Vereinfachte Zugriffscode-Validierung für den Endpunkt EnvelopeKey/{envelopeReceiverId}/Locked POST. resx aktualisiert, um den Benutzer besser zu informieren
This commit is contained in:
Developer 02
parent
2c147f44b7
commit
290a1dd522
@ -150,9 +150,6 @@
|
|||||||
<data name="EnvelopeInfo2" xml:space="preserve">
|
<data name="EnvelopeInfo2" xml:space="preserve">
|
||||||
<value>Erstellt am {0} von {1}. Sie können den Absender über <a href="mailto:{2}?subject={3}&body=Sehr%20geehrter%20{4}%20{5},%0A%0A%0A">{6}</a> kontaktieren.</value>
|
<value>Erstellt am {0} von {1}. Sie können den Absender über <a href="mailto:{2}?subject={3}&body=Sehr%20geehrter%20{4}%20{5},%0A%0A%0A">{6}</a> kontaktieren.</value>
|
||||||
</data>
|
</data>
|
||||||
<data name="EnvelopeObjectionTitle" xml:space="preserve">
|
|
||||||
<value>Ihr Einspruch wurde weitergeleitet!</value>
|
|
||||||
</data>
|
|
||||||
<data name="Finalize" xml:space="preserve">
|
<data name="Finalize" xml:space="preserve">
|
||||||
<value>Abschließen</value>
|
<value>Abschließen</value>
|
||||||
</data>
|
</data>
|
||||||
@ -183,11 +180,14 @@
|
|||||||
<data name="Rejection" xml:space="preserve">
|
<data name="Rejection" xml:space="preserve">
|
||||||
<value>Ablehnung</value>
|
<value>Ablehnung</value>
|
||||||
</data>
|
</data>
|
||||||
|
<data name="RejectionInfo1" xml:space="preserve">
|
||||||
|
<value>Ihre Ablehnung wurde weitergeleitet!</value>
|
||||||
|
</data>
|
||||||
<data name="RejectionInfo2" xml:space="preserve">
|
<data name="RejectionInfo2" xml:space="preserve">
|
||||||
<value>Ihr Einspruch wurde an {0} weitergeleitet. Sie können über <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> Kontakt aufnehmen.</value>
|
<value>Sie können bei Bedarf mit {0}, <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> Kontakt aufnehmen.</value>
|
||||||
</data>
|
</data>
|
||||||
<data name="RejectionReasonQ" xml:space="preserve">
|
<data name="RejectionReasonQ" xml:space="preserve">
|
||||||
<value>Warum lehnen Sie den Vertrag ab?</value>
|
<value>Bitte geben Sie einen Grund an:</value>
|
||||||
</data>
|
</data>
|
||||||
<data name="SigAgree" xml:space="preserve">
|
<data name="SigAgree" xml:space="preserve">
|
||||||
<value>Durch Klick auf Abschließen stimme ich zu, dass die abgebildete und übermittelte Signatur als elektronische Darstellung meiner Signatur in den Fällen gelten, in denen ich sie auf Dokumenten, einschließlich rechtsgültiger Verträge verwende.</value>
|
<value>Durch Klick auf Abschließen stimme ich zu, dass die abgebildete und übermittelte Signatur als elektronische Darstellung meiner Signatur in den Fällen gelten, in denen ich sie auf Dokumenten, einschließlich rechtsgültiger Verträge verwende.</value>
|
||||||
|
|||||||
@ -150,9 +150,6 @@
|
|||||||
<data name="EnvelopeInfo2" xml:space="preserve">
|
<data name="EnvelopeInfo2" xml:space="preserve">
|
||||||
<value>Created on {0} by {1}. You can contact the sender via <a href="mailto:{2}?subject={3}&body=Dear%20{4}%20{5},%0A%0A%0A">{6}</a>.</value>
|
<value>Created on {0} by {1}. You can contact the sender via <a href="mailto:{2}?subject={3}&body=Dear%20{4}%20{5},%0A%0A%0A">{6}</a>.</value>
|
||||||
</data>
|
</data>
|
||||||
<data name="EnvelopeObjectionTitle" xml:space="preserve">
|
|
||||||
<value>Your objection has been forwarded!</value>
|
|
||||||
</data>
|
|
||||||
<data name="Finalize" xml:space="preserve">
|
<data name="Finalize" xml:space="preserve">
|
||||||
<value>Finalize</value>
|
<value>Finalize</value>
|
||||||
</data>
|
</data>
|
||||||
@ -183,11 +180,14 @@
|
|||||||
<data name="Rejection" xml:space="preserve">
|
<data name="Rejection" xml:space="preserve">
|
||||||
<value>Rejection</value>
|
<value>Rejection</value>
|
||||||
</data>
|
</data>
|
||||||
|
<data name="RejectionInfo1" xml:space="preserve">
|
||||||
|
<value>Your rejection has been forwarded!</value>
