Vereinfachte Zugriffscode-Validierung für den Endpunkt EnvelopeKey/{envelopeReceiverId}/Locked POST. resx aktualisiert, um den Benutzer besser zu informieren
This commit is contained in:
Developer 02
parent
2c147f44b7
commit
290a1dd522
@ -150,9 +150,6 @@
|
||||
<data name="EnvelopeInfo2" xml:space="preserve">
|
||||
<value>Erstellt am {0} von {1}. Sie können den Absender über <a href="mailto:{2}?subject={3}&body=Sehr%20geehrter%20{4}%20{5},%0A%0A%0A">{6}</a> kontaktieren.</value>
|
||||
</data>
|
||||
<data name="EnvelopeObjectionTitle" xml:space="preserve">
|
||||
<value>Ihr Einspruch wurde weitergeleitet!</value>
|
||||
</data>
|
||||
<data name="Finalize" xml:space="preserve">
|
||||
<value>Abschließen</value>
|
||||
</data>
|
||||
@ -183,11 +180,14 @@
|
||||
<data name="Rejection" xml:space="preserve">
|
||||
<value>Ablehnung</value>
|
||||
</data>
|
||||
<data name="RejectionInfo1" xml:space="preserve">
|
||||
<value>Ihre Ablehnung wurde weitergeleitet!</value>
|
||||
</data>
|
||||
<data name="RejectionInfo2" xml:space="preserve">
|
||||
<value>Ihr Einspruch wurde an {0} weitergeleitet. Sie können über <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> Kontakt aufnehmen.</value>
|
||||
<value>Sie können bei Bedarf mit {0}, <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> Kontakt aufnehmen.</value>
|
||||
</data>
|
||||
<data name="RejectionReasonQ" xml:space="preserve">
|
||||
<value>Warum lehnen Sie den Vertrag ab?</value>
|
||||
<value>Bitte geben Sie einen Grund an:</value>
|
||||
</data>
|
||||
<data name="SigAgree" xml:space="preserve">
|
||||
<value>Durch Klick auf Abschließen stimme ich zu, dass die abgebildete und übermittelte Signatur als elektronische Darstellung meiner Signatur in den Fällen gelten, in denen ich sie auf Dokumenten, einschließlich rechtsgültiger Verträge verwende.</value>
|
||||
|
||||
@ -150,9 +150,6 @@
|
||||
<data name="EnvelopeInfo2" xml:space="preserve">
|
||||
<value>Created on {0} by {1}. You can contact the sender via <a href="mailto:{2}?subject={3}&body=Dear%20{4}%20{5},%0A%0A%0A">{6}</a>.</value>
|
||||
</data>
|
||||
<data name="EnvelopeObjectionTitle" xml:space="preserve">
|
||||
<value>Your objection has been forwarded!</value>
|
||||
</data>
|
||||
<data name="Finalize" xml:space="preserve">
|
||||
<value>Finalize</value>
|
||||
</data>
|
||||
@ -183,11 +180,14 @@
|
||||
<data name="Rejection" xml:space="preserve">
|
||||
<value>Rejection</value>
|
||||
</data>
|
||||
<data name="RejectionInfo1" xml:space="preserve">
|
||||
<value>Your rejection has been forwarded!</value>
|
||||
</data>
|
||||
<data name="RejectionInfo2" xml:space="preserve">
|
||||
<value>Your objection has been forwarded to {0}. You can contact via <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a>.</value>
|
||||
<value>You can contact {0}, <a href="mailto:{1}?subject={2}&body=Dear%20{0},%0A%0A%0A">{1}</a> if required.</value>
|
||||
</data>
|
||||
<data name="RejectionReasonQ" xml:space="preserve">
|
||||
<value>Why do you reject the contract?</value>
|
||||
<value>Please give a reason:</value>
|
||||
</data>
|
||||
<data name="SigAgree" xml:space="preserve">
|
||||
<value>By clicking on Finalize, I agree that the signature shown and submitted is an electronic representation of my signature in cases where I use it on documents, including legally binding contracts.</value>
|
||||
|
||||
@ -1,5 +1,4 @@
|
||||
using EnvelopeGenerator.Application.Contracts;
|
||||
using EnvelopeGenerator.Application.Services;
|
||||
using EnvelopeGenerator.Common;
|
||||
using EnvelopeGenerator.Web.Services;
|
||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||
@ -16,9 +15,6 @@ using Microsoft.AspNetCore.Localization;
|
||||
using System.Text.Encodings.Web;
|
||||
using EnvelopeGenerator.Web.Models;
|
||||
using EnvelopeGenerator.Application.Resources;
|
||||
using Microsoft.EntityFrameworkCore.ChangeTracking.Internal;
|
||||
using System.Text.RegularExpressions;
