protected override async Task <OperationResult> DoExecute(RemindLoginDto request)
{
User user;
if (string.IsNullOrEmpty(request.Pesel))
{
user = await _dbContext.Users.FirstOrDefaultAsync(u => u.Email == request.Email &&
u.EmailVerified == true &&
u.Pesel == null &&
u.Name == request.Name &&
u.Surname == request.Surname);
}
else
{
user = await _dbContext.Users.FirstOrDefaultAsync(u => u.Email == request.Email &&
u.EmailVerified == true &&
u.Pesel == request.Pesel);
}
if (user == null)
{
//Security issue: always return 200 even if user was no found
return(new OperationSucceded());
}
_sendEmailCommand.Execute(new EmailDto()
{
To = user.Email,
Title = EmailContentConfiguration.LoginRemindedTitle,
Body = EmailContentConfiguration.LoginRemindedBody(user.CandidateId)
});
return(new OperationSucceded());
}
