public void ResetPasswordService_ResetPassword_WhenValidCallsSetPasswordOnTheAuthorisationService()
{
var guid = Guid.NewGuid();
var user = new User
{
ResetPasswordExpiry = CurrentRequestData.Now.AddDays(1),
ResetPasswordGuid = guid,
Email = "*****@*****.**"
};
A.CallTo(() => _userLookup.GetUserByEmail("*****@*****.**")).Returns(user);
const string password = "******";
A.CallTo(() => _passwordManagementService.ValidatePassword(password, password)).Returns(true);
_resetPasswordService.ResetPassword(new ResetPasswordViewModel(guid, user)
{
Password = password,
ConfirmPassword = password,
Email = "*****@*****.**"
});
A.CallTo(() => _passwordManagementService.SetPassword(user, password, password)).MustHaveHappened();
}
public void ResetPassword(ResetPasswordViewModel model)
{
User user = _userLookup.GetUserByEmail(model.Email);
if (user.ResetPasswordGuid == model.Id && user.ResetPasswordExpiry > CurrentRequestData.Now &&
_passwordManagementService.ValidatePassword(model.Password, model.ConfirmPassword))
{
_passwordManagementService.SetPassword(user, model.Password, model.ConfirmPassword);
user.ResetPasswordExpiry = null;
user.ResetPasswordGuid = null;
_userManagementService.SaveUser(user);
}
else
{
throw new InvalidOperationException("Unable to reset password, resend forgotten password email");
}
}