Remove tenant param from ResetPasswordAsync interface; Add TennantIdH…

…eader to ResetPasswordAsync method; Update message in ForgotPasswordAsync;
fullstackhero · jay-cascade · Jul 13, 2022 · Jul 13, 2022 · Jul 14, 2022 · Jul 14, 2022
commit 2d7d608fe2f56f96bfb8eb080b34e6c9263ae0a3
diff --git a/src/Core/Application/Identity/Users/IUserService.cs b/src/Core/Application/Identity/Users/IUserService.cs
@@ -34,6 +34,6 @@ public interface IUserService : ITransientService
     Task<string> ConfirmPhoneNumberAsync(string userId, string code);
 
     Task<string> ForgotPasswordAsync(ForgotPasswordRequest request, string origin);
-    Task<string> ResetPasswordAsync(ResetPasswordRequest request, string tenant);
+    Task<string> ResetPasswordAsync(ResetPasswordRequest request);
     Task ChangePasswordAsync(ChangePasswordRequest request, string userId);
 }
diff --git a/src/Host/Controllers/Identity/UsersController.cs b/src/Host/Controllers/Identity/UsersController.cs
@@ -111,11 +111,12 @@ public Task<string> ForgotPasswordAsync(ForgotPasswordRequest request)
 
     [HttpPost("reset-password")]
     [AllowAnonymous]
+    [TenantIdHeader]
     [OpenApiOperation("Reset a user's password.", "")]
     [ApiConventionMethod(typeof(FSHApiConventions), nameof(FSHApiConventions.Register))]
-    public Task<string> ResetPasswordAsync(ResetPasswordRequest request, [FromQuery] string tenant)
+    public Task<string> ResetPasswordAsync(ResetPasswordRequest request)
     {
-        return _userService.ResetPasswordAsync(request, tenant);
+        return _userService.ResetPasswordAsync(request);
     }
 
     private string GetOriginFromRequest() => $"{Request.Scheme}://{Request.Host.Value}{Request.PathBase.Value}";

diff --git a/src/Infrastructure/Identity/UserService.Password.cs b/src/Infrastructure/Identity/UserService.Password.cs
@@ -21,7 +21,7 @@ public async Task<string> ForgotPasswordAsync(ForgotPasswordRequest request, str
         // For more information on how to enable account confirmation and password reset please
         // visit https://go.microsoft.com/fwlink/?LinkID=532713
         string code = await _userManager.GeneratePasswordResetTokenAsync(user);
-        string route = $"account/reset-password?token={code}";
+        const string route = $"account/reset-password";
         var endpointUri = new Uri(string.Concat($"{origin}/", route));
         string passwordResetUrl = QueryHelpers.AddQueryString(endpointUri.ToString(), "Token", code);
         var mailRequest = new MailRequest(
@@ -33,7 +33,7 @@ public async Task<string> ForgotPasswordAsync(ForgotPasswordRequest request, str
         return _t["Password Reset Mail has been sent to your authorized Email."];
     }
 
-    public async Task<string> ResetPasswordAsync(ResetPasswordRequest request, string tenant)
+    public async Task<string> ResetPasswordAsync(ResetPasswordRequest request)
     {
         EnsureValidTenant();