public async Task dataprotectortokenprovider_should_be_able_to_validate_given_token()
{
var id = new AggregateId();
var purpose = "purpose";
var securityStamp = new Guid().ToString();
var generatedToken = await _dataProtectorTokenProvider.GenerateAsync(purpose, id, securityStamp);
var result = await _dataProtectorTokenProvider.ValidateAsync(purpose, generatedToken, id, securityStamp);
result.Should().BeTrue();
}
public async Task HandleAsync(ResetPassword command)
{
var user = await _userRepository.GetAsync(command.UserId);
if (user is null)
{
throw new UserNotFoundException(command.UserId);
}
var token = await _dataProtector.ValidateAsync(Purpose, command.Token, user.Id, user.SecurityStamp);
if (token == false)
{
throw new InvalidTokenException(command.UserId);
}
var password = _passwordService.Hash(command.Password);
user.SetPassword(password);
await _userRepository.UpdateAsync(user);
_logger.LogInformation("Updated password for the user with id: {user.Id}.");
}
