public async Task <ResetPasswordResponse> Handle(ResetUserPasswordRequest request, CancellationToken cancellationToken) { var resetRequest = await _loginContext.ResetPasswordRequests.SingleOrDefaultAsync(r => r.Id == request.RequestId && r.IsComplete == false && r.ValidUntil > SystemTime.UtcNow(), cancellationToken : cancellationToken); var userResponse = await _userService.ResetPassword(resetRequest.Email, request.Password, resetRequest.IdentityToken); if (userResponse.Result != IdentityResult.Success) { _loginContext.UserLogs.Add(new UserLog() { Id = GuidGenerator.NewGuid(), Action = "New password", Email = userResponse.User.Email, DateTime = SystemTime.UtcNow(), Result = "Password invalid" }); await _loginContext.SaveChangesAsync(cancellationToken); return(new ResetPasswordResponse() { IsSuccessful = false }); } _loginContext.UserLogs.Add(new UserLog() { Id = GuidGenerator.NewGuid(), Action = "New password", Email = userResponse.User.Email, DateTime = SystemTime.UtcNow(), Result = "Password changed" }); resetRequest.IsComplete = true; await _loginContext.SaveChangesAsync(cancellationToken); var client = await _loginContext.Clients.SingleOrDefaultAsync(c => c.Id == request.ClientId, cancellationToken); var user = await _userService.FindByEmail(resetRequest.Email); await _emailService.SendPasswordReset(new PasswordResetEmailViewModel() { Subject = "Password has been reset", TemplateId = client.ServiceDetails.EmailTemplates.Single(t => t.Name == "LoginPasswordWasReset").TemplateId, Contact = user.GivenName, EmailAddress = resetRequest.Email, ServiceName = client.ServiceDetails.ServiceName, ServiceTeam = client.ServiceDetails.ServiceTeam, LoginLink = client.ServiceDetails.PostPasswordResetReturnUrl }); return(new ResetPasswordResponse() { IsSuccessful = true, ClientId = request.ClientId, ReturnUrl = client.ServiceDetails.PostPasswordResetReturnUrl }); }
public async Task <Unit> Handle(RequestPasswordResetRequest request, CancellationToken cancellationToken) { var client = await _loginContext.Clients.SingleOrDefaultAsync(c => c.Id == request.ClientId, cancellationToken); var loginUser = await _userService.FindByEmail(request.Email); if (loginUser == null) { _loginContext.UserLogs.Add(new UserLog() { Id = GuidGenerator.NewGuid(), Action = "Request reset password link", Email = request.Email, DateTime = SystemTime.UtcNow(), Result = "Sent no account email" }); await _loginContext.SaveChangesAsync(cancellationToken); await _emailService.SendResetNoAccountPassword(new PasswordResetNoAccountEmailViewModel() { EmailAddress = request.Email, LoginLink = client.ServiceDetails.PostPasswordResetReturnUrl, Subject = "Password request received", TemplateId = client.ServiceDetails.EmailTemplates.Single(t => t.Name == "PasswordResetNoAccount").TemplateId, ServiceName = client.ServiceDetails.ServiceName, ServiceTeam = client.ServiceDetails.ServiceTeam }); return(Unit.Value); } await ClearOutAnyPreviousStillValidRequests(request.Email); var identityToken = await _userService.GeneratePasswordResetToken(loginUser); var resetPasswordRequest = await SavePasswordRequest(request, cancellationToken, identityToken); var resetUri = new Uri(new Uri(_loginConfig.BaseUrl), $"NewPassword/{request.ClientId}/{resetPasswordRequest.Id}"); await _emailService.SendResetPassword(new ResetPasswordEmailViewModel() { Contact = loginUser.GivenName, EmailAddress = request.Email, LoginLink = resetUri.ToString(), ServiceName = client.ServiceDetails.ServiceName, ServiceTeam = client.ServiceDetails.ServiceTeam, Subject = "Password reset", TemplateId = client.ServiceDetails.EmailTemplates.Single(t => t.Name == "PasswordReset").TemplateId }); _loginContext.UserLogs.Add(new UserLog() { Id = GuidGenerator.NewGuid(), Action = "Request reset password link", Email = request.Email, DateTime = SystemTime.UtcNow(), Result = "Sent reset password email" }); await _loginContext.SaveChangesAsync(cancellationToken); return(Unit.Value); }