public async Task <CredentialsUpdateResponse> ChangePasswordAsync([FromBody] CredentialsUpdateRequest request)
{
var credentials = await _customerCredentialsService.GetAsync(request.Login);
if (credentials == null)
{
_log.Info("Customer credentials do not exist", request.Login.SanitizeEmail());
return(new CredentialsUpdateResponse {
Error = CredentialsError.LoginNotFound
});
}
await _customerCredentialsService.UpdatePasswordAsync(
request.Login,
request.Password);
return(new CredentialsUpdateResponse());
}
public async Task <PasswordResetErrorCodes> PasswordResetAsync(string customerEmail, string identifier,
string newPassword)
{
var credentials = await _customerCredentialsService.GetAsync(customerEmail);
if (credentials == null)
{
_log.Info("Customer credentials do not exist", customerEmail.SanitizeEmail());
return(PasswordResetErrorCodes.CustomerDoesNotExist);
}
var activeIdentifier = await _passwordResetRepository.GetIdentifierAsync(credentials.CustomerId);
if (activeIdentifier == null)
{
return(PasswordResetErrorCodes.ThereIsNoIdentifierForThisCustomer);
}
if (activeIdentifier.ExpiresAt < DateTime.UtcNow)
{
return(PasswordResetErrorCodes.ProvidedIdentifierHasExpired);
}
if (activeIdentifier.Identifier != identifier)
{
return(PasswordResetErrorCodes.IdentifierMismatch);
}
var updateTask = _customerCredentialsService.UpdatePasswordAsync(customerEmail, newPassword);
var cleanUpTask = ClearAllCallRecordsAsync(credentials.CustomerId);
await Task.WhenAll(updateTask, cleanUpTask);
await _passwordResetRepository.RemoveAsync(credentials.CustomerId);
_log.Info($"Successfully reset the password for {credentials.CustomerId}");
return(PasswordResetErrorCodes.None);
}