/**
* Set user password after reset.
*/
private async Task <APIGatewayProxyResponse> SetUserPasswordAfterReset(IDataStores dataStores,
IDictionary <string, string> requestHeaders,
JObject requestBody)
{
Debug.Untested();
Debug.AssertValid(dataStores);
Debug.AssertValid(requestHeaders);
Debug.AssertValidOrNull(requestBody);
try {
// Log call
LoggingHelper.LogMessage($"UserIdentityService::SetUserPasswordAfterReset()");
// Get the NoSQL DB client
AmazonDynamoDBClient dbClient = (AmazonDynamoDBClient)dataStores.GetNoSQLDataStore().GetDBClient();
Debug.AssertValid(dbClient);
// Check inputs
SetUserPasswordAfterResetRequest setUserPasswordAfterResetRequest = UserIdentityService_SetUserPasswordAfterReset_LogicLayer.CheckValidSetUserPasswordAfterResetRequest(requestBody);
Debug.AssertValid(setUserPasswordAfterResetRequest);
// Perform logic
await UserIdentityService_SetUserPasswordAfterReset_LogicLayer.SetUserPasswordAfterReset(dbClient, setUserPasswordAfterResetRequest);
// Respond
return(new APIGatewayProxyResponse {
StatusCode = APIHelper.STATUS_CODE_NO_CONTENT
});
} catch (Exception exception) {
Debug.Tested();
return(APIHelper.ResponseFromException(exception));
}
}
/**
* Set user password after reset.
*/
public static async Task SetUserPasswordAfterReset(AmazonDynamoDBClient dbClient, SetUserPasswordAfterResetRequest setUserPasswordAfterResetRequest)
{
Debug.Untested();
Debug.AssertValid(dbClient);
Debug.AssertValid(setUserPasswordAfterResetRequest);
Debug.AssertString(setUserPasswordAfterResetRequest.resetPasswordLinkId);
Debug.AssertEmail(setUserPasswordAfterResetRequest.emailAddress);
Debug.AssertPassword(setUserPasswordAfterResetRequest.newPassword);
// Find the valid link
Link link = await IdentityServiceLogicLayer.FindValidLink(dbClient, setUserPasswordAfterResetRequest.resetPasswordLinkId, IdentityServiceLogicLayer.LINK_TYPE_RESET_PASSWORD);
Debug.AssertValidOrNull(link);
if (link != null)
{
// Valid link exists
Debug.Tested();
Debug.AssertID(link.UserID);
// Load the user
User user = await IdentityServiceLogicLayer.FindUserByID(dbClient, link.UserID, true);
Debug.AssertValidOrNull(user);
if (user != null)
{
Debug.Tested();
Debug.AssertEmail(user.EmailAddress);
if (user.EmailAddress == setUserPasswordAfterResetRequest.emailAddress)
{
// Email address matches user's email address
Debug.Tested();
// Make changes
user.PasswordHash = Helper.Hash(setUserPasswordAfterResetRequest.newPassword);
user.Locked = false;
// Save the user
await IdentityServiceDataLayer.SaveUser(dbClient, user);
// Revoke link
link.Revoked = true;
//??++SAVE LINK
}
else
{
Debug.Tested();
throw new Exception(SharedLogicLayer.ERROR_UNRECOGNIZED_EMAIL_ADDRESS, new Exception(SharedLogicLayer.ERROR_UNRECOGNIZED_EMAIL_ADDRESS));
}
}
else
{
// User does not exist - may have been closed (and possibly subsequently deleted).
Debug.Tested();
throw new Exception(SharedLogicLayer.ERROR_INVALID_LINK_USER, new Exception(SharedLogicLayer.ERROR_INVALID_LINK_USER));
}
}
else
{
Debug.Tested();
throw new Exception(SharedLogicLayer.ERROR_INVALID_LINK, new Exception(SharedLogicLayer.ERROR_INVALID_LINK));
}
}
