public async Task <IActionResult> ChangePasswordWithToken(TokenResetViewModel model)
{
var result = await _recovery.ChangePasswordWithToken(model);
if (result is null)
{
return(Ok());
}
return(BadRequest(result));
}
public async Task <IEnumerable <IdentityError> > ChangePasswordWithToken(TokenResetViewModel model)
{
var user = await _userManager.FindByIdAsync(model.UserId);
if (user is null)
{
return(new List <IdentityError>
{
new IdentityError {
Code = "IncorrectUser", Description = $"User {model.UserId} does not exist."
}
});
}
if (await _userManager.CheckPasswordAsync(user, model.Password))
{
return(new List <IdentityError>
{
new IdentityError {
Code = "OldNewPassword", Description = $"This password is currently used on this account"
}
});
}
var result = await _userManager.ResetPasswordAsync(user, model.Token, model.Password);
if (result.Succeeded)
{
if (model.SignOutOfAll)
{
var sessions = _sessionContext.Where(s => s.UserId == int.Parse(model.UserId) && s.Fingerprint != model.Fingerprint).ToList();
_sessionContext.RemoveRange(sessions);
await _context.SaveChangesAsync();
}
return(null);
}
return(result.Errors);
}
