public async Task <IActionResult> PassResetRequestAsync([FromBody] PassResetRequestInput input, [FromRoute] string app = null, [FromQuery] EmailAccount ea = null) { //Note: basically this is a pass reset request, so NO need to inform a potential attacker about exceptions - always return ok! if (input == null) { return(BadRequest()); } try { var requestPassResetOutput = await Auth.RequestPassResetAsync(input.Email); var(emailAccount, emailTemplate) = await GetEmailStuffAsync("pass_reset_request", app); //use custom email account if provided if (ea != null && ea.SeemsComplete()) { emailAccount = ea; } //basically need to send an email the verification key has expired and send a new one var user = await GetDefaultDbContext().Users.FirstOrDefaultAsync(u => u.Email == input.Email); //since got here and email off mbr, user should not be null, but just in a case... if (user == null) { //return BadRequest(); return(Ok()); } //prepare the email template tokens var tokens = new Dictionary <string, object> { { "UserName", $"{user.GetFullUserName()} ({user.Email})" }, { "Email", user.Email }, { "RedirectUrl", this.GetRequestSource(HttpContext).Split('#')[0] }, { "VerificationKey", requestPassResetOutput.VerificationKey } }; //prepare and send the email EmailSender.Send(emailAccount, emailTemplate.Prepare(tokens), user.Email); return(Ok()); } catch //(Exception ex) { //return HandleException(ex); return(Ok()); } }
public async Task <IHttpActionResult> PassResetRequest(PassResetRequestInput input, string appCtx = null) { //Note: basically this is a pass reset request, so NO need to inform a potential attacker about exceptions - always return ok! try { var requestPassResetOutput = await Auth.RequestPassResetAsync(CustomUserAccountService.GetInstance("MapHiveMbr"), input.Email); var dbCtx = new MapHiveDbContext("MapHiveMeta"); var emailStuff = await GetEmailStuffAsync("pass_reset_request", appCtx, dbCtx); //basically need to send an email the verification key has expired and send a new one var user = await dbCtx.Users.Where(u => u.Email == input.Email).FirstOrDefaultAsync(); //since got here and email off mbr, user should not be null, but just in a case... if (user == null) { //return BadRequest(); return(Ok()); } //prepare the email template tokens var tokens = new Dictionary <string, object> { { "UserName", $"{user.GetFullUserName()} ({user.Email})" }, { "Email", user.Email }, { "RedirectUrl", this.GetRequestSource().Split('#')[0] }, { "VerificationKey", requestPassResetOutput.VerificationKey } }; //prepare and send the email EmailSender.Send(emailStuff.Item1, emailStuff.Item2.Prepare(tokens), user.Email); return(Ok()); } catch (Exception ex) { //return HandleException(ex); return(Ok()); } }