|
||||||
|
</data>
|
||||||
<data name="RejectionInfo2" xml:space="preserve">
|
<data name="RejectionInfo2" xml:space="preserve">
|
||||||
<value>Your objection has been forwarded to {0}. You can contact via <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a>.</value>
|
<value>You can contact {0}, <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> if required.</value>
|
||||||
</data>
|
</data>
|
||||||
<data name="RejectionReasonQ" xml:space="preserve">
|
<data name="RejectionReasonQ" xml:space="preserve">
|
||||||
<value>Why do you reject the contract?</value>
|
<value>Please give a reason:</value>
|
||||||
</data>
|
</data>
|
||||||
<data name="SigAgree" xml:space="preserve">
|
<data name="SigAgree" xml:space="preserve">
|
||||||
<value>By clicking on Finalize, I agree that the signature shown and submitted is an electronic representation of my signature in cases where I use it on documents, including legally binding contracts.</value>
|
<value>By clicking on Finalize, I agree that the signature shown and submitted is an electronic representation of my signature in cases where I use it on documents, including legally binding contracts.</value>
|
||||||
|
|||||||
@ -1,5 +1,4 @@
|
|||||||
using EnvelopeGenerator.Application.Contracts;
|
using EnvelopeGenerator.Application.Contracts;
|
||||||
using EnvelopeGenerator.Application.Services;
|
|
||||||
using EnvelopeGenerator.Common;
|
using EnvelopeGenerator.Common;
|
||||||
using EnvelopeGenerator.Web.Services;
|
using EnvelopeGenerator.Web.Services;
|
||||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||||
@ -16,9 +15,6 @@ using Microsoft.AspNetCore.Localization;
|
|||||||
using System.Text.Encodings.Web;
|
using System.Text.Encodings.Web;
|
||||||
using EnvelopeGenerator.Web.Models;
|
using EnvelopeGenerator.Web.Models;
|
||||||
using EnvelopeGenerator.Application.Resources;
|
using EnvelopeGenerator.Application.Resources;
|
||||||
using Microsoft.EntityFrameworkCore.ChangeTracking.Internal;
|
|
||||||
using System.Text.RegularExpressions;
|
|
||||||
using EnvelopeGenerator.Domain.Entities;
|
|
||||||
|
|
||||||
namespace EnvelopeGenerator.Web.Controllers
|
namespace EnvelopeGenerator.Web.Controllers
|
||||||
{
|
{
|
||||||
@ -121,7 +117,7 @@ namespace EnvelopeGenerator.Web.Controllers
|
|||||||
envelopeReceiverId = _urlEncoder.Encode(envelopeReceiverId);
|
envelopeReceiverId = _urlEncoder.Encode(envelopeReceiverId);
|
||||||
(string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
|
(string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
|
||||||
|
|
||||||
if(uuid is null || signature is null)
|
if (uuid is null || signature is null)
|
||||||
{
|
{
|
||||||
_logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]);
|
_logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]);
|
||||||
return Unauthorized();
|
return Unauthorized();
|
||||||
@ -129,83 +125,84 @@ namespace EnvelopeGenerator.Web.Controllers
|
|||||||
|
|
||||||
_logger.LogInformation($"Envelope UUID: [{uuid}]\nReceiver Signature: [{signature}]");
|
_logger.LogInformation($"Envelope UUID: [{uuid}]\nReceiver Signature: [{signature}]");
|
||||||
|
|
||||||
return await _envRcvService.VerifyAccessCodeAsync(uuid: uuid, signature: signature, accessCode: access_code).ThenAsync(
|
//check access code
|
||||||
SuccessAsync: async isVerified =>
|
EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
|
||||||
{
|
var verification = await _envRcvService.VerifyAccessCodeAsync(uuid: uuid, signature: signature, accessCode: access_code);
|
||||||
EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
|
if (verification.IsFailed)
|
||||||
if (isVerified)
|
{
|
||||||
|
_logger.LogNotice(verification.Notices);
|
||||||
|
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||||
|
return View("EnvelopeLocked")
|
||||||
|
