public async Task <IActionResult> ResetPassword([FromBody] RecoveryCredential credential)
{
var errors = credential.Validate();
var user = await Context.Users.FindAsync(credential.Id);
if (user == null)
{
errors.Add("El usuario en el token no existe");
}
if (errors.Any())
{
return(BadRequest(errors));
}
var keyBuilder = new PasswordRecoveryKeyBuilder(user);
var jwtDecodeErrors = TokenStore.IsTokenValid(credential.Token, keyBuilder);
if (jwtDecodeErrors.Count > 0)
{
return(BadRequest(jwtDecodeErrors));
}
user.Password = PasswordEncrypter.Encrypt(credential.Password);
Context.Users.Update(user);
await Context.SaveChangesAsync();
return(Ok());
}
public async Task <IActionResult> SendResetToken([FromBody] ResetTokenDto dto)
{
var user = Context.Users.SingleOrDefault(x => x.Email.Equals(dto.Email));
if (user == null)
{
return(Ok());
}
var keyBuilder = new PasswordRecoveryKeyBuilder(user);
var token = TokenStore.GiveToken(DateTime.Now.AddMinutes(MinutesToRecoverPassword), keyBuilder,
new List <Claim>());
var urlCallback = $"passwordRecovery/{user.Id}/{token}";
await EmailSender.Send(dto.Email, "*****@*****.**",
"Superpagos - Recuperación de contraseña", Config["ClientIP"] + urlCallback);
return(Ok(urlCallback));
}