public async Task <IActionResult> RestorePasswordBase([FromBody] RestoreApiModel model)
{
var validator = new RestoreValidator(_recaptcha, _resourceManager);
var validResult = validator.Validate(model);
if (!validResult.IsValid)
{
return(BadRequest(new MessageApiModel()
{
Message = validResult.ToString()
}));
}
var result = await _accountService.RestorePasswordBaseAsync(model);
return(Ok(result));
}
public async Task <TokenApiModel> RestorePasswordBaseAsync(RestoreApiModel model)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
throw new BadRequestException(_resourceManager.GetString("UserDoesNotExist"));
}
if (user != null && user.IsDeleted == true)
{
throw new UserIsDeletedException(_resourceManager.GetString("UserIsDeleted"));
}
var restoreResult = await _userManager.ResetPasswordAsync(user, model.Token, model.NewPassword);
if (!restoreResult.Succeeded)
{
throw new BadRequestException(restoreResult.Errors.First().Description);
}
var loginResult = await _signInManager.PasswordSignInAsync(user, model.NewPassword, false, false);
if (!loginResult.Succeeded)
{
throw new BadRequestException(_resourceManager.GetString("LoginOrPasswordInvalid"));
}
var token = _jwtService.CreateToken(_jwtService.SetClaims(user));
var refreshToken = _jwtService.CreateRefreshToken();
await _userRepository.UpdateUserTokenAsync(user.Id, refreshToken);
await _signInManager.SignInAsync(user, isPersistent : false);
return(new TokenApiModel {
Token = token, RefreshToken = refreshToken
});
}