public AccountDto Build()
{
var fixture = new Fixture();
Account = fixture.Build <AccountDto>()
.With(a => a.Email, RandomData.Email)
.With(a => a.PasswordHash, SecretHasher.GetStringHash(_password))
.With(a => a.Verified, _verified)
.With(a => a.AcceptTerms, true)
.With(a => a.Created, DateTime.UtcNow)
.With(a => a.IsSuperAdmin, _role == Role.Admin)
.With(a => a.InvitationCode, _invitationCode)
.With(a => a.InvitationCodeExpiry, _invitationExipry)
.With(a => a.ResetToken, _resetToken)
.With(a => a.ResetTokenExpires, _resetTokenExpiry)
.Create();
_connection.AddAccount(Account);
if (_role.HasValue && _role != Role.Admin && _libraryId.HasValue)
{
_connection.AddAccountToLibrary(Account, _libraryId.Value, _role.Value);
}
return(Account);
}
public override async Task <ForgetPasswordCommand> HandleAsync(ForgetPasswordCommand command, CancellationToken cancellationToken = default)
{
if (!command.AcceptTerms)
{
throw new BadRequestException("Terms must be accepted");
}
if (command.Password != command.ConfirmPassword)
{
throw new BadRequestException("Password and confirm password not matching");
}
var account = await _accountRepository.GetAccountByInvitationCode(command.InvitationCode, cancellationToken);
if (account == null || account.InvitationCodeExpiry < DateTime.UtcNow)
{
throw new BadRequestException("Invitation has expired");
}
account.Name = command.Name;
account.PasswordHash = SecretHasher.GetStringHash(command.Password);
account.Verified = DateTime.UtcNow;
account.VerificationToken = RandomGenerator.GenerateRandomString();
account.InvitationCode = null;
account.InvitationCodeExpiry = null;
account.AcceptTerms = true;
await _accountRepository.UpdateAccount(account, cancellationToken);
return(await base.HandleAsync(command, cancellationToken));
}
public override async Task <ResetPasswordCommand> HandleAsync(ResetPasswordCommand command, CancellationToken cancellationToken = default)
{
var account = await _accountRepository.GetAccountByResetToken(command.Token, cancellationToken);
if (account == null || account.ResetTokenExpires < DateTime.UtcNow)
{
throw new BadRequestException("Invitation has expired");
}
account.PasswordHash = SecretHasher.GetStringHash(command.Password);
account.PasswordReset = DateTime.UtcNow;
account.ResetToken = null;
account.ResetTokenExpires = null;
await _accountRepository.UpdateAccount(account, cancellationToken);
return(await base.HandleAsync(command, cancellationToken));
}
public override async Task <ChangePasswordCommand> HandleAsync(ChangePasswordCommand command, CancellationToken cancellationToken = default)
{
var account = await _accountRepository.GetAccountByEmail(command.Email, cancellationToken);
if (!SecretHasher.Verify(command.OldPassword, account.PasswordHash))
{
throw new BadRequestException();
}
account.PasswordHash = SecretHasher.GetStringHash(command.Password);
account.PasswordReset = DateTime.UtcNow;
account.ResetToken = null;
account.ResetTokenExpires = null;
await _accountRepository.UpdateAccount(account, cancellationToken);
return(await base.HandleAsync(command, cancellationToken));
}
