public void ResetPassword(ResetPasswordModel model)
{
// Validate supplied confirmation details
_authenticationValidator.ValidateResetPassword(model);
// Get encrypted password
int saltSize = _authenticationConfigurationService.GetPasswordSaltSize(model.TenantId);
byte[] salt = _securityService.CreateSalt(saltSize);
byte[] saltedHash = _securityService.EncryptPassword(model.Password, salt);
// Get user by reset password token
Token token = _securityService.DeserializeToken(model.ResetPasswordKey);
User user = _userRepository.ReadUserByResetPasswordToken(model.TenantId, token);
// Update password details
user.PasswordSaltedHash = _stringService.GetString(saltedHash);
user.PasswordSalt = _stringService.GetString(salt);
user.ResetPasswordTokenValue = null;
user.ResetPasswordTokenExpiry = null;
user.LockedOut = false;
user.LastPasswordFailure = null;
user.PasswordFailures = 0;
user.PasswordChanged = DateTime.UtcNow;
// Update user in database
_userRepository.UpdateUser(user);
}