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||||
|
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||||
|
}
|
||||||
|
else if (verification.IsWrong())
|
||||||
|
{
|
||||||
|
database.Services.actionService.EnterIncorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||||
|
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||||
|
return View("EnvelopeLocked")
|
||||||
|
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||||
|
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
ViewData["EnvelopeKey"] = envelopeReceiverId;
|
||||||
|
}
|
||||||
|
|
||||||
|
//show envelope
|
||||||
|
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||||
|
return await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature).ThenAsync<EnvelopeReceiverDto, IActionResult>(
|
||||||
|
SuccessAsync: async er =>
|
||||||
{
|
{
|
||||||
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
|
if (await _historyService.IsRejected(envelopeId: er.Envelope!.Id))
|
||||||
ViewData["EnvelopeKey"] = envelopeReceiverId;
|
return View("EnvelopeRejected", er);
|
||||||
|
|
||||||
return await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature).ThenAsync<EnvelopeReceiverDto, IActionResult>(
|
if (await _historyService.IsSigned(envelopeId: er.Envelope!.Id, userReference: er.Receiver!.EmailAddress))
|
||||||
SuccessAsync: async er =>
|
return View("EnvelopeSigned");
|
||||||
{
|
|
||||||
if(await _historyService.IsSigned(envelopeId: er.Envelope!.Id, userReference: er.Receiver!.EmailAddress))
|
|
||||||
return View("EnvelopeSigned");
|
|
||||||
|
|
||||||
if (response.Envelope.Documents.Count > 0)
|
if (response.Envelope.Documents.Count > 0)
|
||||||
{
|
{
|
||||||
var document = await envelopeOldService.GetDocument(response.Envelope.Documents[0].Id, envelopeReceiverId);
|
var document = await envelopeOldService.GetDocument(response.Envelope.Documents[0].Id, envelopeReceiverId);
|
||||||
byte[] bytes = await envelopeOldService.GetDocumentContents(document);
|
byte[] bytes = await envelopeOldService.GetDocumentContents(document);
|
||||||
ViewData["DocumentBytes"] = bytes;
|
ViewData["DocumentBytes"] = bytes;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
return this.ViewDocumentNotFound();
|
||||||
return this.ViewDocumentNotFound();
|
|
||||||
}
|
|
||||||
|
|
||||||
var claims = new List<Claim> {
|
var claims = new List<Claim> {
|
||||||
new(ClaimTypes.NameIdentifier, uuid),
|
new(ClaimTypes.NameIdentifier, uuid),
|
||||||
new(ClaimTypes.Hash, signature),
|
new(ClaimTypes.Hash, signature),
|
||||||
new(ClaimTypes.Name, er.Name ?? string.Empty),
|
new(ClaimTypes.Name, er.Name ?? string.Empty),
|
||||||
new(ClaimTypes.Email, er.Receiver.EmailAddress),
|
new(ClaimTypes.Email, er.Receiver.EmailAddress),
|
||||||
new(EnvelopeClaimTypes.Title, er.Envelope.Title)
|
new(EnvelopeClaimTypes.Title, er.Envelope.Title)
|
||||||
};
|
};
|
||||||
|
|
||||||
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
||||||
var authProperties = new AuthenticationProperties {
|
var authProperties = new AuthenticationProperties
|
||||||
AllowRefresh = false,
|
{
|
||||||
IsPersistent = false
|
AllowRefresh = false,
|
||||||
};
|
IsPersistent = false
|
||||||
|
};
|
||||||
|
|
||||||
await HttpContext.SignInAsync(
|
await HttpContext.SignInAsync(
|
||||||
CookieAuthenticationDefaults.AuthenticationScheme,
|
CookieAuthenticationDefaults.AuthenticationScheme,
|
||||||
new ClaimsPrincipal(claimsIdentity),
|
new ClaimsPrincipal(claimsIdentity),
|
||||||
authProperties);
|
authProperties);
|
||||||
|
|
||||||
//add PSPDFKit licence key
|
//add PSPDFKit licence key
|
||||||
ViewData["PSPDFKitLicenseKey"] = _configuration["PSPDFKitLicenseKey"];
|
ViewData["PSPDFKitLicenseKey"] = _configuration["PSPDFKitLicenseKey"];
|
||||||
ViewData["UserCulture"] = _cultures[UserLanguage];
|
ViewData["UserCulture"] = _cultures[UserLanguage];
|
