Example #1
0
        public async Task <IActionResult> RequestToken(PasswordResetTokenRequest request)
        {
            var userProfile = await _userProfileReader.GetByEmailAddress(request.EmailAddress);

            if (userProfile == null)
            {
                await _emailMessenger.SendAsync(request.EmailAddress, "Shine: Failed Password Reset Request", "Hello from Shine, somebody tried to request a password reset for an account held by your email address, however we do not have an account on record for you. If you attempted the request, please try an alternative email address or create an account. If you didn't attempt the reqest, don't worry - we don't have any data relating to this email address");
            }
            else
            {
                var currentDateTime = DateTime.UtcNow;

                var token = await _tokenWriter.Add(new Tables.UserProfileToken
                {
                    UserProfileId  = userProfile.Id,
                    TokenType      = Enums.UserProfileTokenType.PasswordReset,
                    Token          = Guid.NewGuid().ToString(),
                    ExpirationTime = currentDateTime.AddDays(365),
                    DateCreated    = currentDateTime,
                });

                await _emailMessenger.SendAsync(userProfile.EmailAddress, "Shine: Password Reset", $"Hello from Shine, you told us that you wanted to reset the password for your account, click here to change your password, {token}");
            }

            return(Ok());
        }
Example #2
0
        public async Task <IActionResult> Create(CreateUserProfileRequest request)
        {
            var existingUserProfile = await _userProfileReader.GetByEmailAddress(request.EmailAddress);

            if (existingUserProfile != null)
            {
                return(BadRequest("Email address already in use"));
            }

            var userProfileId = await _userProfileWriter.Add(request.EmailAddress, PasswordHasher.GenerateSecurePassword(request.Password), request.GivenName, request.FamilyName, request.ProfilePicturePath);

            return(Ok(userProfileId));
        }
Example #3
0
        public async Task <IActionResult> SignIn(SignInRequest request)
        {
            var userProfile = await _userProfileReader.GetByEmailAddress(request.EmailAddress);

            if (userProfile == null)
            {
                return(NotFound());
            }

            var passwordValid = PasswordHasher.CompareSecurePassword(request.Password, userProfile.Password);

            if (!passwordValid)
            {
                return(BadRequest("Invalid credentials"));
            }

            var authenticationToken = _authenticationTokenProvider.Generate(request.EmailAddress, userProfile.Id.ToString());

            var response = new SignInResponse
            {
                Token      = authenticationToken.Token,
                Expiration = authenticationToken.ExpirationDateTime
            };

            return(Ok(response));
        }