|
||||
using EnvelopeGenerator.Domain.Entities;
|
||||
|
||||
namespace EnvelopeGenerator.Web.Controllers
|
||||
{
|
||||
@ -121,7 +117,7 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
envelopeReceiverId = _urlEncoder.Encode(envelopeReceiverId);
|
||||
(string? uuid, string? signature) = envelopeReceiverId.DecodeEnvelopeReceiverId();
|
||||
|
||||
if(uuid is null || signature is null)
|
||||
if (uuid is null || signature is null)
|
||||
{
|
||||
_logger.LogEnvelopeError(uuid: uuid, signature: signature, message: _localizer[WebKey.WrongEnvelopeReceiverId]);
|
||||
return Unauthorized();
|
||||
@ -129,83 +125,84 @@ namespace EnvelopeGenerator.Web.Controllers
|
||||
|
||||
_logger.LogInformation($"Envelope UUID: [{uuid}]\nReceiver Signature: [{signature}]");
|
||||
|
||||
return await _envRcvService.VerifyAccessCodeAsync(uuid: uuid, signature: signature, accessCode: access_code).ThenAsync(
|
||||
SuccessAsync: async isVerified =>
|
||||
{
|
||||
EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
|
||||
if (isVerified)
|
||||
//check access code
|
||||
EnvelopeResponse response = await envelopeOldService.LoadEnvelope(envelopeReceiverId);
|
||||
var verification = await _envRcvService.VerifyAccessCodeAsync(uuid: uuid, signature: signature, accessCode: access_code);
|
||||
if (verification.IsFailed)
|
||||
{
|
||||
_logger.LogNotice(verification.Notices);
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return View("EnvelopeLocked")
|
||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||
}
|
||||
else if (verification.IsWrong())
|
||||
{
|
||||
database.Services.actionService.EnterIncorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return View("EnvelopeLocked")
|
||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||
}
|
||||
else
|
||||
{
|
||||
ViewData["EnvelopeKey"] = envelopeReceiverId;
|
||||
}
|
||||
|
||||
//show envelope
|
||||
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||
return await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature).ThenAsync<EnvelopeReceiverDto, IActionResult>(
|
||||
SuccessAsync: async er =>
|
||||
{
|
||||
database.Services.actionService.EnterCorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||
ViewData["EnvelopeKey"] = envelopeReceiverId;
|
||||
if (await _historyService.IsRejected(envelopeId: er.Envelope!.Id))
|
||||
return View("EnvelopeRejected", er);
|
||||
|
||||
return await _envRcvService.ReadByUuidSignatureAsync(uuid: uuid, signature: signature).ThenAsync<EnvelopeReceiverDto, IActionResult>(
|
||||
SuccessAsync: async er =>
|
||||
{
|
||||
if(await _historyService.IsSigned(envelopeId: er.Envelope!.Id, userReference: er.Receiver!.EmailAddress))
|
||||
return View("EnvelopeSigned");
|
||||
if (await _historyService.IsSigned(envelopeId: er.Envelope!.Id, userReference: er.Receiver!.EmailAddress))
|
||||
return View("EnvelopeSigned");
|
||||
|
||||
if (response.Envelope.Documents.Count > 0)
|
||||
{
|
||||
var document = await envelopeOldService.GetDocument(response.Envelope.Documents[0].Id, envelopeReceiverId);
|
||||
byte[] bytes = await envelopeOldService.GetDocumentContents(document);
|
||||
ViewData["DocumentBytes"] = bytes;
|
||||
}
|
||||
else
|
||||
{
|
||||
return this.ViewDocumentNotFound();
|
||||
}
|
||||
if (response.Envelope.Documents.Count > 0)
|
||||
{
|
||||
var document = await envelopeOldService.GetDocument(response.Envelope.Documents[0].Id, envelopeReceiverId);
|
||||
byte[] bytes = await envelopeOldService.GetDocumentContents(document);
|
||||
ViewData["DocumentBytes"] = bytes;
|
||||
}
|
||||
else
|
||||
return this.ViewDocumentNotFound();
|
||||
|
||||
var claims = new List<Claim> {
|
||||
var claims = new List<Claim> {
|
||||
new(ClaimTypes.NameIdentifier, uuid),
|
||||
new(ClaimTypes.Hash, signature),
|
||||
new(ClaimTypes.Name, er.Name ?? string.Empty),
|
||||
new(ClaimTypes.Email, er.Receiver.EmailAddress),
|
||||
new(EnvelopeClaimTypes.Title, er.Envelope.Title)
