType.cs index cb5012c2..d505deb9 100644 --- a/Moonlight/App/Models/Misc/AuditLogType.cs +++ b/Moonlight/App/Models/Misc/AuditLogType.cs @@ -18,5 +18,6 @@ public enum AuditLogType DisableTotp, AddDomainRecord, UpdateDomainRecord, - DeleteDomainRecord + DeleteDomainRecord, + PasswordReset } \ No newline at end of file diff --git a/Moonlight/App/Services/MailService.cs b/Moonlight/App/Services/MailService.cs index 24aa35dd..4104bb50 100644 --- a/Moonlight/App/Services/MailService.cs +++ b/Moonlight/App/Services/MailService.cs @@ -52,12 +52,14 @@ public class MailService try { using var client = new SmtpClient(); - + client.Host = Server; client.Port = Port; - client.EnableSsl = true; + client.EnableSsl = false; client.Credentials = new NetworkCredential(Email, Password); + Logger.Debug("Sending"); + await client.SendMailAsync(new MailMessage() { From = new MailAddress(Email), @@ -75,6 +77,8 @@ public class MailService Logger.Warn("Error sending mail"); Logger.Warn(e); } + + Logger.Debug("Mail send task stopped"); }); } diff --git a/Moonlight/App/Services/UserService.cs b/Moonlight/App/Services/UserService.cs index 75e15ff8..7f5457e8 100644 --- a/Moonlight/App/Services/UserService.cs +++ b/Moonlight/App/Services/UserService.cs @@ -2,6 +2,7 @@ using JWT.Builder; using Moonlight.App.Database.Entities; using Moonlight.App.Exceptions; +using Moonlight.App.Helpers; using Moonlight.App.Models.Misc; using Moonlight.App.Repositories; using Moonlight.App.Services.LogServices; @@ -142,20 +143,27 @@ public class UserService } } - public async Task ChangePassword(User user, string password) + public async Task ChangePassword(User user, string password, bool isSystemAction = false) { user.Password = BCrypt.Net.BCrypt.HashPassword(password); user.TokenValidTime = DateTime.Now; UserRepository.Update(user); - await MailService.SendMail(user!, "passwordChange", values => + if (isSystemAction) { - values.Add("Ip", IdentityService.GetIp()); - values.Add("Device", IdentityService.GetDevice()); - values.Add("Location", "In your walls"); - }); + await AuditLogService.LogSystem(AuditLogType.ChangePassword, user.Email); + } + else + { + await MailService.SendMail(user!, "passwordChange", values => + { + values.Add("Ip", IdentityService.GetIp()); + values.Add("Device", IdentityService.GetDevice()); + values.Add("Location", "In your walls"); + }); - await AuditLogService.Log(AuditLogType.ChangePassword, user.Email); + await AuditLogService.Log(AuditLogType.ChangePassword, user.Email); + } } public async Task SftpLogin(int id, string password) @@ -197,4 +205,29 @@ public class UserService return token; } + + public async Task ResetPassword(string email) + { + email = email.ToLower(); + + var user = UserRepository + .Get() + .FirstOrDefault(x => x.Email == email); + + if (user == null) + throw new DisplayException("A user with this email can not be found"); + + var newPassword = StringHelper.GenerateString(16); + await ChangePassword(user, newPassword, true); + + await AuditLogService.Log(AuditLogType.PasswordReset); + + await MailService.SendMail(user, "passwordReset", values => + { + values.Add("Ip", IdentityService.GetIp()); + values.Add("Device", IdentityService.GetDevice()); + values.Add("Location", "In your walls"); + values.Add("Password", newPassword); + }); + } } \ No newline at end of file diff --git a/Moonlight/Shared/Components/Auth/Login.razor b/Moonlight/Shared/Components/Auth/Login.razor index 52936eed..ccf91770 100644 --- a/Moonlight/Shared/Components/Auth/Login.razor +++ b/Moonlight/Shared/Components/Auth/Login.razor @@ -72,7 +72,7 @@
- + Forgot password?
diff --git a/Moonlight/Shared/Components/Auth/PasswordReset.razor b/Moonlight/Shared/Components/Auth/PasswordReset.razor new file mode 100644 index 00000000..ef34549b --- /dev/null +++ b/Moonlight/Shared/Components/Auth/PasswordReset.razor @@ -0,0 +1,73 @@ +@page "/passwordreset" +@using Moonlight.App.Services + +@* This is just a "virtual" route/page. The handling for that is +@* MainLayout doing for us. We need to put that here so the router +@* does not return the 404 page +*@ + +@inject UserService UserService +@inject SmartTranslateService SmartTranslateService + +
+
+
+
+ @if (Send) + { +
+

+ Passwort reset successfull. Check your mail +

+
+ } + else + { +
+
+

+ Password reset +

+
+ Reset the password of your account +
+
+ +
+ +
+ +
+ + +
+ +
+ Wrong here? + + + Sign in + +
+
+ } +
+
+
+
+ +@code +{ + private string Email = ""; + private bool Send = false; + + private async Task Submit() + { + await UserService.ResetPassword(Email); + Send = true; + await InvokeAsync(StateHasChanged); + } +} \ No newline at end of file diff --git a/Moonlight/Shared/Layouts/MainLayout.razor b/Moonlight/Shared/Layouts/MainLayout.razor index 80f4f738..b2de0364 100644 --- a/Moonlight/Shared/Layouts/MainLayout.razor +++ b/Moonlight/Shared/Layouts/MainLayout.razor @@ -62,6 +62,7 @@ @if (uri.LocalPath != "/login" && + uri.LocalPath != "/passwordreset" && uri.LocalPath != "/register") { if (User == null) @@ -94,6 +95,10 @@ { } + else if (uri.LocalPath == "/passwordreset") + { + + } } diff --git a/Moonlight/resources/lang/de_de.lang b/Moonlight/resources/lang/de_de.lang index 29db8d82..d3437f6b 100644 --- a/Moonlight/resources/lang/de_de.lang +++ b/Moonlight/resources/lang/de_de.lang @@ -323,3 +323,9 @@ None;None No user with this id found;No user with this id found Back to list;Back to list New domain;New domain +Reset password;Reset password +Password reset;Password reset +Reset the password of your account;Reset the password of your account +Wrong here?;Wrong here? +A user with this email can not be found;A user with this email can not be found +Passwort reset successfull. Check your mail;Passwort reset successfull. Check your mail diff --git a/Moonlight/resources/mail/passwordReset.html b/Moonlight/resources/mail/passwordReset.html new file mode 100644 index 00000000..9dd066c6 --- /dev/null +++ b/Moonlight/resources/mail/passwordReset.html @@ -0,0 +1,54 @@ + + + + + Moonlight password reset + + +
+ + + + + + + + + + + + +
+
+
+ + Logo + +
+
+

Hey {{FirstName}}, your password has been resetted

+

Your new password is: {{Password}}

+

If this was not you please contact us. Also here is the data we collected.

+

IP: {{Ip}}

+

Device: {{Device}}

+

Location: {{Location}}

+
+ Open Moonlight + +
+
+

You need help?

+

We are happy to help!

+

More information at + endelon.link/support. +

+
+

Copyright 2022 Endelon Hosting

+
+
+ + \ No newline at end of file