diff options
Diffstat (limited to 'code/api/src/Endpoints/Internal/PasswordResetRequests')
4 files changed, 124 insertions, 0 deletions
diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs new file mode 100644 index 0000000..c6ed417 --- /dev/null +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/CreateResetRequestRoute.cs @@ -0,0 +1,40 @@ +namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests; + +public class CreateResetRequestRoute : RouteBaseAsync.WithRequest<CreateResetRequestRoute.Payload>.WithActionResult +{ + private readonly ILogger<CreateResetRequestRoute> _logger; + private readonly PasswordResetService _passwordResetService; + private readonly MainAppDatabase _database; + private readonly IStringLocalizer<SharedResources> _localizer; + + public CreateResetRequestRoute(ILogger<CreateResetRequestRoute> logger, PasswordResetService passwordResetService, MainAppDatabase database, IStringLocalizer<SharedResources> localizer) { + _logger = logger; + _passwordResetService = passwordResetService; + _database = database; + _localizer = localizer; + } + + public class Payload + { + public string Email { get; set; } + } + + [AllowAnonymous] + [HttpPost("~/_/password-reset-request/create")] + public override async Task<ActionResult> HandleAsync(Payload payload, CancellationToken cancellationToken = default) { + if (payload.Email.IsNullOrWhiteSpace()) { + return KnownProblem(_localizer["Invalid form"], + _localizer["One or more fields is invalid"], + new() {{"email", new string[] {_localizer["Email is a required field"]}}} + ); + } + + var tz = GetRequestTimeZone(_logger); + _logger.LogInformation("Creating forgot password request with local date time: " + tz.LocalDateTime.ToString("u")); + var user = _database.Users.FirstOrDefault(c => c.Username.Equals(payload.Email)); + // Don't inform the caller that the user does not exist. + if (user == default) return Ok(); + await _passwordResetService.AddRequestAsync(user, tz.TimeZoneInfo, cancellationToken); + return Ok(); + } +}
\ No newline at end of file diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs new file mode 100644 index 0000000..9cd92bb --- /dev/null +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/FulfillResetRequestRoute.cs @@ -0,0 +1,36 @@ +namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests; + +public class FulfillResetRequestRoute : RouteBaseAsync.WithRequest<FulfillResetRequestRoute.Payload>.WithActionResult +{ + private readonly IStringLocalizer<SharedResources> _localizer; + private readonly PasswordResetService _passwordResetService; + + public FulfillResetRequestRoute(PasswordResetService passwordResetService, IStringLocalizer<SharedResources> localizer) { + _passwordResetService = passwordResetService; + _localizer = localizer; + } + + public class Payload + { + public Guid Id { get; set; } + public string NewPassword { get; set; } + } + + [AllowAnonymous] + [HttpPost("~/_/password-reset-request/fulfill")] + public override async Task<ActionResult> HandleAsync(Payload request, CancellationToken cancellationToken = default) { + if (request.NewPassword.Length < 6) { + return KnownProblem(_localizer["Invalid form"], + _localizer["One or more fields is invalid"], + new Dictionary<string, string[]> {{"newPassword", new string[] {_localizer["The new password needs to be atleast 6 characters"]}}} + ); + } + + return await _passwordResetService.FulfillRequestAsync(request.Id, request.NewPassword, cancellationToken) switch { + FulfillPasswordResetRequestResult.REQUEST_NOT_FOUND => NotFound(), + FulfillPasswordResetRequestResult.USER_NOT_FOUND => NotFound(), + FulfillPasswordResetRequestResult.FULFILLED => Ok(), + _ => StatusCode(500) + }; + } +}
\ No newline at end of file diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs b/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs new file mode 100644 index 0000000..a87c0a9 --- /dev/null +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/IsResetRequestValidRoute.cs @@ -0,0 +1,26 @@ +namespace IOL.GreatOffice.Api.Endpoints.Internal.PasswordResetRequests; + +public class IsResetRequestValidRoute : RouteBaseAsync.WithRequest<Guid>.WithActionResult<IsResetRequestValidRoute.ResponseModel> +{ + private readonly PasswordResetService _passwordResetService; + + public IsResetRequestValidRoute(PasswordResetService passwordResetService) { + _passwordResetService = passwordResetService; + } + + public class ResponseModel + { + public ResponseModel(bool isValid) { + IsValid = isValid; + } + + public bool IsValid { get; } + } + + [AllowAnonymous] + [HttpGet("~/_/password-reset-request/is-valid")] + public override async Task<ActionResult<ResponseModel>> HandleAsync(Guid id, CancellationToken cancellationToken = default) { + var request = await _passwordResetService.GetRequestAsync(id, cancellationToken); + return Ok(request == default ? new ResponseModel(false) : new ResponseModel(!request.IsExpired)); + } +}
\ No newline at end of file diff --git a/code/api/src/Endpoints/Internal/PasswordResetRequests/_calls.http b/code/api/src/Endpoints/Internal/PasswordResetRequests/_calls.http new file mode 100644 index 0000000..cfd2d58 --- /dev/null +++ b/code/api/src/Endpoints/Internal/PasswordResetRequests/_calls.http @@ -0,0 +1,22 @@ +### Create request +POST http://localhost:5000/_/password-reset-request/create +Accept: application/json +Content-Type: application/json + +{ + "email": "" +} + +### Fulfill request +POST http://localhost:5000/_/password-reset-request/fulfill +Accept: application/json +Content-Type: application/json + +{ + "id": "", + "newPassword": "" +} + +### Is request valid +GET http://localhost:5000/_/password-reset-request/is-valid?id= +Accept: application/json |