public IActionResult ForgotPassword(ForgotPasswordModel forgotPasswordModel) { UserDAO userDAO = new UserDAO(_connection); User user = userDAO.FindUserByEmail(forgotPasswordModel.Email); if (ModelState.IsValid) { if (user != null) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Email, user.Email.ToString()) }), Expires = DateTime.UtcNow.AddMinutes(10), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); auxResetToken = tokenString; PasswordLost.NewPasswordRequest(forgotPasswordModel.Email, tokenString); auxEmail = forgotPasswordModel.Email; return(Ok(new SuccessExceptionModel("Email enviado com sucesso!"))); } } return(BadRequest(new ErrorExceptionModel("Email não encontrado!"))); }
public void CanUserRecoverPasswordTest() { IUserDAO <User> UserDAO = new UserDAO(_connection); User testUser = new User(); testUser.Email = "*****@*****.**"; testUser.Password = "******"; testUser.FirstName = "Samuel"; testUser.LastName = "Cunha"; testUser.Localization = "Travessa de Figueiredo 44, 4620-784, Torno, Portugal"; testUser.Image = "imagePath"; User returnedUser = UserDAO.Create(testUser); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes("RQj!O9+Sq|D8XjYa|}kgnk|}ZaQUso)EMF48Fx1~0n~^~%]n|O{NqH(&5RqXbx7"); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Email, testUser.Email.ToString()) }), Expires = DateTime.UtcNow.AddMinutes(10), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); String auxResetToken = tokenString; PasswordLost.NewPasswordRequest("*****@*****.**", auxResetToken); LoginDAO loginDAO = new LoginDAO(_connection); RecoverPasswordModel recoverPassword = new RecoverPasswordModel(); recoverPassword.Email = "*****@*****.**"; recoverPassword.Password = "******"; recoverPassword.ConfirmPassword = "******"; recoverPassword.Token = tokenString; Assert.True(loginDAO.RecoverPassword(recoverPassword, returnedUser.Email)); _fixture.Dispose(); }