public ActionResult FetchSecurityQuestions(string PasswordResetToken)
{
PasswordResetToken token = _resetService.GetToken(PasswordResetToken);
if (token == null)
{
return(new BadRequestObjectResult("Invalid password reset link"));
}
if (token.Attempts >= 3)
{
return(new BadRequestObjectResult("Too many attempts have been attempted with this link, please create a new link."));
}
if (token.DateCreated.AddMinutes(10) > DateTime.UtcNow)
{
return(new BadRequestObjectResult("The password reset link has expired, please create a new link."));
}
var user = _userAccountService.ReadUserFromDBUsingId(token.UserId);
Dictionary <string, string> securityQuestions = new Dictionary <string, string>
{
{ "SecurityQuestion1", user.SecurityQuestion1 },
{ "SecurityQuestion2", user.SecurityQuestion2 },
{ "SecurityQuestion3", user.SecurityQuestion3 }
};
return(new OkObjectResult(JsonConvert.SerializeObject(securityQuestions, Formatting.Indented)));
}
public void GetToken()
{
var user = uas.ReadUserFromDBUsingEmail("*****@*****.**");
List <PasswordResetToken> tokens = rs.GetTokensByUserId(user.UserAccountId).ToList <PasswordResetToken>();
var firstToken = tokens[0];
var retrievedToken = rs.GetToken(firstToken.Token);
Assert.IsNotNull(retrievedToken);
Assert.AreEqual(firstToken, retrievedToken);
}
