public async Task <IActionResult> ResetPassword([FromBody] RecoveryCredential credential)
{
var errors = credential.Validate();
var user = await Context.Users.FindAsync(credential.Id);
if (user == null)
{
errors.Add("El usuario en el token no existe");
}
if (errors.Any())
{
return(BadRequest(errors));
}
var keyBuilder = new PasswordRecoveryKeyBuilder(user);
var jwtDecodeErrors = TokenStore.IsTokenValid(credential.Token, keyBuilder);
if (jwtDecodeErrors.Count > 0)
{
return(BadRequest(jwtDecodeErrors));
}
user.Password = PasswordEncrypter.Encrypt(credential.Password);
Context.Users.Update(user);
await Context.SaveChangesAsync();
return(Ok());
}
public void test_01_recovery_credential_is_valid()
{
var dto = new RecoveryCredential
{
Id = 1, Password = "******", Token = "token", ConfirmedPassword = "******"
};
var noErrors = dto.Validate();
noErrors.Should().BeEmpty();
}
public void test_05_recovery_credential_without_token_is_not_valid()
{
var dto = new RecoveryCredential {
Id = 1, Password = "******", ConfirmedPassword = "******"
};
var errors = dto.Validate();
errors.Should().NotBeEmpty();
errors.Count.Should().Be(1);
}
public void test_06_recovery_credential_without_matching_passwords_is_not_valid()
{
var dto = new RecoveryCredential
{
Id = 1, Password = "******", Token = "token", ConfirmedPassword = "******"
};
var errors = dto.Validate();
errors.Should().NotBeEmpty();
errors.Count.Should().Be(1);
}