Vereinfachte Zugriffscode-Validierung für den Endpunkt EnvelopeKey/{envelopeReceiverId}/Locked POST. resx aktualisiert, um den Benutzer besser zu informieren
This commit is contained in:
Developer 02
parent
2c147f44b7
commit
290a1dd522
@ -150,9 +150,6 @@
|
||||
<data name="EnvelopeInfo2" xml:space="preserve">
|
||||
<value>Erstellt am {0} von {1}. Sie können den Absender über <a href="mailto:{2}?subject={3}&body=Sehr%20geehrter%20{4}%20{5},%0A%0A%0A">{6}</a> kontaktieren.</value>
|
||||
</data>
|
||||
<data name="EnvelopeObjectionTitle" xml:space="preserve">
|
||||
<value>Ihr Einspruch wurde weitergeleitet!</value>
|
||||
</data>
|
||||
<data name="Finalize" xml:space="preserve">
|
||||
<value>Abschließen</value>
|
||||
</data>
|
||||
@ -183,11 +180,14 @@
|
||||
<data name="Rejection" xml:space="preserve">
|
||||
<value>Ablehnung</value>
|
||||
</data>
|
||||
<data name="RejectionInfo1" xml:space="preserve">
|
||||
<value>Ihre Ablehnung wurde weitergeleitet!</value>
|
||||
</data>
|
||||
<data name="RejectionInfo2" xml:space="preserve">
|
||||
<value>Ihr Einspruch wurde an {0} weitergeleitet. Sie können über <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> Kontakt aufnehmen.</value>
|
||||
<value>Sie können bei Bedarf mit {0}, <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> Kontakt aufnehmen.</value>
|
||||
</data>
|
||||
<data name="RejectionReasonQ" xml:space="preserve">
|
||||
<value>Warum lehnen Sie den Vertrag ab?</value>
|
||||
<value>Bitte geben Sie einen Grund an:</value>
|
||||
</data>
|
||||
<data name="SigAgree" xml:space="preserve">
|
||||
<value>Durch Klick auf Abschließen stimme ich zu, dass die abgebildete und übermittelte Signatur als elektronische Darstellung meiner Signatur in den Fällen gelten, in denen ich sie auf Dokumenten, einschließlich rechtsgültiger Verträge verwende.</value>
|
||||
|
||||
@ -150,9 +150,6 @@
|
||||
<data name="EnvelopeInfo2" xml:space="preserve">
|
||||
<value>Created on {0} by {1}. You can contact the sender via <a href="mailto:{2}?subject={3}&body=Dear%20{4}%20{5},%0A%0A%0A">{6}</a>.</value>
|
||||
</data>
|
||||
<data name="EnvelopeObjectionTitle" xml:space="preserve">
|
||||
<value>Your objection has been forwarded!</value>
|
||||
</data>
|
||||
<data name="Finalize" xml:space="preserve">
|
||||
<value>Finalize</value>
|
||||
</data>
|
||||
@ -183,11 +180,14 @@
|
||||
<data name="Rejection" xml:space="preserve">
|
||||
<value>Rejection</value>
|
||||
</data>
|
||||
<data name="RejectionInfo1" xml:space="preserve">
|
||||
<value>Your rejection has been forwarded!</value>
|
||||
</data>
|
||||
<data name="RejectionInfo2" xml:space="preserve">
|
||||
<value>Your objection has been forwarded to {0}. You can contact via <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a>.</value>
|
||||
<value>You can contact {0}, <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> if required.</value>
|
||||
</data>
|
||||
<data name="RejectionReasonQ" xml:space="preserve">
|
||||
<value>Why do you reject the contract?</value>
|
||||
<value>Please give a reason:</value>
|
||||
</data>
|
||||
<data name="SigAgree" xml:space="preserve">
|
||||
<value>By clicking on Finalize, I agree that the signature shown and submitted is an electronic representation of my signature in cases where I use it on documents, including legally binding contracts.</value>
|
||||
|
||||
@ -1,5 +1,4 @@
|
||||
using EnvelopeGenerator.Application.Contracts;
|
||||
using EnvelopeGenerator.Application.Services;
|
||||
using EnvelopeGenerator.Common;
|
||||
using EnvelopeGenerator.Web.Services;
|
||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||
@ -16,9 +15,6 @@ using Microsoft.AspNetCore.Localization;
|
||||
using System.Text.Encodings.Web;
|
||||
using EnvelopeGenerator.Web.Models;
|
||||
using EnvelopeGenerator.Application.Resources;
|
||||
using Microsoft.EntityFrameworkCore.ChangeTracking.Internal;
|
||||
using System.Text.RegularExpressions;
|
||||
using EnvelopeGenerator.Domain.Entities;
|
||||
|
||||
namespace EnvelopeGenerator.Web.Controllers
|
||||
{
|
||||
@ -129,18 +125,38 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
|
||||
_logger.LogInformation($"Envelope UUID: [{uuid}]\nReceiver Signature: [{signature}]");
|
||||
|
||||
return await _envRcvService.VerifyAccessCodeAsync(uuid: uuid, signature: signature, accessCode: access_code).ThenAsync(
|
