public async Task <Response> ResetPassword(string code, string password)
{
var userPasswordRequest = await _changePasswordRepository.GetRequestByCode(code);
if (userPasswordRequest == null || userPasswordRequest?.IsDeleted == true)
{
return(new BusinessConflictErrorResponse(new[]
{
new Error
{
Code = ErrorCodes.Business.PasswordChangeRequestInvalid,
Message = ErrorMessages.Business.PasswordChangeRequestInvalid
}
}));
}
if (userPasswordRequest.User.RoleId != RoleGuid.Admin)
{
return(new ForbiddenErrorResponse());
}
var passwordModel = await _passwordService.CreatePassword(password);
await _usersRepository.SavePassword(userPasswordRequest.UserId, passwordModel.Hash, passwordModel.Salt);
await _changePasswordRepository.ActivateAllRequestsForUser(userPasswordRequest.UserId);
return(new Response());
}
public async Task <Response <UserDTO> > ResetPasswordConfirm(string code, string password)
{
var userPasswordRequest = await _changePasswordRepository.GetRequestByCode(code);
if (userPasswordRequest == null || userPasswordRequest?.IsDeleted == true)
{
return(new BusinessConflictErrorResponse <UserDTO>(new []
{
new Error
{
Code = ErrorCodes.Business.PasswordChangeRequestInvalid,
Message = ErrorMessages.Business.PasswordChangeRequestInvalid
}
}));
}
var passwordModel = await _passwordService.CreatePassword(password);
await _repository.SavePassword(userPasswordRequest.UserId, passwordModel.Hash, passwordModel.Salt);
await _changePasswordRepository.ActivateAllRequestsForUser(userPasswordRequest.UserId);
var user = await _repository.GetById(userPasswordRequest.UserId);
var userDTO = _mapper.Map <UserModel, UserDTO>(user);
return(new Response <UserDTO>
{
Data = userDTO
});
}
