public async Task <IActionResult> ResetPasswordWhileLoggedIn(PasswordForResetDto passwordForReset)
{
string userId = User.FindFirst(ClaimTypes.NameIdentifier).Value;
var user = await _userManager.FindByIdAsync(userId);
if (passwordForReset.Password != passwordForReset.ConfirmPassword)
{
return(BadRequest("Passwords must be the same"));
}
if (await _userManager.CheckPasswordAsync(user, passwordForReset.OldPassword) == false)
{
return(BadRequest("Old password does not match"));
}
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var result = await _userManager.ResetPasswordAsync(user, token, passwordForReset.Password);
if (result.Succeeded)
{
_logger.LogInfo(user.Id, $"Passwor has been changed for user: {user.UserName}");
return(Ok(new { message = "Password has been changed" }));
}
_logger.LogWarning(user.Id, $"Error occured during passoword reset for user: {user.UserName}");
return(BadRequest("Something went wrong"));
}
public async Task <IActionResult> Disable2fa()
{
var user = await _userManager.GetUserAsync(User);
if (user == null)
{
return(BadRequest($"Unable to load user with ID '{_userManager.GetUserId(User)}'."));
}
var disable2faResult = await _userManager.SetTwoFactorEnabledAsync(user, false);
if (!disable2faResult.Succeeded)
{
return(BadRequest($"Unexpected error occured disabling 2FA for user with ID '{user.Id}'."));
}
_logger.LogInfo($"User {user.UserName} with has disabled 2fa.");
return(Ok(new { Message = "disabled" }));
}
