private void SetMailTemplate(IResetUserPasswordCommand command, User user, UserPasswordResetRequest request) { command.MailTemplate.FirstName = user.FirstName; command.MailTemplate.LastName = user.LastName; command.MailTemplate.UserPasswordResetRequestId = request.UserPasswordResetRequestId; command.MailTemplate.Token = request.Token; }
private void UpdatePasswordAndSetComplete(UserPasswordResetRequest request, CompleteUserPasswordResetCommand command, IExecutionContext executionContext) { var user = request.User; user.RequirePasswordChange = false; user.LastPasswordChangeDate = executionContext.ExecutionDate; var hashResult = _passwordCryptographyService.CreateHash(command.NewPassword); user.Password = hashResult.Hash; user.PasswordEncryptionVersion = hashResult.HashVersion; request.IsComplete = true; }
public async Task <bool> ResetPassword(int id, UserPasswordResetRequest request) { var resetPassUrl = $"{Properties.Settings.Default.APIUrl}/{_route}/{id}/resetPassword"; var result = await resetPassUrl.WithOAuthBearerToken(Token).PutJsonAsync(request); if (result.IsSuccessStatusCode) { return(true); } return(false); }
private UserPasswordResetRequest CreateRequest(IExecutionContext executionContext, User user) { var connectionInfo = _clientConnectionService.GetConnectionInfo(); var request = new UserPasswordResetRequest(); request.User = user; request.UserPasswordResetRequestId = Guid.NewGuid(); request.CreateDate = executionContext.ExecutionDate; request.IPAddress = connectionInfo.IPAddress; request.Token = _securityTokenGenerationService.Generate(); _dbContext.UserPasswordResetRequests.Add(request); return(request); }
public async Task <IActionResult> ResetPassword(int id, [FromBody] UserPasswordResetRequest data) { IActionResult response; var passwordReset = await _userService.ResetPassword(id, data.NewPassword, data.Token); if (passwordReset) { response = Ok(new { Message = "Password changed Succesfully." }); } else { response = BadRequest(new { Message = "Error. Passwords Mismatch." }); } return(response); }
private PasswordResetRequestAuthenticationResult ValidatePasswordRequest(UserPasswordResetRequest request, ValidatePasswordResetRequestQuery query, IExecutionContext executionContext) { if (request == null || request.Token != query.Token) { throw new InvalidPasswordResetRequestException(query, "Invalid password request - Id: " + query.UserPasswordResetRequestId + " Token: " + query.Token); } if (request.User.UserAreaCode != query.UserAreaCode) { throw new InvalidPasswordResetRequestException(query, "Request received through an invalid route (incorrect user area)"); } if (request.User.IsDeleted || request.User.IsSystemAccount) { throw new InvalidPasswordResetRequestException(query, "User not permitted to change password"); } var userArea = _userAreaRepository.GetByCode(request.User.UserAreaCode); if (!userArea.AllowPasswordLogin) { throw new InvalidPasswordResetRequestException(query, "Cannot update the password to account in a user area that does not allow password logins."); } var result = new PasswordResetRequestAuthenticationResult(); result.IsValid = true; if (request.IsComplete) { result.IsValid = false; result.ValidationErrorMessage = "The password recovery request is no longer valid."; } if (!IsPasswordRecoveryDateValid(request.CreateDate, executionContext)) { result.IsValid = false; result.ValidationErrorMessage = "The password recovery request has expired."; } return(result); }
private void UpdatePasswordAndSetComplete(UserPasswordResetRequest request, CompleteUserPasswordResetCommand command, IExecutionContext executionContext) { _passwordUpdateCommandHelper.UpdatePassword(command.NewPassword, request.User, executionContext); request.IsComplete = true; }