public async Task TestFinishPasswordReset()
{
var client = _factory.CreateClient();
var userManager = _factory.GetRequiredService <UserManager <User> >();
var passwordHasher = _factory.GetRequiredService <IPasswordHasher <User> >();
var user = new User {
Login = "******",
Email = "*****@*****.**",
PasswordHash = passwordHasher.HashPassword(null, TestUtil.RandomAlphabetic(60)),
ResetDate = DateTime.Now.Add(60.Seconds()),
ResetKey = TestUtil.RandomAlphabetic(60)
};
await userManager.CreateAsync(user);
var keyAndPassword = new KeyAndPasswordDto {
Key = user.ResetKey,
NewPassword = "******"
};
var response = await client.PostAsync("/api/account/reset-password/finish",
TestUtil.ToJsonContent(keyAndPassword));
response.StatusCode.Should().Be(HttpStatusCode.OK);
var updatedUser = await userManager.FindByNameAsync(user.Login);
//TODO FIX database refresh to prevent the usage of context/Reload
updatedUser = Fixme.ReloadUser(_factory, updatedUser);
passwordHasher.VerifyHashedPassword(updatedUser, updatedUser.PasswordHash, keyAndPassword.NewPassword)
.Should().Be(PasswordVerificationResult.Success);
}
public async Task TestFinishPasswordResetWrongKey()
{
var client = _factory.CreateClient();
var keyAndPassword = new KeyAndPasswordDto {
Key = TestUtil.RandomAlphabetic(60),
NewPassword = TestUtil.RandomAlphabetic(60)
};
var response = await client.PostAsync("/api/account/reset-password/finish",
TestUtil.ToJsonContent(keyAndPassword));
response.StatusCode.Should().Be(HttpStatusCode.InternalServerError);
}
public async Task RequestPasswordReset([FromBody] KeyAndPasswordDto keyAndPasswordDto)
{
if (!CheckPasswordLength(keyAndPasswordDto.NewPassword))
{
throw new InvalidPasswordException();
}
var user = await _userService.CompletePasswordReset(keyAndPasswordDto.NewPassword, keyAndPasswordDto.Key);
if (user == null)
{
throw new InternalServerErrorException("No user was found for this reset key");
}
}
