mail update
This commit is contained in:
Tizian.Breuch
@@ -68,50 +68,6 @@ namespace Webshop.Application.Services.Auth
|
||||
return ServiceResult.Ok();
|
||||
}
|
||||
|
||||
public async Task<ServiceResult<AuthResponseDto>> LoginUserAsync(LoginRequestDto request)
|
||||
{
|
||||
var user = await _userManager.FindByEmailAsync(request.Email);
|
||||
if (user == null || !await _userManager.CheckPasswordAsync(user, request.Password))
|
||||
{
|
||||
return ServiceResult.Fail<AuthResponseDto>(ServiceResultType.Unauthorized, "Ungültige Anmeldeinformationen.");
|
||||
}
|
||||
|
||||
if (!await _userManager.IsEmailConfirmedAsync(user))
|
||||
{
|
||||
return ServiceResult.Fail<AuthResponseDto>(ServiceResultType.Unauthorized, "E-Mail-Adresse wurde noch nicht bestätigt.");
|
||||
}
|
||||
|
||||
var roles = await _userManager.GetRolesAsync(user);
|
||||
var token = GenerateJwtToken(user, roles);
|
||||
|
||||
var response = new AuthResponseDto
|
||||
{
|
||||
IsAuthSuccessful = true,
|
||||
Token = token,
|
||||
UserId = user.Id,
|
||||
Email = user.Email,
|
||||
Roles = roles.ToList()
|
||||
};
|
||||
return ServiceResult.Ok(response);
|
||||
}
|
||||
|
||||
public async Task<ServiceResult<AuthResponseDto>> LoginAdminAsync(LoginRequestDto request)
|
||||
{
|
||||
var loginResult = await LoginUserAsync(request);
|
||||
if (loginResult.Type != ServiceResultType.Success)
|
||||
{
|
||||
return loginResult;
|
||||
}
|
||||
|
||||
var user = await _userManager.FindByEmailAsync(request.Email);
|
||||
if (user == null || !await _userManager.IsInRoleAsync(user, "Admin"))
|
||||
{
|
||||
return ServiceResult.Fail<AuthResponseDto>(ServiceResultType.Forbidden, "Keine Berechtigung für den Admin-Zugang.");
|
||||
}
|
||||
|
||||
return loginResult;
|
||||
}
|
||||
|
||||
public async Task<ServiceResult> ConfirmEmailAsync(string userId, string token)
|
||||
{
|
||||
var user = await _userManager.FindByIdAsync(userId);
|
||||
@@ -127,15 +83,11 @@ namespace Webshop.Application.Services.Auth
|
||||
public async Task<ServiceResult> ResendEmailConfirmationAsync(string email)
|
||||
{
|
||||
var user = await _userManager.FindByEmailAsync(email);
|
||||
if (user == null)
|
||||
if (user == null || await _userManager.IsEmailConfirmedAsync(user))
|
||||
{
|
||||
// Aus Sicherheitsgründen nicht verraten, ob die E-Mail existiert
|
||||
// Aus Sicherheitsgründen immer eine positive Antwort geben
|
||||
return ServiceResult.Ok();
|
||||
}
|
||||
if (await _userManager.IsEmailConfirmedAsync(user))
|
||||
{
|
||||
return ServiceResult.Fail(ServiceResultType.InvalidInput, "E-Mail-Adresse ist bereits bestätigt.");
|
||||
}
|
||||
|
||||
await SendEmailConfirmationEmail(user);
|
||||
return ServiceResult.Ok();
|
||||
@@ -151,15 +103,21 @@ namespace Webshop.Application.Services.Auth
|
||||
|
||||
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
|
||||
var encodedToken = HttpUtility.UrlEncode(token);
|
||||
var clientUrl = _configuration["App:ClientUrl"]!;
|
||||
var clientUrl = _configuration["App:ClientUrl"] ?? "http://localhost:3000";
|
||||
var resetLink = $"{clientUrl}/reset-password?email={HttpUtility.UrlEncode(request.Email)}&token={encodedToken}";
|
||||
|
||||
// << KORREKTUR: EmailMessage verwenden >>
|
||||
var emailHtmlBody = await LoadAndFormatEmailTemplate(
|
||||
titel: "Setzen Sie Ihr Passwort zurück",
|
||||
haupttext: "Sie haben eine Anfrage zum Zurücksetzen Ihres Passworts gesendet. Klicken Sie auf den Button unten, um ein neues Passwort festzulegen.",
|
||||
callToActionText: "Passwort zurücksetzen",
|
||||
callToActionLink: resetLink
|
||||
);
|
||||
|
||||
var message = new EmailMessage();
|
||||
message.To.Add(request.Email);
|
||||
message.From = _configuration["Resend:FromEmail"]!;
|
||||
message.Subject = "Anleitung zum Zurücksetzen Ihres Passworts";
|
||||
message.HtmlBody = $"<h1>Passwort zurücksetzen</h1><p>Bitte setzen Sie Ihr Passwort zurück, indem Sie auf diesen Link klicken: <a href='{resetLink}'>Passwort zurücksetzen</a></p>";
|
||||
message.HtmlBody = emailHtmlBody;
|
||||
await _resend.EmailSendAsync(message);
|
||||
|
||||
return ServiceResult.Ok();
|
||||
@@ -180,6 +138,8 @@ namespace Webshop.Application.Services.Auth
|
||||
: ServiceResult.Fail(ServiceResultType.InvalidInput, string.Join(" ", result.Errors.Select(e => e.Description)));
|
||||
}
|
||||
|
||||
// --- Private Helper-Methoden ---
