public async Task <IActionResult> Confirm([FromBody] ConfirmViewModel vm,
CancellationToken cancellationToken)
{
SecurityToken token;
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
var claims =
new JwtSecurityTokenHandler().ValidateToken(vm.JwtTokenString, this._tokenValidationParameters,
out token);
if (!claims.HasClaim("register", "yes"))
{
return(this.BadRequest());
}
var user = await this._users.FindByIdAsync(claims.GetSubjectId(), cancellationToken);
user.Email = claims.Claims.First(c => c.Type == JwtRegisteredClaimNames.Email).Value;
user.EmailVerified = true;
user.UserName = claims.Claims.First(c => c.Type == JwtRegisteredClaimNames.UniqueName).Value;
if (await this._users.CreateAsync(user, nameof(AccountController) + nameof(this.Confirm), cancellationToken) != IdentityResult.Success)
{
return(this.ServerError(new Exception("Create user failed")));
}
return(this.Ok());
}
public async Task <IActionResult> Reset([FromBody] ResetViewModel vm, CancellationToken cancellationToken)
{
SecurityToken token;
JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
var claims =
new JwtSecurityTokenHandler().ValidateToken(vm.JwtTokenString, this._tokenValidationParameters,
out token);
if (!claims.HasClaim("reset_password", "yes") || vm.Password != vm.ConfirmPassword)
{
return(this.BadRequest());
}
var user = await this._users.FindByIdAsync(claims.GetSubjectId(), cancellationToken);
if (await this._users.SetUserPasswordAsync(user, vm.Password, cancellationToken))
{
return(this.Ok());
}
return(this.BadRequest());
}
