public void Post(SetNewPasswordRequest request)
{
var userFromToken = Db.Single <UserAuth>(q => q.RecoveryToken == request.Token);
userFromToken.Throw404NotFoundIfNull("Token not found.");
var userAuth = (UserAuth)userAuthRepository.GetUserAuthByUserName(userFromToken.Email);
var userAuthUpdate = (UserAuth)userAuthRepository.GetUserAuthByUserName(userFromToken.Email);
userAuthUpdate.RecoveryToken = null;
userAuthRepository.UpdateUserAuth(userAuth, userAuthUpdate, request.Password);
}
public async Task <IActionResult> SetNewPassword([FromRoute] string id, [FromBody] SetNewPasswordRequest request)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Result result = await _manageUserService.SetNewPassword(id, request, GetUserId());
if (result.Failure)
{
ModelState.AddErrors(result.Errors);
return(BadRequest(ModelState));
}
return(Ok(new EmptyResult()));
}
public async Task SetNewPassword(SetNewPasswordRequest request)
{
if (request?.Code == null)
{
throw new AuthException("No code provided");
}
IdentityResult passwordValidationResult = await ValidatePassword(request.NewPassword);
if (!passwordValidationResult.Succeeded)
{
throw new AuthException(passwordValidationResult.Errors);
}
User user = await _userManager.Users.FirstOrDefaultAsync(x => x.Id == request.UserId);
if (user == null)
{
throw new AuthException("Incorrect user ID ");
}
bool isEmailTokenValid = await _userManager.VerifyUserTokenAsync(
user,
_userManager.Options.Tokens.PasswordResetTokenProvider,
UserManager <User> .ResetPasswordTokenPurpose,
request.Code);
if (!isEmailTokenValid)
{
throw new AuthException("Incorrect code", $"Email token is not valid for user {user}");
}
await _userManager.RemovePasswordAsync(user);
IdentityResult passwordResult = await _userManager.AddPasswordAsync(user, request.NewPassword);
if (!passwordResult.Succeeded)
{
throw new AuthException(passwordResult.Errors);
}
}
public async Task <Result> SetNewPassword(string userId, SetNewPasswordRequest setNewPasswordRequest, string adminId)
{
ValidationResult validationResult = _setNewPasswordValidator.Validate(setNewPasswordRequest);
if (!validationResult.IsValid)
{
_logger.LogError($"Invlid SetNewPasswordRequest. Admin {adminId}");
return(Result.Fail(ResultUtils.ToResultError(validationResult.Errors)));
}
AppUserEntity appUser = await _userManager.FindByIdAsync(userId);
if (appUser == null)
{
_logger.LogError($"No User with id {userId}. Admin {adminId}");
return(Result.Fail("no_user", "No User"));
}
_logger.LogInformation($"Seting new password for with id {userId}. Admin id {adminId}");
string passwordResetToken = await _userManager.GeneratePasswordResetTokenAsync(appUser);
IdentityResult changePasswordResult = await _userManager.ResetPasswordAsync(appUser, passwordResetToken, setNewPasswordRequest.Password);
if (!changePasswordResult.Succeeded)
{
_logger.LogError($"Faild to reset password. UserId {appUser.Id}, admin {adminId}");
return(Result.Fail(changePasswordResult.Errors));
}
Result logoutUserResult = await _sessionService.LogoutUser(new Auth.Session.Models.LogoutUserSessionsRequest(appUser.Id), adminId);
if (logoutUserResult.Failure)
{
return(logoutUserResult);
}
_logger.LogInformation($"Added new password to user with id {userId}. Admin id {adminId}");
return(Result.Ok());
}
public async Task SetNewPassword(SetNewPasswordRequest request)
{
await _authService.SetNewPassword(request);
}
