public async Task <string> GeneratePasswordResetToken(RequestResetForm requestResetForm)
{
var token = TokenHelper.Generate(5, 100);
var user = await _appDbContext.Users.Where(u => u.EMail == requestResetForm.EMail).FirstOrDefaultAsync();
if (user == null)
{
return(null);
}
user.PasswordResetToken = token;
_appDbContext.Users.Update(user);
await _appDbContext.SaveChangesAsync();
return(token);
}
public async Task <IActionResult> RequestReset([FromBody] RequestResetForm requestResetForm)
{
if (!ModelState.IsValid)
{
return(BadRequest(new { message = "Validation Failed" }));
}
var token = await _userService.GeneratePasswordResetToken(requestResetForm);
if (token == null)
{
return(BadRequest(new { message = "Unable to request password reset" }));
}
var user = await _userRepository.GetUserByEmailAsync(requestResetForm.EMail);
var userId = user.Id;
var url = $"{this.Request.Scheme}://{this.Request.Host}/set-new-password?userId={userId}&resetToken={token}";
var mail = new Mail()
{
ToMail = requestResetForm.EMail,
ToName = user.FirstName + " " + user.LastName,
Subject = "PCServ Password Reset",
HtmlBody = $"Click <a href=\"{url}\">here</a> to reset password",
Body = $"Enter this url {url} to reset password",
};
var sentStatus = _mailService.Send(mail);
if (sentStatus == false)
{
return(BadRequest(new { message = "Unable to send password reset link" }));
}
return(Ok(new { message = "Reset link was send to email" }));
}