|
||||
|
||||
private async Task SendEmailConfirmationEmail(ApplicationUser user)
|
||||
{
|
||||
var token = await _userManager.GenerateEmailConfirmationTokenAsync(user);
|
||||
@@ -187,15 +147,43 @@ namespace Webshop.Application.Services.Auth
|
||||
var clientUrl = _configuration["App:ClientUrl"]!;
|
||||
var confirmationLink = $"{clientUrl}/confirm-email?userId={user.Id}&token={encodedToken}";
|
||||
|
||||
// << KORREKTUR: EmailMessage verwenden >>
|
||||
var emailHtmlBody = await LoadAndFormatEmailTemplate(
|
||||
titel: "Bestätigen Sie Ihre E-Mail-Adresse",
|
||||
haupttext: "Vielen Dank für Ihre Registrierung! Bitte klicken Sie auf den Button unten, um Ihr Konto zu aktivieren.",
|
||||
callToActionText: "Konto aktivieren",
|
||||
callToActionLink: confirmationLink
|
||||
);
|
||||
|
||||
var message = new EmailMessage();
|
||||
message.To.Add(user.Email);
|
||||
message.From = _configuration["Resend:FromEmail"]!;
|
||||
message.Subject = "Bestätigen Sie Ihre E-Mail-Adresse";
|
||||
message.HtmlBody = $"<h1>Willkommen!</h1><p>Bitte bestätigen Sie Ihre E-Mail-Adresse, indem Sie auf diesen Link klicken: <a href='{confirmationLink}'>Bestätigen</a></p>";
|
||||
message.Subject = "Willkommen! Bitte bestätigen Sie Ihre E-Mail-Adresse";
|
||||
message.HtmlBody = emailHtmlBody;
|
||||
await _resend.EmailSendAsync(message);
|
||||
}
|
||||
|
||||
private async Task<string> LoadAndFormatEmailTemplate(string titel, string haupttext, string callToActionText, string callToActionLink)
|
||||
{
|
||||
var templatePath = Path.Combine(AppContext.BaseDirectory, "Templates", "_EmailTemplate.html");
|
||||
|
||||
if (!File.Exists(templatePath))
|
||||
{
|
||||
// Fallback, falls die Vorlagendatei nicht gefunden wird
|
||||
return $"<h1>{titel}</h1><p>{haupttext}</p><a href='{callToActionLink}'>{callToActionText}</a>";
|
||||
}
|
||||
|
||||
var template = await File.ReadAllTextAsync(templatePath);
|
||||
|
||||
template = template.Replace("{{ShopName}}", _configuration["ShopInfo:Name"] ?? "Ihr Webshop");
|
||||
template = template.Replace("{{Titel}}", titel);
|
||||
template = template.Replace("{{Haupttext}}", haupttext);
|
||||
template = template.Replace("{{CallToActionText}}", callToActionText);
|
||||
template = template.Replace("{{CallToActionLink}}", callToActionLink);
|
||||
template = template.Replace("{{Jahr}}", DateTime.UtcNow.Year.ToString());
|
||||
|
||||
return template;
|
||||
}
|
||||
|
||||
private string GenerateJwtToken(ApplicationUser user, IList<string> roles)
|
||||
{
|
||||
var claims = new List<Claim>
|
||||
@@ -225,5 +213,49 @@ namespace Webshop.Application.Services.Auth
|
||||
|
||||
return new JwtSecurityTokenHandler().WriteToken(token);
|
||||
}
|
||||
|
||||
public async Task<ServiceResult<AuthResponseDto>> LoginAdminAsync(LoginRequestDto request)
|
||||
{
|
||||
var loginResult = await LoginUserAsync(request);
|
||||
if (loginResult.Type != ServiceResultType.Success)
|
||||
{
|
||||
return loginResult;
|
||||
}
|
||||
|
||||
var user = await _userManager.FindByEmailAsync(request.Email);
|
||||
if (user == null || !await _userManager.IsInRoleAsync(user, "Admin"))
|
||||
{
|
||||
return ServiceResult.Fail<AuthResponseDto>(ServiceResultType.Forbidden, "Keine Berechtigung für den Admin-Zugang.");
|
||||
}
|
||||
|
||||
return loginResult;
|
||||
}
|
||||
|
||||
public async Task<ServiceResult<AuthResponseDto>> LoginUserAsync(LoginRequestDto request)
|
||||
{
|
||||
var user = await _userManager.FindByEmailAsync(request.Email);
|
||||
if (user == null || !await _userManager.CheckPasswordAsync(user, request.Password))
|
||||
{
|
||||
return ServiceResult.Fail<AuthResponseDto>(ServiceResultType.Unauthorized, "Ungültige Anmeldeinformationen.");
|
||||
}
|
||||
|
||||
if (!await _userManager.IsEmailConfirmedAsync(user))
|
||||
{
|
||||
return ServiceResult.Fail<AuthResponseDto>(ServiceResultType.Unauthorized, "E-Mail-Adresse wurde noch nicht bestätigt.");
|
||||
}
|
||||
|
||||
var roles = await _userManager.GetRolesAsync(user);
|
||||
var token = GenerateJwtToken(user, roles);
|
||||
|
||||
var response = new AuthResponseDto
|
||||
{
|
||||
IsAuthSuccessful = true,
|
||||
Token = token,
|
||||
UserId = user.Id,
|
||||
Email = user.Email,
|
||||
Roles = roles.ToList()
|
||||
};
|
||||
return ServiceResult.Ok(response);
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user