public async Task <ClientLoginStatus> LoginAsync(ObjectId clientId, string clientSecret, CancellationToken cancellationToken)
{
var client = await fClientRepository.GetAsync(clientId, cancellationToken);
if (client is null)
{
return(ClientLoginStatus.ClientNotFound);
}
if (client.Secret is null)
{
return(ClientLoginStatus.SecretNotSet);
}
if (!fSecretService.ComparePasswords(clientSecret, client.Secret.ToModel()))
{
return(ClientLoginStatus.InvalidSecret);
}
return(ClientLoginStatus.Ok);
}
protected override async Task <UserDoc> GetUserAsync(PostPasswordLoginRequest request, CancellationToken cancellationToken)
{
var user = await fUserRepository.GetByEmailAsync(request.Model.Email, cancellationToken);
if (user is null)
{
throw new BadRequestException($"User with email '{request.Model.Email}' not found.");
}
if (user.Secret is null)
{
throw new BadRequestException("User doesnt have his password set, hence cannot be connected via password login.");
}
if (!fSecretService.ComparePasswords(request.Model.Password, user.Secret.ToModel()))
{
throw new BadRequestException("Invalid password.");
}
return(user);
}
public async Task <Unit> Handle(PutPasswordRequest request, CancellationToken cancellationToken)
{
var user = fIdentityService.Current;
if (user.Secret is null)
{
throw new ConflictException("User does not have any password set.");
}
if (!fSecretService.ComparePasswords(request.Model.OldPassword, user.Secret))
{
throw new BadRequestException("Invalid password provided.");
}
var secret = fSecretService.CreateSecret(request.Model.NewPassword);
await fUserRepository.SetSecretAsync(user.UserId, secret.ToDoc(), cancellationToken);
return(Unit.Value);
}