Implemented ability to reset a user's password.

2025-07-09 03:04:19 -04:00 · 2021-01-21 11:15:42 -06:00 · 2021-01-21 11:15:42 -06:00 · 8220709b4c
commit 8220709b4c
parent 6309ae9dd3
4 changed files with 31 additions and 4 deletions
--- a/API/Controllers/AccountController.cs
+++ b/API/Controllers/AccountController.cs
@ -4,8 +4,10 @@ using System.Threading.Tasks;
 using API.Constants;
 using API.DTOs;
 using API.Entities;
+using API.Extensions;
 using API.Interfaces;
 using AutoMapper;
+using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
@ -36,6 +38,21 @@ namespace API.Controllers
            _mapper = mapper;
        }

+        [Authorize(Policy = "RequireAdminRole")]
+        [HttpPost("reset-password")]
+        public async Task<ActionResult> UpdatePassword(ResetPasswordDto resetPasswordDto)
+        {
+            _logger.LogInformation($"{User.GetUsername()} is changing {resetPasswordDto.UserName}'s password.");
+            var user = await _userManager.Users.SingleAsync(x => x.UserName == resetPasswordDto.UserName);
+            var result = await _userManager.RemovePasswordAsync(user);
+            if (!result.Succeeded) return BadRequest("Unable to update password");
+            
+            result = await _userManager.AddPasswordAsync(user, resetPasswordDto.Password);
+            if (!result.Succeeded) return BadRequest("Unable to update password");
+
+            return Ok($"{resetPasswordDto.UserName}'s Password has been reset.");
+        }
+
        [HttpPost("register")]
        public async Task<ActionResult<UserDto>> Register(RegisterDto registerDto)
        {
--- a/API/DTOs/ResetPasswordDto.cs
+++ b/API/DTOs/ResetPasswordDto.cs
@ -0,0 +1,13 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace API.DTOs
+{
+    public class ResetPasswordDto
+    {
+        [Required]
+        public string UserName { get; init; }
+        [Required]
+        [StringLength(8, MinimumLength = 4)]
+        public string Password { get; init; }
+    }
+}
--- a/API/Middleware/ExceptionMiddleware.cs
+++ b/API/Middleware/ExceptionMiddleware.cs
@ -25,7 +25,6 @@ namespace API.Middleware

        public async Task InvokeAsync(HttpContext context)
        {
-            _logger.LogError("The middleware called");
            try
            {
                await _next(context); // downstream middlewares or http call
--- a/API/Startup.cs
+++ b/API/Startup.cs
@ -42,10 +42,8 @@ namespace API
            {
                app.UseSwagger();
                app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "API v1"));
+                app.UseHangfireDashboard();
            }
-            
-            
-            app.UseHangfireDashboard();

            app.UseHttpsRedirection();