public IActionResult OnGet(string code = null) { if (code == null) { return(BadRequest("A code must be supplied for password reset.")); } else { Input = new ResetUserPasswordSpec { Code = code }; return(Page()); } }
public async Task ResetUserPasswordAsync(ResetUserPasswordSpec resetUserPasswordSpec) { resetUserPasswordSpec.Email = ProcessEmail(resetUserPasswordSpec.Email); resetUserPasswordSpec.Password = ProcessPassword(resetUserPasswordSpec.Password); resetUserPasswordSpec.PasswordConfirmation = ProcessPasswordConfirmation(resetUserPasswordSpec.Password, resetUserPasswordSpec.PasswordConfirmation); try { using (var transaction = await _identityDbContext.Database.BeginTransactionAsync().ConfigureAwait(false)) { var user = await _userManager.FindByEmailAsync(resetUserPasswordSpec.Email).ConfigureAwait(false); if (user == null) { // Don't reveal that the user does not exist return; } var result = await _userManager.ResetPasswordAsync(user, resetUserPasswordSpec.Code, resetUserPasswordSpec.Password).ConfigureAwait(false); if (result.Succeeded) { await _identityDbContext.SaveChangesAsync().ConfigureAwait(false); transaction.Commit(); } else { HandleIdentityError(result.Errors); } } } catch (ApiException e) { throw e; } catch (Exception e) { _logger.LogError($"Error when resetting user password: {e}"); throw new InternalServerErrorApiException(); } }