public async Task SendForgotPasswordMail(API.Request.ValidEmail email)
{
var user = await _context.Users.
Include(x => x.EmailTokens).
FirstOrDefaultAsync(x =>
x.Email == email.Email &&
!x.EmailTokens.Any(y => y.TokenType == DaoEmailToken.Type.Validation));
if (user != null)
{
using (var transaction = _context.Database.BeginTransaction()){
try{
var emailToken = new DaoEmailToken()
{
TokenType = DaoEmailToken.Type.Password,
ExpirationDate = _timeService.UtcNow.AddDays(1),
Token = _random.RandomString(40),
User = user
};
await _context.EmailTokens.AddAsync(emailToken);
if (await _context.SaveChangesAsync() != 1)
{
throw new Exceptions.DatabaseException("token_not_saved");
}
await _emailService.SendMailAsync(MimeKit.Text.TextFormat.Text, user.DisplayName, email.Email, "Elfelejtett jelszó", $"Jelszó megváltoztatásához kattintson ide: {_uriConf.URIForEndUsers}/reset?token={emailToken.Token}");
transaction.Commit();
}
catch {
transaction.Rollback();
// Eat all exceptions, User cannot know if this was successfull only for debug
#if DEBUG
throw;
#endif
}
}
}
else
{
// Don't handle, user can't know failure
#if DEBUG
throw new Exceptions.ResourceNotFoundException("user");
#endif
}
}
public async Task <ActionResult> ForgotPassword([FromBody] API.Request.ValidEmail email)
{
await UserService.SendForgotPasswordMail(email);
return(Ok());
}
