// TODO: 是否有必要移动到ProfileService /// <summary> /// 重置用户密码 /// </summary> /// <param name="passwordReset"></param> /// <returns></returns> public virtual async Task ResetPasswordAsync(PasswordResetDto passwordReset) { // 本来可以不需要的,令牌算法有一个有效期 // 不过这里采用令牌强制过期策略,避免一个令牌多次使用 var phoneVerifyCacheKey = NormalizeCacheKey(passwordReset.PhoneNumber); var phoneVerifyCacheItem = await Cache.GetAsync(phoneVerifyCacheKey); if (phoneVerifyCacheItem == null || !phoneVerifyCacheItem.VerifyCode.Equals(passwordReset.VerifyCode)) { throw new UserFriendlyException(L["PhoneVerifyCodeInvalid"]); } var userId = await GetUserIdByPhoneNumberAsync(passwordReset.PhoneNumber); var user = await UserManager.GetByIdAsync(userId); (await UserManager.ResetPasswordAsync(user, phoneVerifyCacheItem.VerifyToken, passwordReset.NewPassword)).CheckErrors(); await Cache.RemoveAsync(phoneVerifyCacheKey); }
public virtual async Task ResetPasswordAsync(PasswordResetDto passwordReset) { await AccountAppService.ResetPasswordAsync(passwordReset); }