public async Task <ActionResult <LoginResult> > RestorePasswordAsync([FromBody] PasswordRestore passwordRestore, [FromHeader] string authorization) { var parts = authorization?.Split(" "); var res = await authService.RestorePassword(passwordRestore, parts[1]); if (res == null) { return(NotFound()); } return(res); }
public async Task <LoginResult> RestorePassword(PasswordRestore passwordRestore, string token) { var tokenInfo = tokenService.GetPrincipalFromExpiredToken(token); var exists = authDataProvider.Users.FirstOrDefault(x => x.Id == passwordRestore.UserId); if (exists == null || exists.Email != tokenInfo.Identity.Name || exists.PasswordHash != cryptService.CreateHash(passwordRestore.PrevPassword)) { return(null); } exists.PasswordHash = cryptService.CreateHash(passwordRestore.Password); var res = await GenerateTokenAndResult(exists); await authDataProvider.SaveChangesAsync(); return(res); }