// TODO: 是否有必要移动到ProfileService
/// <summary>
/// 重置用户密码
/// </summary>
/// <param name="passwordReset"></param>
/// <returns></returns>
public virtual async Task ResetPasswordAsync(PasswordResetDto passwordReset)
{
// 本来可以不需要的,令牌算法有一个有效期
// 不过这里采用令牌强制过期策略,避免一个令牌多次使用
var phoneVerifyCacheKey = NormalizeCacheKey(passwordReset.PhoneNumber);
var phoneVerifyCacheItem = await Cache.GetAsync(phoneVerifyCacheKey);
if (phoneVerifyCacheItem == null || !phoneVerifyCacheItem.VerifyCode.Equals(passwordReset.VerifyCode))
{
throw new UserFriendlyException(L["PhoneVerifyCodeInvalid"]);
}
var userId = await GetUserIdByPhoneNumberAsync(passwordReset.PhoneNumber);
var user = await UserManager.GetByIdAsync(userId);
(await UserManager.ResetPasswordAsync(user, phoneVerifyCacheItem.VerifyToken, passwordReset.NewPassword)).CheckErrors();
await Cache.RemoveAsync(phoneVerifyCacheKey);
}
public virtual async Task ResetPasswordAsync(PasswordResetDto passwordReset)
{
await AccountAppService.ResetPasswordAsync(passwordReset);
}
