public async Task <IActionResult> ChangePassword(ResetPasswordRequest request) { var token = await _tokenReader.Get(request.Token, Enums.UserProfileTokenType.PasswordReset); if (token == null || token.DateUsed.HasValue || token.ExpirationTime < DateTime.UtcNow) { return(NotFound()); } var userProfile = await _userProfileReader.GetByEmailAddress(request.EmailAddress); if (userProfile == null) { return(BadRequest("Unable to identify profile")); } if (token.UserProfileId != userProfile.Id) { return(BadRequest("Unable to change password for this profile")); } if (string.IsNullOrEmpty(request.Password)) { return(BadRequest("Please enter a valid password")); } await _tokenWriter.Use(token); await _userProfileWriter.SetPassword(userProfile.Id, PasswordHasher.GenerateSecurePassword(request.Password)); return(Ok()); }
public async Task <IActionResult> SetPassword(ChangePasswordRequest request) { var userProfileId = Convert.ToInt32(User.FindFirst(ClaimTypes.Name)?.Value); var userProfile = await _userProfileReader.GetByUserProfileId(userProfileId); if (userProfile == null) { return(NotFound()); } if (PasswordHasher.CompareSecurePassword(request.NewPassword, userProfile.Password)) { return(BadRequest("The current password supplied is incorrect")); } if (request.NewPassword.Length < 6) { return(BadRequest("The password must be at least six characters")); } var newPasswordHash = PasswordHasher.GenerateSecurePassword(request.NewPassword); await _userProfileWriter.SetPassword(userProfile.Id, newPasswordHash); return(Ok()); }
public async Task <IActionResult> Create(CreateUserProfileRequest request) { var existingUserProfile = await _userProfileReader.GetByEmailAddress(request.EmailAddress); if (existingUserProfile != null) { return(BadRequest("Email address already in use")); } var userProfileId = await _userProfileWriter.Add(request.EmailAddress, PasswordHasher.GenerateSecurePassword(request.Password), request.GivenName, request.FamilyName, request.ProfilePicturePath); return(Ok(userProfileId)); }