public User CompleteInfoToConfirmVerify(UserForRecoveryVerifyDto userForRecoveryVerifyDto, User user)
{
user.RecoveryKey = "";
user.RecoveryDate = new DateTime();
byte[] passwordHash, passwordSalt;
CreatePasswordHash(userForRecoveryVerifyDto.Password, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
return(user);
}
public async Task <IActionResult> VerifyRecovery(UserForRecoveryVerifyDto userForRecoveryVerifyDto)
{
try
{
var userToVerifyExist = _mapper.Map <UserForRegisterDto>(userForRecoveryVerifyDto);
var userFound = await _repo.UserExists(userToVerifyExist);
if (userFound == null)
{
return(BadRequest("user_does_not_exist"));
}
var userToVerifyKey = await _mainRepo.GetUser(userForRecoveryVerifyDto.Email);
if (userForRecoveryVerifyDto.VerifyKey == "")
{
return(BadRequest("key_does_not_valid"));
}
if (userForRecoveryVerifyDto.VerifyKey != userToVerifyKey.RecoveryKey)
{
return(BadRequest("key_does_not_valid"));
}
if (userToVerifyKey.RecoveryDate < DateTime.Now)
{
return(BadRequest("key_does_not_valid"));
}
var userToUpdate = _repo.CompleteInfoToConfirmVerify(userForRecoveryVerifyDto, userToVerifyKey);
var updatedUser = await _userRepo.UpdateUser(userToUpdate);
var person = await _personRepo.GetPerson(updatedUser.Id);
RecoveryKeyEmail recoveryKeyEmail = new RecoveryKeyEmail(updatedUser.Email, person.Name, person.LastName, "");
await _mailService.SendConfirmationRecoveryEmailAsync(recoveryKeyEmail);
var user = _mapper.Map <UserForDetailedDto>(updatedUser);
var rolsAssigned = await _repo.GetRolsPerUser(user.Id);
var rolsAssignedToList = _mapper.Map <List <RolsToListDto> >(rolsAssigned);
var tokenDescriptor = _repo.CreateToken(updatedUser, rolsAssigned);
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHandler.WriteToken(token),
user,
rolsAssignedToList
}));
}
catch (Exception ex)
{
_logger.LogError(ex.Message);
return(BadRequest("verify_recovery_failed"));
}
}
