Exemplo n.º 1
0
        protected override async Task <bool> PostJsonAsync(IOwinEnvironment context, IClient client, ContentType bodyContentType, CancellationToken cancellationToken)
        {
            var model = await PostBodyParser.ToModel <ChangePasswordPostModel>(context, bodyContentType, _logger, cancellationToken);

            var application = await client.GetApplicationAsync(_configuration.Application.Href, cancellationToken);

            var account = await application.VerifyPasswordResetTokenAsync(model.SpToken, cancellationToken);

            // Errors are caught in AbstractRouteMiddleware

            var preChangePasswordContext = new PreChangePasswordContext(context, account);
            await _handlers.PreChangePasswordHandler(preChangePasswordContext, cancellationToken);

            await application.ResetPasswordAsync(model.SpToken, model.Password, cancellationToken);

            var postChangePasswordContext = new PostChangePasswordContext(context, account);
            await _handlers.PostChangePasswordHandler(postChangePasswordContext, cancellationToken);

            // TODO autologin

            return(await JsonResponse.Ok(context));
        }
Exemplo n.º 2
0
        protected override async Task <bool> PostHtmlAsync(IOwinEnvironment context, IClient client, ContentType bodyContentType, CancellationToken cancellationToken)
        {
            var queryString = QueryStringParser.Parse(context.Request.QueryString, _logger);

            var body = await context.Request.GetBodyAsStringAsync(cancellationToken);

            var model    = PostBodyParser.ToModel <ChangePasswordPostModel>(body, bodyContentType, _logger);
            var formData = FormContentParser.Parse(body, _logger);

            var stateToken       = formData.GetString(StringConstants.StateTokenName);
            var parsedStateToken = new StateTokenParser(client, _configuration.Client.ApiKey, stateToken, _logger);

            if (!parsedStateToken.Valid)
            {
                var viewModelBuilder        = new ChangePasswordFormViewModelBuilder(client, _configuration);
                var changePasswordViewModel = viewModelBuilder.Build();
                changePasswordViewModel.Errors.Add("An error occurred. Please try again.");

                await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken);

                return(true);
            }

            if (!model.Password.Equals(model.ConfirmPassword, StringComparison.Ordinal))
            {
                var viewModelBuilder        = new ChangePasswordFormViewModelBuilder(client, _configuration);
                var changePasswordViewModel = viewModelBuilder.Build();
                changePasswordViewModel.Errors.Add("Passwords do not match.");

                await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken);

                return(true);
            }

            var spToken     = queryString.GetString("sptoken");
            var application = await client.GetApplicationAsync(_configuration.Application.Href, cancellationToken);

            IAccount account;

            try
            {
                account = await application.VerifyPasswordResetTokenAsync(spToken, cancellationToken);
            }
            catch (ResourceException)
            {
                return(await HttpResponse.Redirect(context, _configuration.Web.ChangePassword.ErrorUri));
            }

            var preChangePasswordContext = new PreChangePasswordContext(context, account);
            await _handlers.PreChangePasswordHandler(preChangePasswordContext, cancellationToken);

            try
            {
                await application.ResetPasswordAsync(spToken, model.Password, cancellationToken);
            }
            catch (ResourceException rex)
            {
                var viewModelBuilder        = new ChangePasswordFormViewModelBuilder(client, _configuration);
                var changePasswordViewModel = viewModelBuilder.Build();
                changePasswordViewModel.Errors.Add(rex.Message);

                await RenderViewAsync(context, _configuration.Web.ChangePassword.View, changePasswordViewModel, cancellationToken);

                return(true);
            }

            var postChangePasswordContext = new PostChangePasswordContext(context, account);
            await _handlers.PostChangePasswordHandler(postChangePasswordContext, cancellationToken);

            // TODO autologin

            return(await HttpResponse.Redirect(context, _configuration.Web.ChangePassword.NextUri));
        }