public async Task <ResponseBase> ResetPassword([FromBody] RequestResetPasswordRequest request)
{
var userByMail = await UserManager.FindByEmailAsync(request.Email)
?? throw ResponseStatusCode.UserNotFound.ToApiException();
var token = await UserManager.GeneratePasswordResetTokenAsync(userByMail);
await emailSender.SendResetPasswordEmail(request.Email, request.RedirectUrl, token);
return(ResponseBase.OK);
}
public async Task <bool> SendResetPasswordEmail(RequestResetPasswordRequest data)
{
var user = await _userRepo.GetByEmailAsync(data.Email);
if (user == null)
{
return(true);
}
var token = await _userRepo.GeneratePasswordResetTokenAsync(user.Id);
return(true);
}
public async Task <IActionResult> RequestPasswordReset([FromBody] RequestResetPasswordRequest data)
{
var user = await _userService.FindByEmail(data);
if (user == null)
{
return(Ok(true));
}
await _userService.SendResetPasswordEmail(data);
return(Ok(true));
}
public ActionResult PasswordReset(PasswordReset model)
{
if (ModelState.IsValid)
{
string connection = ConfigurationManager.AppSettings["InternalAPIURL"];
var appAccessToken = WebUtils.GetVaultSecret("AppConnectionKey");
RequestResetPasswordRequest resetRequest = new RequestResetPasswordRequest(connection, appAccessToken, model.Email);
RequestResetPasswordResponse resetResponse = resetRequest.Send();
//always act like success - don't want people fishing for email addresses
TempData["Success"] = "An email was sent to the email address provided. Please follow the instructions to reset your password.";
return(RedirectToAction("Login", "Account"));
}
else
{
return(View(model));
}
}
public void ForgotPasswordRequest()
{
RequestResetPasswordRequest request = new RequestResetPasswordRequest(connection, testToken, "*****@*****.**");
KeyVaultClient KeyVault;
try
{
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var _token = azureServiceTokenProvider.GetAccessTokenAsync("https://vault.azure.net").Result;
KeyVault = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
}
catch (Exception e)
{
throw e;
}
var bundle = KeyVault.GetSecretAsync("https://pr-kv-uks-dev.vault.azure.net/secrets/AppConnectionKey").Result;
request.AppAccessToken = bundle.Value;
RequestResetPasswordResponse response = request.Send();
Assert.AreEqual(response.StatusCode, System.Net.HttpStatusCode.OK);
}
public async Task <UserResponse> FindByEmail(RequestResetPasswordRequest data)
{
return(_mapper.Map <UserResponse>(await _userRepo.GetByEmailAsync(data.Email)));
}
public async Task <User> FindByEmail(RequestResetPasswordRequest data)
{
return(await _userRepo.GetByEmailAsync(data.Email));
}
