示例#1
0
        public async Task <bool> ResetPassword(string userId, string token, string newPassword)
        {
            var user = await database.UserRepository.FindById(userId) ?? throw new EntityNotFoundException("Account does not exist", ErrorCodes.EntityNotFound);

            if (UserBlockedSpecification.Create().IsSatisfied(user))
            {
                throw new BlockException("Your account is blocked");
            }

            var resetPasswordToken = user.Tokens.FirstOrDefault(t => t.Code == token && t.TokenType == TokenType.ResetPassword)
                                     ?? throw new TokenException("Token is invalid");

            if (TokenExpirationSpecification.Create().IsSatisfied(resetPasswordToken))
            {
                throw new TokenException("Token expired", ErrorCodes.TokenExpired);
            }

            string saltedPasswordHash = string.Empty;
            var    passwordSalt       = hashGenerator.CreateSalt();

            hashGenerator.GenerateHash(newPassword, passwordSalt, out saltedPasswordHash);

            user.SetPassword(saltedPasswordHash, passwordSalt);

            if (await database.Complete())
            {
                user.Tokens.Remove(resetPasswordToken);

                return(await database.Complete());
            }

            return(false);
        }
示例#2
0
        public async Task <bool> VerifyResetPasswordToken(string userId, string token)
        {
            var user = await database.UserRepository.FindById(userId) ?? throw new EntityNotFoundException("Account does not exist", ErrorCodes.EntityNotFound);

            if (UserBlockedSpecification.Create().IsSatisfied(user))
            {
                throw new BlockException("Your account is blocked");
            }

            var resetPasswordToken = user.Tokens.FirstOrDefault(t => t.Code == token && t.TokenType == TokenType.ResetPassword)
                                     ?? throw new TokenException("Token is invalid");

            if (TokenExpirationSpecification.Create().IsSatisfied(resetPasswordToken))
            {
                throw new TokenException("Token expired", ErrorCodes.TokenExpired);
            }

            return(true);
        }