public User CompleteInfoToConfirmVerify(UserForRecoveryVerifyDto userForRecoveryVerifyDto, User user) { user.RecoveryKey = ""; user.RecoveryDate = new DateTime(); byte[] passwordHash, passwordSalt; CreatePasswordHash(userForRecoveryVerifyDto.Password, out passwordHash, out passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; return(user); }
public async Task <IActionResult> VerifyRecovery(UserForRecoveryVerifyDto userForRecoveryVerifyDto) { try { var userToVerifyExist = _mapper.Map <UserForRegisterDto>(userForRecoveryVerifyDto); var userFound = await _repo.UserExists(userToVerifyExist); if (userFound == null) { return(BadRequest("user_does_not_exist")); } var userToVerifyKey = await _mainRepo.GetUser(userForRecoveryVerifyDto.Email); if (userForRecoveryVerifyDto.VerifyKey == "") { return(BadRequest("key_does_not_valid")); } if (userForRecoveryVerifyDto.VerifyKey != userToVerifyKey.RecoveryKey) { return(BadRequest("key_does_not_valid")); } if (userToVerifyKey.RecoveryDate < DateTime.Now) { return(BadRequest("key_does_not_valid")); } var userToUpdate = _repo.CompleteInfoToConfirmVerify(userForRecoveryVerifyDto, userToVerifyKey); var updatedUser = await _userRepo.UpdateUser(userToUpdate); var person = await _personRepo.GetPerson(updatedUser.Id); RecoveryKeyEmail recoveryKeyEmail = new RecoveryKeyEmail(updatedUser.Email, person.Name, person.LastName, ""); await _mailService.SendConfirmationRecoveryEmailAsync(recoveryKeyEmail); var user = _mapper.Map <UserForDetailedDto>(updatedUser); var rolsAssigned = await _repo.GetRolsPerUser(user.Id); var rolsAssignedToList = _mapper.Map <List <RolsToListDto> >(rolsAssigned); var tokenDescriptor = _repo.CreateToken(updatedUser, rolsAssigned); var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token), user, rolsAssignedToList })); } catch (Exception ex) { _logger.LogError(ex.Message); return(BadRequest("verify_recovery_failed")); } }