public async Task <IActionResult> Index(ConfirmPasswordViewModel viewModel) { var resetPasswordData = TempData.Peek <ResetPasswordData>() !; var hashIsValid = await passwordResetService.EmailAndResetPasswordHashAreValidAsync( resetPasswordData.Email, resetPasswordData.ResetPasswordHash, ResetPasswordHelpers.ResetPasswordHashExpiryTime ); if (!hashIsValid) { TempData.Clear(); return(RedirectToAction("Error")); } if (!ModelState.IsValid) { return(View(viewModel)); } await passwordResetService.InvalidateResetPasswordForEmailAsync(resetPasswordData.Email); await passwordService.ChangePasswordAsync(resetPasswordData.Email, viewModel.Password !); TempData.Clear(); return(View("Success")); }
public async Task Post_to_index_should_invalidate_reset_hash_if_model_and_hash_valid() { // Given A.CallTo( () => passwordResetService.EmailAndResetPasswordHashAreValidAsync( "email", "hash", ResetPasswordHelpers.ResetPasswordHashExpiryTime ) ) .Returns(true); unauthenticatedController.TempData.Set(new ResetPasswordData("email", "hash")); // When await unauthenticatedController.Index( new ConfirmPasswordViewModel { Password = "******", ConfirmPassword = "******" } ); // Then A.CallTo(() => passwordResetService.InvalidateResetPasswordForEmailAsync("email")) .MustHaveHappenedOnceExactly(); }