public async Task <IActionResult> DemandPasswordReset(DemandPasswordResetModel model)
{
if (model.IsNotValid())
{
model.SetInputModelValues();
return(View(model));
}
var request = new DemandPasswordResetRequest(model.Email);
var response = await OrganizationService.DemandPasswordReset(request);
if (response.Status.IsNotSuccess)
{
return(RedirectToAccessDenied());
}
return(Redirect("/User/DemandPasswordResetDone"));
}
public async Task <DemandPasswordResetResponse> DemandPasswordReset(DemandPasswordResetRequest request)
{
var response = new DemandPasswordResetResponse();
var user = await _userRepository.Select(x => x.Email == request.Email);
if (!user.IsExist())
{
response.SetInvalid();
response.ErrorMessages.Add("user_not_found");
return(response);
}
if (!user.IsActive)
{
response.ErrorMessages.Add("user_is_not_active");
response.Status = ResponseStatus.Invalid;
return(response);
}
if (user.PasswordResetRequestedAt.HasValue &&
user.PasswordResetRequestedAt.Value.AddMinutes(2) < DateTime.UtcNow)
{
response.ErrorMessages.Add("already_requested_password_reset_in_last_two_minutes");
response.Status = ResponseStatus.Invalid;
return(response);
}
user.PasswordResetRequestedAt = DateTime.UtcNow;
user.PasswordResetToken = Guid.NewGuid();
var result = await _userRepository.Update(user.Id, user);
if (result)
{
//todo:send email
response.Status = ResponseStatus.Success;
return(response);
}
response.SetFailed();
return(response);
}
public static DemandPasswordResetRequest GetDemandPasswordResetRequest()
{
var request = new DemandPasswordResetRequest(EmailOne);
return(request);
}
