diff options
Diffstat (limited to 'code/api/src/Endpoints/Internal/PasswordResetRequests')
5 files changed, 65 insertions, 61 deletions
diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/RequestModel.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/RequestModel.cs new file mode 100644 index 0000000..236c650 --- /dev/null +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/RequestModel.cs @@ -0,0 +1,6 @@ +namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests.Create; + +public class RequestModel +{ + public string Username { get; set; } +}
\ No newline at end of file diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/Route.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/Route.cs new file mode 100644 index 0000000..f837fc0 --- /dev/null +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/Create/Route.cs @@ -0,0 +1,57 @@ +namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests.Create; + +public class Route : RouteBaseAsync.WithRequest<RequestModel>.WithActionResult +{ + private readonly ILogger<Route> _logger; + private readonly PasswordResetService _passwordResetService; + private readonly AppDbContext _context; + + public Route(ILogger<Route> logger, PasswordResetService passwordResetService, AppDbContext context) { + _logger = logger; + _passwordResetService = passwordResetService; + _context = context; + } + + /// <summary> + /// Create a new password reset request. + /// </summary> + /// <param name="request"></param> + /// <param name="cancellationToken"></param> + /// <returns></returns> + [AllowAnonymous] + [HttpPost("~/_/password-reset-request/create")] + public override async Task<ActionResult> HandleAsync(RequestModel request, CancellationToken cancellationToken = default) { + if (!request.Username.IsValidEmailAddress()) { + _logger.LogInformation("Username is invalid, not doing request for password change"); + return KnownProblem("Invalid email address", request.Username + " looks like an invalid email address"); + } + + Request.Headers.TryGetValue(AppHeaders.BROWSER_TIME_ZONE, out var timeZoneHeader); + var tz = TimeZoneInfo.FindSystemTimeZoneById(timeZoneHeader.ToString().HasValue() ? timeZoneHeader.ToString() : "UTC"); + var offset = tz.BaseUtcOffset.Hours; + + // this is fine as long as the client is not connecting from Australia: Lord Howe Island + // according to https://en.wikipedia.org/wiki/Daylight_saving_time_by_country + if (tz.IsDaylightSavingTime(AppDateTime.UtcNow)) { + offset++; + } + + _logger.LogInformation("Request time zone (" + tz.Id + ") offset is: " + offset + " hours"); + var requestDateTime = TimeZoneInfo.ConvertTimeFromUtc(AppDateTime.UtcNow, tz); + _logger.LogInformation("Creating forgot password request with date time: " + requestDateTime.ToString("u")); + + try { + var user = _context.Users.SingleOrDefault(c => c.Username.Equals(request.Username)); + if (user != default) { + await _passwordResetService.AddRequestAsync(user, tz, cancellationToken); + return Ok(); + } + + _logger.LogInformation("User was not found, not doing request for password change"); + return Ok(); + } catch (Exception e) { + _logger.LogError(e, "_/password-reset-request/create threw an exception"); + return Ok(); + } + } +}
\ No newline at end of file diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs deleted file mode 100644 index 8fbc9a0..0000000 --- a/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs +++ /dev/null @@ -1,59 +0,0 @@ -namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests; - -/// <inheritdoc /> -public class CreateResetRequestRoute : RouteBaseAsync.WithRequest<string>.WithActionResult -{ - private readonly ILogger<CreateResetRequestRoute> _logger; - private readonly PasswordResetService _passwordResetService; - private readonly AppDbContext _context; - - /// <inheritdoc /> - public CreateResetRequestRoute(ILogger<CreateResetRequestRoute> logger, PasswordResetService passwordResetService, AppDbContext context) { - _logger = logger; - _passwordResetService = passwordResetService; - _context = context; - } - - /// <summary> - /// Create a new password reset request. - /// </summary> - /// <param name="username"></param> - /// <param name="cancellationToken"></param> - /// <returns></returns> - [AllowAnonymous] - [HttpGet("~/_/forgot-password-requests/create")] - public override async Task<ActionResult> HandleAsync(string username, CancellationToken cancellationToken = default) { - if (!username.IsValidEmailAddress()) { - _logger.LogInformation("Username is invalid, not doing request for password change"); - return BadRequest(new ErrorResult("Invalid email address", username + " looks like an invalid email address")); - } - - Request.Headers.TryGetValue(AppHeaders.BROWSER_TIME_ZONE, out var timeZoneHeader); - var tz = TimeZoneInfo.FindSystemTimeZoneById(timeZoneHeader.ToString().HasValue() ? timeZoneHeader.ToString() : "UTC"); - var offset = tz.BaseUtcOffset.Hours; - - // this is fine as long as the client is not connecting from Australia: Lord Howe Island - // according to https://en.wikipedia.org/wiki/Daylight_saving_time_by_country - if (tz.IsDaylightSavingTime(AppDateTime.UtcNow)) { - offset++; - } - - _logger.LogInformation("Request time zone (" + tz.Id + ") offset is: " + offset + " hours"); - var requestDateTime = TimeZoneInfo.ConvertTimeFromUtc(AppDateTime.UtcNow, tz); - _logger.LogInformation("Creating forgot password request with date time: " + requestDateTime.ToString("u")); - - try { - var user = _context.Users.SingleOrDefault(c => c.Username.Equals(username)); - if (user != default) { - await _passwordResetService.AddRequestAsync(user, tz, cancellationToken); - return Ok(); - } - - _logger.LogInformation("User was not found, not doing request for password change"); - return Ok(); - } catch (Exception e) { - _logger.LogError(e, "ForgotAction failed badly"); - return Ok(); - } - } -} diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs index 96f344a..a0ad4d0 100644 --- a/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs @@ -18,7 +18,7 @@ public class FulfillResetRequestRoute : RouteBaseAsync.WithRequest<FulfillResetR /// <param name="cancellationToken"></param> /// <returns></returns> [AllowAnonymous] - [HttpPost("~/_/forgot-password-requests/fulfill")] + [HttpPost("~/_/password-reset-request/fulfill")] public override async Task<ActionResult> HandleAsync(FulfillResetRequestPayload request, CancellationToken cancellationToken = default) { try { var fulfilled = await _passwordResetService.FullFillRequestAsync(request.Id, request.NewPassword, cancellationToken); diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs index c4dcd22..917c4f0 100644 --- a/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs @@ -17,7 +17,7 @@ public class IsResetRequestValidRoute : RouteBaseAsync.WithRequest<Guid>.WithAct /// <param name="cancellationToken"></param> /// <returns></returns> [AllowAnonymous] - [HttpGet("~/_/forgot-password-requests/is-valid")] + [HttpGet("~/_/password-reset-request/is-valid")] public override async Task<ActionResult> HandleAsync(Guid id, CancellationToken cancellationToken = default) { var request = await _passwordResetService.GetRequestAsync(id, cancellationToken); if (request == default) { |