public Response <RequestPasswordResetDto> RequestPasswordReset(RequestPasswordResetRequest request)
{
try
{
SetUserRepositoryByEmail(request.EmailAddress);
var user = _userRepository.FindUserByEmail(request.EmailAddress);
if (user == null)
{
throw new ServiceException(ResponseCode.NotFound, "Selected Agents does not exist.");
}
var expiryLength = _settingRepository.FindSettingAsInt(SettingName.PasswordResetLength);
var passwordResetRequest = new ForgottenPassword(Guid.NewGuid());
user.AddPasswordResetRequest(passwordResetRequest, expiryLength);
_userRepository.Save();
var dto = new RequestPasswordResetDto
{
UserGuid = user.UserGuid,
Key = passwordResetRequest.Key
};
return(new Response <RequestPasswordResetDto>(dto));
}
catch (Exception e)
{
return(HandleException <RequestPasswordResetDto>(e));
}
}
public async Task <IActionResult> Index(RequestPasswordResetDto dto)
{
ViewBag.ReturnUrl = _options.SpaSpellingClientBaseUrl;
if (this.ModelState.IsValid)
{
var user = await _userManager.FindByEmailAsync(dto.Emailaddress.ToLower());
if (user != null)
{
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var host = this.Request.Host.Value.Replace("[", string.Empty).Replace("]", string.Empty);
var url = $"{this.Request.Scheme}://{host}/PasswordRecovery/ResetPassword?token={WebUtility.UrlEncode(token)}";
var message = $"A password reset has be requested.<br /> <a href=\"{url}\">click here to reset your password.</a>";
await _emailSender.SendEmailAsync(user.Email, "College Spelling App Password Reset", message);
}
}
ViewBag.Submitted = true;
return(View());
}
public async Task <IActionResult> ForgotPassword([FromBody] RequestPasswordResetDto requestPasswordResetDto)
{
var userIp = Request.HttpContext.Connection.RemoteIpAddress;
if (_cacheService.IsNumberOfAttempsExceededRecovery(userIp))
{
if (requestPasswordResetDto.RecaptchaResponse == null ||
!await _reCaptchaValidation.ValidateRecaptcha(requestPasswordResetDto.RecaptchaResponse))
{
_cacheService.UpdateAttempsCountRecovery(userIp);
_logger.LogInformation($"Invalid captcha validation: {userIp}");
return(BadRequest(_reCaptchaValidation.CreateCaptchaResponseRecovery(false, true)));
}
}
var result = _cacheService.HandleAttempsRecovery(userIp);
var resetToken = await _changePasswordService.SendResetLink(requestPasswordResetDto.Email);
_logger.LogInformation(resetToken == null
? $"User with email: {requestPasswordResetDto.Email} fails to generate token"
: $"User with email: {requestPasswordResetDto.Email} send reset password request with token: {resetToken}"
);
return(Ok(_reCaptchaValidation.CreateCaptchaResponseRecovery(true, result)));
}
public async Task <IActionResult> RequestPasswordReset(RequestPasswordResetDto requestPasswordResetDto)
{
IDatabaseContext context = _getDatabaseContext();
User? user = await context.Users.FirstOrDefaultAsync(u => u.Email == requestPasswordResetDto.Email);
if (user == null)
{
return(BadRequest(RequestStringMessages.NoProfileWithEmailFound));
}
var passwordReset = new PasswordReset
{
User = user,
Requested = DateTime.UtcNow
};
context.PasswordResets.Add(passwordReset);
await context.SaveChangesAsync();
await _notificationService.SendPasswordResetTokenAsync(passwordReset.Token, user);
return(Ok());
}
public async Task <IActionResult> RequestPasswordReset([FromBody] RequestPasswordResetDto requestPasswordResetDto)
{
var response = await _authServices.RequestPasswordReset(requestPasswordResetDto.Email);
return(StatusCode(response.Status, response));
}
