protected internal abstract void RemovePasswordResetSecret(PasswordResetSecret item);
public virtual void AddPasswordResetSecret(Guid accountID, string password, string question, string answer) { Tracing.Information("[UserAccountService.AddPasswordResetSecret] called: {0}", accountID); if (String.IsNullOrWhiteSpace(password)) { Tracing.Error("[UserAccountService.AddPasswordResetSecret] failed -- null oldPassword"); throw new ValidationException(Resources.ValidationMessages.InvalidPassword); } if (String.IsNullOrWhiteSpace(question)) { Tracing.Error("[UserAccountService.AddPasswordResetSecret] failed -- null question"); throw new ValidationException(Resources.ValidationMessages.SecretQuestionRequired); } if (String.IsNullOrWhiteSpace(answer)) { Tracing.Error("[UserAccountService.AddPasswordResetSecret] failed -- null answer"); throw new ValidationException(Resources.ValidationMessages.SecretAnswerRequired); } var account = this.GetByID(accountID); if (account == null) throw new ArgumentException("Invalid AccountID"); if (!Authenticate(account, password, AuthenticationPurpose.VerifyPassword)) { Tracing.Error("[UserAccountService.AddPasswordResetSecret] failed -- failed authN"); throw new ValidationException(Resources.ValidationMessages.InvalidPassword); } if (account.PasswordResetSecrets.Any(x=>x.Question == question)) { Tracing.Error("[UserAccountService.AddPasswordResetSecret] failed -- question already exists"); throw new ValidationException(Resources.ValidationMessages.SecretQuestionAlreadyInUse); } var secret = new PasswordResetSecret { ID = Guid.NewGuid(), Question = question, Answer = CryptoHelper.Hash(answer) }; account.PasswordResetSecrets.Add(secret); account.AddEvent(new PasswordResetSecretAddedEvent { Account = account, Secret = secret }); Update(account); }