public async Task Should_Reset_Password() { var testUser = await CreateAndGetTestUserAsync(); var token = await LoginAndGetTokenAsync(testUser.UserName, "123qwe"); var input = new ForgotPasswordInput { UserNameOrEmail = testUser.Email }; var requestMessage = new HttpRequestMessage(HttpMethod.Post, "/api/forgotPassword"); requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); requestMessage.Content = input.ToStringContent(Encoding.UTF8, "application/json"); var response = await TestServer.CreateClient().SendAsync(requestMessage); var result = await response.Content.ReadAsAsync <ForgotPasswordOutput>(); var inputResetPassword = new ResetPasswordInput { UserNameOrEmail = testUser.Email, Token = result.ResetToken, Password = "******" }; var requestMessageResetPassword = new HttpRequestMessage(HttpMethod.Post, "/api/resetPassword"); requestMessageResetPassword.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token); requestMessageResetPassword.Content = inputResetPassword.ToStringContent(Encoding.UTF8, "application/json"); var responseResetPassword = await TestServer.CreateClient().SendAsync(requestMessageResetPassword); Assert.Equal(HttpStatusCode.OK, responseResetPassword.StatusCode); }
public async Task <IActionResult> ForgotSend(ForgotPasswordInput Input) { if (ModelState.IsValid) { var user = await _userManager.FindByEmailAsync(Input.Email); if (user == null || !(await _userManager.IsEmailConfirmedAsync(user))) { // Don't reveal that the user does not exist or is not confirmed return(View("ForgotPasswordConfirmation")); } // For more information on how to enable account confirmation and password reset please // visit https://go.microsoft.com/fwlink/?LinkID=532713 var code = await _userManager.GeneratePasswordResetTokenAsync(user); code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code)); var callbackUrl = Url.Action("ResetPassword", "Account", new { code = code }, Request.Scheme); await _emailSender.SendEmailAsync( Input.Email, "Reset Password", $"Please reset your password by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>."); return(View("ForgotPasswordConfirmation")); } return(View("ResetPasswordFail")); }
public async Task <IActionResult> ForgotPassword([FromBody] ForgotPasswordInput input) { if (ModelState.IsValid) { var user = await _userManager.FindByEmailAsync(input.Email); if (user == null || !(await _userManager.IsEmailConfirmedAsync(user))) { // Don't reveal that the user does not exist or is not confirmed return(Ok(new RedirectResponse() { Pathname = "/Account/ForgotPasswordConfirmation" })); } // For more information on how to enable account confirmation and password reset please // visit https://go.microsoft.com/fwlink/?LinkID=532713 var code = await _userManager.GeneratePasswordResetTokenAsync(user); code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code)); var callbackUrl = $"/Account/ResetPassword?code={code}"; await _emailSender.SendEmailAsync( input.Email, "Reset Password", $"Please reset your password by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>."); return(Ok(new RedirectResponse() { Pathname = "/Account/ForgotPasswordConfirmation" })); } return(Ok(ModelState)); }
public async Task <ActionResult> ForgotPassword([FromBody] ForgotPasswordInput input) { var user = await FindUserByUserNameOrEmail(input.UserNameOrEmail); if (user == null) { return(BadRequest(new List <NameValueDto> { new NameValueDto("UserNotFound", "User is not found!") })); } var resetToken = await _userManager.GeneratePasswordResetTokenAsync(user); var callbackUrl = _configuration["App:ClientUrl"] + "/account/reset-password?token=" + resetToken; var message = new MailMessage( from: _configuration["Email:Smtp:Username"], to: "*****@*****.**", subject: "Reset your password", body: $"Please confirm your account by clicking this link: <a href='{callbackUrl}'>link</a>" ); message.IsBodyHtml = true; await _smtpClient.SendMailAsync(message); return(Ok()); }
