From 88110f536f9c3843ecf5016122e101f8a424af77 Mon Sep 17 00:00:00 2001
From: ivarlovlie <git@ivarlovlie.no>
Date: Sat, 22 Jan 2022 22:43:38 +0100
Subject: Initial commit

---
 .../Api/Internal/Account/UpdatePasswordRoute.cs    | 35 ++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 src/server/Api/Internal/Account/UpdatePasswordRoute.cs

(limited to 'src/server/Api/Internal/Account/UpdatePasswordRoute.cs')

diff --git a/src/server/Api/Internal/Account/UpdatePasswordRoute.cs b/src/server/Api/Internal/Account/UpdatePasswordRoute.cs
new file mode 100644
index 0000000..d06e850
--- /dev/null
+++ b/src/server/Api/Internal/Account/UpdatePasswordRoute.cs
@@ -0,0 +1,35 @@
+namespace IOL.BookmarkThing.Server.Api.Internal.Account;
+
+public class UpdatePasswordRoute : RouteBaseInternalSync.WithRequest<UpdatePasswordRequest>.WithActionResult
+{
+	private readonly AppDbContext _context;
+
+	public UpdatePasswordRoute(AppDbContext context) {
+		_context = context;
+	}
+
+	[ApiVersionNeutral]
+	[ApiExplorerSettings(IgnoreApi = true)]
+	[HttpPost("~/v{version:apiVersion}/account/update-password")]
+	public override ActionResult Handle(UpdatePasswordRequest payload) {
+		if (payload.NewPassword.IsNullOrWhiteSpace()) {
+			return BadRequest(new ErrorResult("Invalid request",
+											  "The new password field is required"));
+		}
+
+		if (payload.NewPassword.Length < 6) {
+			return BadRequest(new ErrorResult("Invalid request",
+											  "The new password must contain atleast 6 characters"));
+		}
+
+		var user = _context.Users.SingleOrDefault(c => c.Id == LoggedInUser.Id);
+		if (user == default) {
+			HttpContext.SignOutAsync();
+			return StatusCode(403);
+		}
+
+		user.HashAndSetPassword(payload.NewPassword);
+		_context.SaveChanges();
+		return Ok();
+	}
+}
-- 
cgit v1.3