||||
SuccessAsync: async isVerified =>
|
||||
{
|
||||
//check access code
|
||||
EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
|
||||
if (isVerified)
|
||||
var verification = await _envRcvService.VerifyAccessCodeAsync(uuid: uuid, signature: signature, accessCode: access_code);
|
||||
if (verification.IsFailed)
|
||||
{
|
||||
_logger.LogNotice(verification.Notices);
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return View("EnvelopeLocked")
|
||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||
}
|
||||
else if (verification.IsWrong())
|
||||
{
|
||||
database.Services.actionService.EnterIncorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return View("EnvelopeLocked")
|
||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||
}
|
||||
else
|
||||
{
|
||||
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||
ViewData["EnvelopeKey"] = envelopeReceiverId;
|
||||
}
|
||||
|
||||
//show envelope
|
||||
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||
return await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature).ThenAsync<EnvelopeReceiverDto, IActionResult>(
|
||||
SuccessAsync: async er =>
|
||||
{
|
||||
if (await _historyService.IsRejected(envelopeId: er.Envelope!.Id))
|
||||
return View("EnvelopeRejected", er);
|
||||
|
||||
if (await _historyService.IsSigned(envelopeId: er.Envelope!.Id, userReference: er.Receiver!.EmailAddress))
|
||||
return View("EnvelopeSigned");
|
||||
|
||||
@ -151,9 +167,7 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
ViewData["DocumentBytes"] = bytes;
|
||||
}
|
||||
else
|
||||
{
|
||||
return this.ViewDocumentNotFound();
|
||||
}
|
||||
|
||||
var claims = new List<Claim> {
|
||||
new(ClaimTypes.NameIdentifier, uuid),
|
||||
@ -164,7 +178,8 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
};
|
||||
|
||||
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
||||
var authProperties = new AuthenticationProperties {
|
||||
var authProperties = new AuthenticationProperties
|
||||
{
|
||||
AllowRefresh = false,
|
||||
IsPersistent = false
|
||||
};
|
||||
@ -187,24 +202,6 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
}
|
||||
);
|
||||
}
|
||||
else
|
||||
{
|
||||
database.Services.actionService.EnterIncorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return View("EnvelopeLocked")
|
||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||
}
|
||||
},
|
||||
Fail: (messages, notices) =>
|
||||
{
|
||||
_logger.LogNotice(notices);
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return View("EnvelopeLocked")
|
||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||
});
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
_logger.LogEnvelopeError(envelopeEeceiverId: envelopeReceiverId, exception: ex);
|
||||
|
||||
@ -54,7 +54,7 @@
|
||||
c-5.791,5.79-15.176,5.79-20.969,0l-30.32-30.322l-11.676,11.676l30.32,30.32c5.79,5.79,5.79,15.178,0,20.969L299.11,404.045z"/>
|
||||
</svg>
|
||||
</div>
|
||||
<h1>@_localizer[WebKey.EnvelopeObjectionTitle].TrySanitize(_sanitizer)</h1>
|
||||
<h1>@_localizer[WebKey.RejectionInfo1].TrySanitize(_sanitizer)</h1>
|
||||
</header>
|
||||
<section class="text-center">
|
||||
<div class="card-body p-0 m-0 ms-4">
|
||||
@ -62,8 +62,8 @@
|
||||
<small class="text-body-secondary">
|
||||
@Html.Raw(string.Format(_localizer[WebKey.RejectionInfo2],
|
||||
$"{sender?.Prename} {sender?.Name}".TrySanitize(_sanitizer),
|
||||
sender?.Email.TryEncode(_encoder),
|
||||
envelope?.Title.TryEncode(_encoder)))
|
||||
sender?.Email.TrySanitize(_sanitizer),
|
||||
envelope?.Title.TrySanitize(_sanitizer)))
|
||||
</small>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
@ -28,7 +28,7 @@
|
||||
public static readonly string Reject = nameof(Reject);
|
||||
public static readonly string and = nameof(and);
|
||||
public static readonly string Hello = nameof(Hello);
|
||||
public static readonly string EnvelopeObjectionTitle = nameof(EnvelopeObjectionTitle);
|
||||
public static readonly string RejectionInfo1 = nameof(RejectionInfo1);
|
||||
public static readonly string RejectionInfo2 = nameof(RejectionInfo2);
|
||||
}
|
||||
}
|
||||
@ -28,7 +28,6 @@ $('.btn_reject').click(_ =>
|
||||
if (!result.isConfirmed)
|
||||
return;
|
||||
const res = result.value;
|
||||
console.log(res)
|
||||
if (res.ok) {
|
||||
redirRejected()
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user