public async Task <ResetPasswordResponse> Handle(ResetUserPasswordRequest request, CancellationToken cancellationToken)
{
var resetRequest = await _loginContext.ResetPasswordRequests.SingleOrDefaultAsync(r => r.Id == request.RequestId && r.IsComplete == false && r.ValidUntil > SystemTime.UtcNow(), cancellationToken : cancellationToken);
var userResponse = await _userService.ResetPassword(resetRequest.Email, request.Password, resetRequest.IdentityToken);
if (userResponse.Result != IdentityResult.Success)
{
_loginContext.UserLogs.Add(new UserLog()
{
Id = GuidGenerator.NewGuid(),
Action = "New password",
Email = userResponse.User.Email,
DateTime = SystemTime.UtcNow(),
Result = "Password invalid"
});
await _loginContext.SaveChangesAsync(cancellationToken);
return(new ResetPasswordResponse()
{
IsSuccessful = false
});
}
_loginContext.UserLogs.Add(new UserLog()
{
Id = GuidGenerator.NewGuid(),
Action = "New password",
Email = userResponse.User.Email,
DateTime = SystemTime.UtcNow(),
Result = "Password changed"
});
resetRequest.IsComplete = true;
await _loginContext.SaveChangesAsync(cancellationToken);
var client = await _loginContext.Clients.SingleOrDefaultAsync(c => c.Id == request.ClientId, cancellationToken);
var user = await _userService.FindByEmail(resetRequest.Email);
await _emailService.SendPasswordReset(new PasswordResetEmailViewModel()
{
Subject = "Password has been reset",
TemplateId = client.ServiceDetails.EmailTemplates.Single(t => t.Name == "LoginPasswordWasReset").TemplateId,
Contact = user.GivenName,
EmailAddress = resetRequest.Email,
ServiceName = client.ServiceDetails.ServiceName,
ServiceTeam = client.ServiceDetails.ServiceTeam,
LoginLink = client.ServiceDetails.PostPasswordResetReturnUrl
});
return(new ResetPasswordResponse()
{
IsSuccessful = true, ClientId = request.ClientId, ReturnUrl = client.ServiceDetails.PostPasswordResetReturnUrl
});
}
public async Task <Unit> Handle(RequestPasswordResetRequest request, CancellationToken cancellationToken)
{
var client = await _loginContext.Clients.SingleOrDefaultAsync(c => c.Id == request.ClientId, cancellationToken);
var loginUser = await _userService.FindByEmail(request.Email);
if (loginUser == null)
{
_loginContext.UserLogs.Add(new UserLog()
{
Id = GuidGenerator.NewGuid(),
Action = "Request reset password link",
Email = request.Email,
DateTime = SystemTime.UtcNow(),
Result = "Sent no account email"
});
await _loginContext.SaveChangesAsync(cancellationToken);
await _emailService.SendResetNoAccountPassword(new PasswordResetNoAccountEmailViewModel()
{
EmailAddress = request.Email,
LoginLink = client.ServiceDetails.PostPasswordResetReturnUrl,
Subject = "Password request received",
TemplateId = client.ServiceDetails.EmailTemplates.Single(t => t.Name == "PasswordResetNoAccount").TemplateId,
ServiceName = client.ServiceDetails.ServiceName,
ServiceTeam = client.ServiceDetails.ServiceTeam
});
return(Unit.Value);
}
await ClearOutAnyPreviousStillValidRequests(request.Email);
var identityToken = await _userService.GeneratePasswordResetToken(loginUser);
var resetPasswordRequest = await SavePasswordRequest(request, cancellationToken, identityToken);
var resetUri = new Uri(new Uri(_loginConfig.BaseUrl), $"NewPassword/{request.ClientId}/{resetPasswordRequest.Id}");
await _emailService.SendResetPassword(new ResetPasswordEmailViewModel()
{
Contact = loginUser.GivenName,
EmailAddress = request.Email,
LoginLink = resetUri.ToString(),
ServiceName = client.ServiceDetails.ServiceName,
ServiceTeam = client.ServiceDetails.ServiceTeam,
Subject = "Password reset",
TemplateId = client.ServiceDetails.EmailTemplates.Single(t => t.Name == "PasswordReset").TemplateId
});
_loginContext.UserLogs.Add(new UserLog()
{
Id = GuidGenerator.NewGuid(),
Action = "Request reset password link",
Email = request.Email,
DateTime = SystemTime.UtcNow(),
Result = "Sent reset password email"
});
await _loginContext.SaveChangesAsync(cancellationToken);
return(Unit.Value);
}