public async Task <IActionResult> Confirm([FromBody] ConfirmViewModel vm, CancellationToken cancellationToken) { SecurityToken token; JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); var claims = new JwtSecurityTokenHandler().ValidateToken(vm.JwtTokenString, this._tokenValidationParameters, out token); if (!claims.HasClaim("register", "yes")) { return(this.BadRequest()); } var user = await this._users.FindByIdAsync(claims.GetSubjectId(), cancellationToken); user.Email = claims.Claims.First(c => c.Type == JwtRegisteredClaimNames.Email).Value; user.EmailVerified = true; user.UserName = claims.Claims.First(c => c.Type == JwtRegisteredClaimNames.UniqueName).Value; if (await this._users.CreateAsync(user, nameof(AccountController) + nameof(this.Confirm), cancellationToken) != IdentityResult.Success) { return(this.ServerError(new Exception("Create user failed"))); } return(this.Ok()); }
public async Task <IActionResult> Reset([FromBody] ResetViewModel vm, CancellationToken cancellationToken) { SecurityToken token; JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); var claims = new JwtSecurityTokenHandler().ValidateToken(vm.JwtTokenString, this._tokenValidationParameters, out token); if (!claims.HasClaim("reset_password", "yes") || vm.Password != vm.ConfirmPassword) { return(this.BadRequest()); } var user = await this._users.FindByIdAsync(claims.GetSubjectId(), cancellationToken); if (await this._users.SetUserPasswordAsync(user, vm.Password, cancellationToken)) { return(this.Ok()); } return(this.BadRequest()); }