public async Task <IActionResult> PasswordRecover(string email, int userId)
{
User userModel = await _userRepository.GetUserByAccount(userId);
if (userModel.Status.ToLower() == Constrants.USER_STATUS_ACTIVE)
{
if (userModel.Id != userId)
{
return(Unauthorized());
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Email, userModel.Email)
}),
Expires = DateTime.UtcNow.AddMinutes(5),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
bool isUpdated = _share.SendEmail(_share.GetConfigKey("EmailFrom"), email, "Trojantrading Password Reset", string.Format("Click url below to reset password:\r\n\r\n{0}", "http://localhost:56410/recover/" + tokenString));
// return basic user info and token to store client side
return(Ok(new UserResponse
{
UserId = userModel.Id,
UserName = userModel.Account,
Token = tokenString
}));
}
else
{
return(Ok(new UserResponse
{
UserName = "",
Token = ""
}));
}
}
