public ActionResult GenerateResetPasswordToken(string emailAddress)
{
MimeMessage email;
var user = _userAccountService.ReadUserFromDBUsingEmail(emailAddress);
if (user == null)
{
email = EmailConstructorResetUserDoesNotExist();
EmailService.SendEmail(email);
return(new BadRequestObjectResult("User does not exist"));
}
// Check if number of password resets generated is < 3
var tokensGenerated = _resetService.GetTokensByUserId(user.UserAccountId);
var tokensGeneratedInLast24hrs = tokensGenerated.Where(t => t.DateCreated > DateTime.Now.AddHours(-24));
if (tokensGeneratedInLast24hrs.Count() >= 3)
{
return(new BadRequestObjectResult("Unable to generate password reset link, only 3 are allowed per 24hrs. Please try again in 24hrs."));
}
string passwordResetToken = CryptoService.GenerateToken();
PasswordResetToken token = new PasswordResetToken(passwordResetToken, user.UserAccountId);
_resetService.InsertToken(token);
string resetLink = BaseUrl + passwordResetToken;
email = EmailConstructorPasswordResetLink();
EmailService.SendEmail(email);
return(new OkObjectResult("A password reset link has been sent to your email"));
}
public void InsertToken()
{
var user = uas.ReadUserFromDBUsingEmail("*****@*****.**");
PasswordResetToken token = new PasswordResetToken(CryptoService.GenerateToken(), user.UserAccountId);
var inserted = rs.InsertToken(token);
Assert.IsTrue(inserted);
}