public async Task <IActionResult> SignIn(SignInRequest request) { var userProfile = await _userProfileReader.GetByEmailAddress(request.EmailAddress); if (userProfile == null) { return(NotFound()); } var passwordValid = PasswordHasher.CompareSecurePassword(request.Password, userProfile.Password); if (!passwordValid) { return(BadRequest("Invalid credentials")); } var authenticationToken = _authenticationTokenProvider.Generate(request.EmailAddress, userProfile.Id.ToString()); var response = new SignInResponse { Token = authenticationToken.Token, Expiration = authenticationToken.ExpirationDateTime }; return(Ok(response)); }
public async Task <IActionResult> SetPassword(ChangePasswordRequest request) { var userProfileId = Convert.ToInt32(User.FindFirst(ClaimTypes.Name)?.Value); var userProfile = await _userProfileReader.GetByUserProfileId(userProfileId); if (userProfile == null) { return(NotFound()); } if (PasswordHasher.CompareSecurePassword(request.NewPassword, userProfile.Password)) { return(BadRequest("The current password supplied is incorrect")); } if (request.NewPassword.Length < 6) { return(BadRequest("The password must be at least six characters")); } var newPasswordHash = PasswordHasher.GenerateSecurePassword(request.NewPassword); await _userProfileWriter.SetPassword(userProfile.Id, newPasswordHash); return(Ok()); }