public async Task dataprotectortokenprovider_should_be_able_to_validate_given_token() { var id = new AggregateId(); var purpose = "purpose"; var securityStamp = new Guid().ToString(); var generatedToken = await _dataProtectorTokenProvider.GenerateAsync(purpose, id, securityStamp); var result = await _dataProtectorTokenProvider.ValidateAsync(purpose, generatedToken, id, securityStamp); result.Should().BeTrue(); }
public async Task HandleAsync(ResetPassword command) { var user = await _userRepository.GetAsync(command.UserId); if (user is null) { throw new UserNotFoundException(command.UserId); } var token = await _dataProtector.ValidateAsync(Purpose, command.Token, user.Id, user.SecurityStamp); if (token == false) { throw new InvalidTokenException(command.UserId); } var password = _passwordService.Hash(command.Password); user.SetPassword(password); await _userRepository.UpdateAsync(user); _logger.LogInformation("Updated password for the user with id: {user.Id}."); }