public ActionResult FetchSecurityQuestions(string PasswordResetToken) { PasswordResetToken token = _resetService.GetToken(PasswordResetToken); if (token == null) { return(new BadRequestObjectResult("Invalid password reset link")); } if (token.Attempts >= 3) { return(new BadRequestObjectResult("Too many attempts have been attempted with this link, please create a new link.")); } if (token.DateCreated.AddMinutes(10) > DateTime.UtcNow) { return(new BadRequestObjectResult("The password reset link has expired, please create a new link.")); } var user = _userAccountService.ReadUserFromDBUsingId(token.UserId); Dictionary <string, string> securityQuestions = new Dictionary <string, string> { { "SecurityQuestion1", user.SecurityQuestion1 }, { "SecurityQuestion2", user.SecurityQuestion2 }, { "SecurityQuestion3", user.SecurityQuestion3 } }; return(new OkObjectResult(JsonConvert.SerializeObject(securityQuestions, Formatting.Indented))); }
public void GetToken() { var user = uas.ReadUserFromDBUsingEmail("*****@*****.**"); List <PasswordResetToken> tokens = rs.GetTokensByUserId(user.UserAccountId).ToList <PasswordResetToken>(); var firstToken = tokens[0]; var retrievedToken = rs.GetToken(firstToken.Token); Assert.IsNotNull(retrievedToken); Assert.AreEqual(firstToken, retrievedToken); }