public async Task <IActionResult> UpdatePassword([FromBody] ForgotPasswordInput input) { var forgotPasswordInfo = await ForgotPasswordInfoRepository .FirstOrDefaultAsync(f => f.Hash == input.Hash && f.ExpirationTime >= DateTime.Now); if (forgotPasswordInfo == null || forgotPasswordInfo.Hash != input.Hash) { return(NoContent()); } var user = await UserRepository.FindAsync(forgotPasswordInfo.UserId); if (user == null) { return(NoContent()); } PasswordManager.CreatePasswordSaltAndHash(input.Password, out var passwordSalt, out var passwordHash); user.PasswordSalt = passwordSalt; user.PasswordHash = passwordHash; UserRepository.Update(user); ForgotPasswordInfoRepository.Remove(forgotPasswordInfo); await _userContext.SaveChangesAsync(); return(Ok()); }
public async Task <bool> ForgotPassword([FromBody] ForgotPasswordInput passwordInput) { var user = UserRepository.FirstOrDefault(u => u.NormalizedEmail == Strings.ToUpperCase(passwordInput.Email)); if (user == null) { return(false); } if (await ForgotPasswordInfoRepository.AnyAsync(f => f.UserId == user.Id)) { var infosToDelete = await ForgotPasswordInfoRepository.Where(f => f.UserId == user.Id).ToListAsync(); ForgotPasswordInfoRepository.RemoveRange(infosToDelete); await _userContext.SaveChangesAsync(); } var forgotPasswordInfo = new ForgotPasswordInfo { ExpirationTime = DateTime.Now.AddHours(48), // 2 dias UserId = user.Id, Hash = Guid.NewGuid().ToString() }; await ForgotPasswordInfoRepository.AddAsync(forgotPasswordInfo); await _userContext.SaveChangesAsync(); dynamic templateArgs = new JObject(); templateArgs.PasswordHash = forgotPasswordInfo.Hash; EmailTemplate template = _mailTemplateService.GetTemplate("welcome", templateArgs); var request = new MailRequest { ToEmail = passwordInput.Email, Subject = template.Subject, Body = template.Body }; try { await _mailService.SendEmailAsync(request); return(true); } catch { return(false); } }
public ForgotPasswordOutput ForgotPassword(ForgotPasswordInput input) { try { RestHTTP http = new RestHTTP(); RestRequest req = new RestRequest("api/accounts/ForgotPassword", RestSharp.Method.POST); req.AddHeader("Content-Type", "application/json"); req.AddJsonBody(input); ForgotPasswordOutput response = http.HttpPost <ForgotPasswordOutput>(req); return(response); } catch (Exception ex) { WriteLogFile.Append("ForgotPassword : "); WriteLogFile.Append(ex.Message); WriteLogFile.Append(ex.StackTrace); } return(null); }
public async Task <ActionResult <ForgotPasswordOutput> > ForgotPassword([FromBody] ForgotPasswordInput input) { var user = await _authenticationAppService.FindUserByUserNameOrEmailAsync(input.UserNameOrEmail); if (user == null) { return(NotFound("User is not found!")); // TODO: Make these messages static object } var resetToken = await _authenticationAppService.GeneratePasswordResetTokenAsync(user); var callbackUrl = $"{_configuration[AppConfig.App_ClientUrl]}/account/reset-password?token={HttpUtility.UrlEncode(resetToken)}"; var subject = "Reset your password."; var message = $"Please reset your password by clicking this link: <a href='{callbackUrl}'>{callbackUrl}</a>"; //await _emailSender.SendEmailAsync(user.Email, subject, message); return(Ok(new ForgotPasswordOutput { ResetToken = resetToken })); }
public async Task <ActionResult <ForgotPasswordOutput> > ForgotPassword([FromBody] ForgotPasswordInput input) { var user = await FindUserByUserNameOrEmail(input.UserNameOrEmail); if (user == null) { return(NotFound(new List <NameValueDto> { new NameValueDto("UserNotFound", "User is not found!") })); } var resetToken = await _userManager.GeneratePasswordResetTokenAsync(user); var callbackUrl = _configuration["App:ClientUrl"] + "/account/reset-password?token=" + resetToken; var message = new MailMessage( @from: _configuration["Email:Smtp:Username"], to: user.Email, subject: "Reset your password", body: $"Please confirm your account by clicking this link: <a href='{callbackUrl}'>link</a>" ); message.IsBodyHtml = true; #if !DEBUG await _smtpClient.SendMailAsync(message); #endif _logger.LogInformation(Environment.NewLine + Environment.NewLine + "******************* Reset Password Link *******************" + Environment.NewLine + Environment.NewLine + callbackUrl + Environment.NewLine + Environment.NewLine + "***********************************************************" + Environment.NewLine); return(Ok(new ForgotPasswordOutput { ResetToken = resetToken })); }
public IHttpActionResult ForgotPassword(ForgotPasswordInput input) { Init(); ForgotPasswordOutput output = _authSvc.ForgotPassword(input); return Ok(output); }