public async Task SendPasswordReset(UserAuthRequest request)
{
var user = await Services.DoWithDB(db => db.Users.Where(u => u.Email == request.Email).FirstOr404());
var nonce = await updateNonce(user);
await Email.SendEmail(user.Email, "Reset your password", "password_reset.html",
new Dictionary <string, string> {
{ "link_target", $"{{{{baseURL}}}}/login?reset={nonce}" }
});
}
public Task <string> auth(UserAuthRequest request)
{
if (request?.Email == null || request?.Password == null)
{
return(null);
}
return(Services.DoWithDB(async db =>
{
var user = await UserLookup(db, request.Email).FirstOrDefaultAsync();
if (user == null || !PasswordStorage.VerifyPassword(request.Password, user.Hash))
{
throw new HTTPError("Invalid user/pass", 401);
}
return Auth.GenerateToken(user);
}));
}