||||||
|
|
||||||
return View("ShowEnvelope", er);
|
return View("ShowEnvelope", er);
|
||||||
},
|
},
|
||||||
Fail: (messages, notices) =>
|
Fail: (messages, notices) =>
|
||||||
{
|
|
||||||
_logger.LogNotice(notices);
|
|
||||||
return this.ViewEnvelopeNotFound();
|
|
||||||
}
|
|
||||||
);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
{
|
||||||
database.Services.actionService.EnterIncorrectAccessCode(response.Envelope, response.Receiver); //for history
|
_logger.LogNotice(notices);
|
||||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
return this.ViewEnvelopeNotFound();
|
||||||
return View("EnvelopeLocked")
|
|
||||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
|
||||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
|
||||||
}
|
}
|
||||||
},
|
);
|
||||||
Fail: (messages, notices) =>
|
|
||||||
{
|
|
||||||
_logger.LogNotice(notices);
|
|
||||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
|
||||||
return View("EnvelopeLocked")
|
|
||||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
|
||||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
catch(Exception ex)
|
catch (Exception ex)
|
||||||
{
|
{
|
||||||
_logger.LogEnvelopeError(envelopeEeceiverId: envelopeReceiverId, exception: ex);
|
_logger.LogEnvelopeError(envelopeEeceiverId: envelopeReceiverId, exception: ex);
|
||||||
return this.ViewInnerServiceError();
|
return this.ViewInnerServiceError();
|
||||||
|
|||||||
@ -54,7 +54,7 @@
|
|||||||
c-5.791,5.79-15.176,5.79-20.969,0l-30.32-30.322l-11.676,11.676l30.32,30.32c5.79,5.79,5.79,15.178,0,20.969L299.11,404.045z"/>
|
c-5.791,5.79-15.176,5.79-20.969,0l-30.32-30.322l-11.676,11.676l30.32,30.32c5.79,5.79,5.79,15.178,0,20.969L299.11,404.045z"/>
|
||||||
</svg>
|
</svg>
|
||||||
</div>
|
</div>
|
||||||
<h1>@_localizer[WebKey.EnvelopeObjectionTitle].TrySanitize(_sanitizer)</h1>
|
<h1>@_localizer[WebKey.RejectionInfo1].TrySanitize(_sanitizer)</h1>
|
||||||
</header>
|
</header>
|
||||||
<section class="text-center">
|
<section class="text-center">
|
||||||
<div class="card-body p-0 m-0 ms-4">
|
<div class="card-body p-0 m-0 ms-4">
|
||||||
@ -62,8 +62,8 @@
|
|||||||
<small class="text-body-secondary">
|
<small class="text-body-secondary">
|
||||||
@Html.Raw(string.Format(_localizer[WebKey.RejectionInfo2],
|
@Html.Raw(string.Format(_localizer[WebKey.RejectionInfo2],
|
||||||
$"{sender?.Prename} {sender?.Name}".TrySanitize(_sanitizer),
|
$"{sender?.Prename} {sender?.Name}".TrySanitize(_sanitizer),
|
||||||
sender?.Email.TryEncode(_encoder),
|
sender?.Email.TrySanitize(_sanitizer),
|
||||||
envelope?.Title.TryEncode(_encoder)))
|
envelope?.Title.TrySanitize(_sanitizer)))
|
||||||
</small>
|
</small>
|
||||||
</p>
|
</p>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -28,7 +28,7 @@
|
|||||||
public static readonly string Reject = nameof(Reject);
|
public static readonly string Reject = nameof(Reject);
|
||||||
public static readonly string and = nameof(and);
|
public static readonly string and = nameof(and);
|
||||||
public static readonly string Hello = nameof(Hello);
|
public static readonly string Hello = nameof(Hello);
|
||||||
public static readonly string EnvelopeObjectionTitle = nameof(EnvelopeObjectionTitle);
|
public static readonly string RejectionInfo1 = nameof(RejectionInfo1);
|
||||||
public static readonly string RejectionInfo2 = nameof(RejectionInfo2);
|
public static readonly string RejectionInfo2 = nameof(RejectionInfo2);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -28,7 +28,6 @@ $('.btn_reject').click(_ =>
|
|||||||
if (!result.isConfirmed)
|
if (!result.isConfirmed)
|
||||||
return;
|
return;
|
||||||
const res = result.value;
|
const res = result.value;
|
||||||
console.log(res)
|
|
||||||
if (res.ok) {
|
if (res.ok) {
|
||||||
redirRejected()
|
redirRejected()
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user