public void ConfirmUserSetPassword(ConfirmUserSetPasswordModel model)
{
// Validate supplied confirmation details
_authenticationValidator.ValidateConfirmUserSetPassword(model);
// Get encrypted password
int saltSize = _authenticationConfigurationService.GetPasswordSaltSize(model.TenantId);
byte[] salt = _securityService.CreateSalt(saltSize);
byte[] saltedHash = _securityService.EncryptPassword(model.Password, salt);
// Flag user as confirmed in database and update user's password
Token token = _securityService.DeserializeToken(model.ConfirmKey);
// Get user
User user = _userRepository.ReadUserByConfirmToken(model.TenantId, token);
// Set user details
DateTime passwordChanged = DateTime.UtcNow;
user.Confirmed = true;
user.PasswordSaltedHash = _stringService.GetString(saltedHash);
user.PasswordSalt = _stringService.GetString(salt);
user.ConfirmTokenValue = null;
user.ConfirmTokenExpiry = null;
user.LockedOut = false;
user.LastPasswordFailure = null;
user.PasswordFailures = 0;
user.PasswordChanged = passwordChanged;
// Update user
_userRepository.UpdateUser(user);
}
