Exemple #1
0
        public async Task <IActionResult> SignIn(SignInRequest request)
        {
            var userProfile = await _userProfileReader.GetByEmailAddress(request.EmailAddress);

            if (userProfile == null)
            {
                return(NotFound());
            }

            var passwordValid = PasswordHasher.CompareSecurePassword(request.Password, userProfile.Password);

            if (!passwordValid)
            {
                return(BadRequest("Invalid credentials"));
            }

            var authenticationToken = _authenticationTokenProvider.Generate(request.EmailAddress, userProfile.Id.ToString());

            var response = new SignInResponse
            {
                Token      = authenticationToken.Token,
                Expiration = authenticationToken.ExpirationDateTime
            };

            return(Ok(response));
        }
Exemple #2
0
        public async Task <IActionResult> SetPassword(ChangePasswordRequest request)
        {
            var userProfileId = Convert.ToInt32(User.FindFirst(ClaimTypes.Name)?.Value);
            var userProfile   = await _userProfileReader.GetByUserProfileId(userProfileId);

            if (userProfile == null)
            {
                return(NotFound());
            }

            if (PasswordHasher.CompareSecurePassword(request.NewPassword, userProfile.Password))
            {
                return(BadRequest("The current password supplied is incorrect"));
            }

            if (request.NewPassword.Length < 6)
            {
                return(BadRequest("The password must be at least six characters"));
            }

            var newPasswordHash = PasswordHasher.GenerateSecurePassword(request.NewPassword);

            await _userProfileWriter.SetPassword(userProfile.Id, newPasswordHash);

            return(Ok());
        }