|
||||
};
|
||||
};
|
||||
|
||||
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
||||
var authProperties = new AuthenticationProperties {
|
||||
AllowRefresh = false,
|
||||
IsPersistent = false
|
||||
};
|
||||
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
||||
var authProperties = new AuthenticationProperties
|
||||
{
|
||||
AllowRefresh = false,
|
||||
IsPersistent = false
|
||||
};
|
||||
|
||||
await HttpContext.SignInAsync(
|
||||
CookieAuthenticationDefaults.AuthenticationScheme,
|
||||
new ClaimsPrincipal(claimsIdentity),
|
||||
authProperties);
|
||||
await HttpContext.SignInAsync(
|
||||
CookieAuthenticationDefaults.AuthenticationScheme,
|
||||
new ClaimsPrincipal(claimsIdentity),
|
||||
authProperties);
|
||||
|
||||
//add PSPDFKit licence key
|
||||
ViewData["PSPDFKitLicenseKey"] = _configuration["PSPDFKitLicenseKey"];
|
||||
ViewData["UserCulture"] = _cultures[UserLanguage];
|
||||
//add PSPDFKit licence key
|
||||
ViewData["PSPDFKitLicenseKey"] = _configuration["PSPDFKitLicenseKey"];
|
||||
ViewData["UserCulture"] = _cultures[UserLanguage];
|
||||
|
||||
return View("ShowEnvelope", er);
|
||||
},
|
||||
Fail: (messages, notices) =>
|
||||
{
|
||||
_logger.LogNotice(notices);
|
||||
return this.ViewEnvelopeNotFound();
|
||||
}
|
||||
);
|
||||
}
|
||||
else
|
||||
return View("ShowEnvelope", er);
|
||||
},
|
||||
Fail: (messages, notices) =>
|
||||
{
|
||||
database.Services.actionService.EnterIncorrectAccessCode(response.Envelope, response.Receiver); //for history
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return View("EnvelopeLocked")
|
||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||
_logger.LogNotice(notices);
|
||||
return this.ViewEnvelopeNotFound();
|
||||
}
|
||||
},
|
||||
Fail: (messages, notices) =>
|
||||
{
|
||||
_logger.LogNotice(notices);
|
||||
Response.StatusCode = StatusCodes.Status401Unauthorized;
|
||||
return View("EnvelopeLocked")
|
||||
.WithData("UserLanguage", UserLanguage ?? _cultures.Default.Language)
|
||||
.WithData("ErrorMessage", _localizer[WebKey.WrongAccessCode].Value);
|
||||
});
|
||||
);
|
||||
}
|
||||
catch(Exception ex)
|
||||
catch (Exception ex)
|
||||
{
|
||||
_logger.LogEnvelopeError(envelopeEeceiverId: envelopeReceiverId, exception: ex);
|
||||
return this.ViewInnerServiceError();
|
||||
|
||||
@ -54,7 +54,7 @@
|
||||
c-5.791,5.79-15.176,5.79-20.969,0l-30.32-30.322l-11.676,11.676l30.32,30.32c5.79,5.79,5.79,15.178,0,20.969L299.11,404.045z"/>
|
||||
</svg>
|
||||
</div>
|
||||
<h1>@_localizer[WebKey.EnvelopeObjectionTitle].TrySanitize(_sanitizer)</h1>
|
||||
<h1>@_localizer[WebKey.RejectionInfo1].TrySanitize(_sanitizer)</h1>
|
||||
</header>
|
||||
<section class="text-center">
|
||||
<div class="card-body p-0 m-0 ms-4">
|
||||
@ -62,8 +62,8 @@
|
||||
<small class="text-body-secondary">
|
||||
@Html.Raw(string.Format(_localizer[WebKey.RejectionInfo2],
|
||||
$"{sender?.Prename} {sender?.Name}".TrySanitize(_sanitizer),
|
||||
sender?.Email.TryEncode(_encoder),
|
||||
envelope?.Title.TryEncode(_encoder)))
|
||||
sender?.Email.TrySanitize(_sanitizer),
|
||||
envelope?.Title.TrySanitize(_sanitizer)))
|
||||
</small>
|
||||
</p>
|
||||
</div>
|
||||
|
||||
@ -28,7 +28,7 @@
|
||||
public static readonly string Reject = nameof(Reject);
|
||||
public static readonly string and = nameof(and);
|
||||
public static readonly string Hello = nameof(Hello);
|
||||
public static readonly string EnvelopeObjectionTitle = nameof(EnvelopeObjectionTitle);
|
||||
public static readonly string RejectionInfo1 = nameof(RejectionInfo1);
|
||||
public static readonly string RejectionInfo2 = nameof(RejectionInfo2);
|
||||
}
|
||||
}
|
||||
@ -28,7 +28,6 @@ $('.btn_reject').click(_ =>
|
||||
if (!result.isConfirmed)
|
||||
return;
|
||||
const res = result.value;
|
||||
console.log(res)
|
||||
if (res.ok) {
|
||||
redirRejected()
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user