public IActionResult UpdatePassword([FromBody] MUpdatePassword updatePassword)
{
if (updatePassword.Password.Length < 6)
{
return(BadRequest(ResponseContent.Create(null, HttpStatusCode.BadRequest, "A senha deve conter ao menos 6 caracteres!")));
}
var passwordRecovery = _uRecoveryPassword.GetByToken(updatePassword.Token);
if (passwordRecovery == null)
{
return(StatusCode((int)HttpStatusCode.Unauthorized, ResponseContent.Create(null, HttpStatusCode.Unauthorized, "Essa solicitação não existe!")));
}
if (DateTime.Now > passwordRecovery.ExpirationDate || !passwordRecovery.Active)
{
return(StatusCode((int)HttpStatusCode.Unauthorized, ResponseContent.Create(null, HttpStatusCode.Unauthorized, "Essa solicitação já expirou!")));
}
var newPerson = passwordRecovery.Person;
newPerson.Password = updatePassword.Password.Sha256Hash();
_bPerson.Update(newPerson);
passwordRecovery.RecoveryDate = DateTime.Now;
passwordRecovery.Active = false;
_bPasswordRecovery.Update(passwordRecovery);
_bHistory.SaveHistory(newPerson.Id, "Usuário alterou a senha através da recuperação de senhas");
return(Ok(ResponseContent.Create(null, HttpStatusCode.OK, "Senha alterada com sucesso!")));
}
public void TestUpdatePasswordNaoConsigoAlterarASenhaDeUmTokenInvalido()
{
var token = "token inválido para recuperar a senha";
var passwordRecovery = new PasswordRecovery
{
ExpirationDate = DateTime.Now,
CancelationDate = DateTime.Now,
Person = _context.Person.Find(1),
Token = token,
RequestDate = DateTime.Now,
Active = false,
};
_context.PasswordRecovery.Add(passwordRecovery);
_context.SaveChanges();
var updatePassword = new MUpdatePassword
{
Token = token,
Password = "******"
};
var res = _controller.UpdatePassword(updatePassword) as ObjectResult;
Assert.NotNull(res);
Assert.Equal((int)HttpStatusCode.Unauthorized, res.StatusCode);
Assert.Equal("Essa solicitação já expirou!", ((MResponseContent)res.Value).message);
}
public void TestUpdatePasswordNaoConsigoAlterarASenhaComSenhaInvalida()
{
var token = "token válido para senha inválida";
var passwordRecovery = new PasswordRecovery
{
ExpirationDate = DateTime.Now.AddDays(1),
Person = _context.Person.Find(1),
Token = token,
RequestDate = DateTime.Now,
Active = true,
};
_context.PasswordRecovery.Add(passwordRecovery);
_context.SaveChanges();
var updatePassword = new MUpdatePassword
{
Token = token,
Password = "******"
};
var res = _controller.UpdatePassword(updatePassword) as ObjectResult;
Assert.NotNull(res);
Assert.Equal((int)HttpStatusCode.BadRequest, res.StatusCode);
Assert.Equal("A senha deve conter ao menos 6 caracteres!", ((MResponseContent)res.Value).message);
}
public void TestUpdatePasswordConsigoAtualizarMinhaSenha()
{
var token = "token válido para senha";
var passwordRecovery = new PasswordRecovery
{
ExpirationDate = DateTime.Now.AddDays(1),
Person = _context.Person.Find(1),
Token = token,
RequestDate = DateTime.Now,
Active = true,
};
_context.PasswordRecovery.Add(passwordRecovery);
_context.SaveChanges();
var updatePassword = new MUpdatePassword
{
Token = token,
Password = "******"
};
var res = _controller.UpdatePassword(updatePassword) as ObjectResult;
Assert.NotNull(res);
Assert.Equal((int)HttpStatusCode.OK, res.StatusCode);
Assert.Equal("Senha alterada com sucesso!", ((MResponseContent)res.Value).message);
}
public void TestUpdatePasswordNaoConsigoAlterarASenhaDeUmTokenNaoExistente()
{
var token = "token não existente para alterar a senha";
var updatePassword = new MUpdatePassword
{
Token = token,
Password = "******"
};
var res = _controller.UpdatePassword(updatePassword) as ObjectResult;
Assert.NotNull(res);
Assert.Equal((int)HttpStatusCode.Unauthorized, res.StatusCode);
Assert.Equal("Essa solicitação não existe!", ((MResponseContent)res.Value).message);
}