/// <summary>
/// Resets <paramref name="passwordResetDTO"/>.UserName's password with <paramref name="passwordResetDTO"/>.NewPassword, if <paramref name="passwordResetDTO"/>.TokenString is valid.
/// </summary>
/// <param name="passwordResetDTO"></param>
/// <returns></returns>
public async Task <IdentityResult> ResetPasswordAsync(PasswordResetDTO passwordResetDTO)
{
var user = await _userRepository.GetFirstOrDefaultAsync(a => a.UserName == _userName).ConfigureAwait(false);
user.ThrowIfParameterIsNull("IdentityInvalidUserName");
return(await _userManager.ResetPasswordAsync(user, passwordResetDTO.TokenString, passwordResetDTO.NewPassword).ConfigureAwait(false));
}
public async Task <IActionResult> PasswordReset([FromBody] PasswordResetDTO dto)
{
try
{
await _loginService.ResetPassword(dto.Token, dto.Password);
return(Ok());
}
catch (UnknownTokenException)
{
return(Unauthorized(new
{
Reason = "invalid-token"
}));
}
}
public async Task <IActionResult> PasswordResetHook([FromBody] PasswordResetDTO dto)
{
if (!ModelState.IsValid)
{
return(BadRequest("Invalid email" + ModelState.ToString()));
}
IdentityExpressUser identityExpressUser = await _userManager.FindByEmailAsync(dto.Email);
string resetToken = await _userManager.GeneratePasswordResetTokenAsync(identityExpressUser);
string emailHost = _configuration.GetValue <string>("smtp_host");
string emailPort = _configuration.GetValue <string>("smtp_port");
string smtpUsername = _configuration.GetValue <string>("smtp_username");
string smtpPassword = _configuration.GetValue <string>("smtp_password");
string origin = _configuration.GetValue <string>("Public_Origin");
int port = 587;
int.TryParse(emailPort, out port);
string senderEmail = _configuration.GetValue <string>("Email_Host");
string senderName = _configuration.GetValue <string>("Sender_Name");
MailMessage message = new MailMessage();
message.IsBodyHtml = true;
message.From = new MailAddress(senderEmail, senderName);
message.To.Add(new MailAddress(dto.Email));
message.Subject = "Password reset";
string urlEncodedEmail = HttpUtility.UrlEncode(identityExpressUser.Email);
string urlEncodedToken = HttpUtility.UrlEncode(resetToken);
message.Body = "<h1>IdentityServer Password Reset</h1>" +
"<p>Plese reset you password using the following link:</p>" +
"<p><a href='" + origin + "/Account/PasswordReset?email=" + urlEncodedEmail + "&token=" + urlEncodedToken + "'>resetToken</a></p>";
Console.WriteLine(resetToken);
Console.WriteLine(urlEncodedToken);
using (var client = new SmtpClient(emailHost, port))
{
client.Credentials = new NetworkCredential(smtpUsername, smtpPassword);
client.EnableSsl = true;
client.Send(message);
}
return(Ok());
}
public async Task <IActionResult> UpdatePassword([FromBody] PasswordResetDTO passwordResetDTO)
{
try
{
var response = await _identityService.ResetPassword(passwordResetDTO.Token, passwordResetDTO.NewPassword, passwordResetDTO.Email);
return(Ok(response));
}
catch (Exception ex)
{
var resetResult = new ResetRequestResultDTO
{
Status = "failed",
ResponseMessage = ex.Message,
ResponseCode = "01"
};
return(StatusCode(500, resetResult));
}
}
public async Task <IActionResult> PostPasswordReset([FromBody] PasswordResetDTO model)
{
try
{
if (await repo.ResetPassword(model.UserName, model.Password, model.Code))
{
var login = await repo.PostLogin(model.UserName, model.Password);
var token = await repo.GetJWTToken(model.UserName);
return(StatusCode(StatusCodes.Status200OK, new LoginViewModel()
{
User = login, Token = token
}));
}
return(StatusCode(StatusCodes.Status200OK, null));
}
catch (System.Exception ex)
{
return(StatusCode(StatusCodes.Status400BadRequest, ex.Message));
}
}
public async Task <IActionResult> ResetPassword([FromBody] PasswordResetDTO resetViewModel)
{
try
{
if (!ModelState.IsValid)
{
_logger.LogTrace("Password reset failed due to missing parameters.");
return(BadRequest("Invalid request."));
}
if (!resetViewModel.Password.Equals(resetViewModel.ConfirmPassword, StringComparison.Ordinal))
{
return(BadRequest("Passwords do not match."));
}
var user = await _unitOfWork.UserManager.FindByIdAsync(resetViewModel.UserId).ConfigureAwait(false);
if (user == null)
{
_logger.LogWarning("Password reset attempted with invalid user details.");
return(StatusCode(500, "Password reset unsuccessful."));
}
var token = Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(resetViewModel.Token));
var result = await _unitOfWork.UserManager.ResetPasswordAsync(user, token, resetViewModel.Password).ConfigureAwait(false);
if (!result.Succeeded)
{
return(BadRequest("Password reset failed: validation token not valid."));
}
_logger.LogInformation($"{user.UserName} successfully reset their password.");
try
{
await RevokeAllActiveUserRefreshCookiesAsync(user).ConfigureAwait(false);
_logger.LogInformation($"Revoked active refresh tokens for {user.UserName}.");
}
catch (InvalidOperationException ex)
{
_logger.LogError(ex, "Exception thrown attempting to modify refresh tokens in database.");
}
catch (DbUpdateConcurrencyException ex)
{
_logger.LogError(ex, "Exception thrown attempting to modify refresh tokens in database.");
}
InvalidateRefreshCookieInBrowser();
var emailData = new UsernameTemplate()
{
Username = user.UserName
};
var emailResponse = await _emailSender
.SendEmailAsync(user.Email, _config["SendGrid:Templates:PasswordChanged"], EmailFrom.Account, emailData)
.ConfigureAwait(false);
if (emailResponse.StatusCode != System.Net.HttpStatusCode.Accepted)
{
_logger.LogError($"SendGrid failed to send password change notification to {user.UserName}.");
}
else
{
_logger.LogInformation($"Password change email dispatched to {user.UserName}.");
}
return(NoContent());
}
catch (DbUpdateConcurrencyException ex)
{
_logger.LogError(ex, "Exception thrown attempting to save new refresh token to database.");
return(StatusCode(500, "Password reset unsuccessful."));
}
catch (Exception ex)
{
_logger.LogError(ex, "Exception thrown attempting to reset password.");
return(StatusCode(500, "Password reset unsuccessful."));
}
}
public async Task <IActionResult> ResetPasswordAsync([FromBody] PasswordResetDTO passwordResetDTO)
=> await _accountService.ResetPasswordAsync(passwordResetDTO).ConfigureAwait(false).GetActivityResponseAsync(_sharedLocalizer["PasswordResetSuccessfull"],
_sharedLocalizer["AccountActivityErrorMessage"]).ConfigureAwait(false);
