Handle password reset when SMTP isn't configured or validated (#6150)

* Handle password reset when SMTP isn't configured or the configuration cannot be validated * include rel in external a tag * Simplify it * Test fix * Simplify a bit * selenium test to manage users --------- Co-authored-by: Dennis Reimann <mail@dennisreimann.de> Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
2025-12-17 14:04:26 +01:00 · 2024-09-13 13:42:08 +01:00
parent 7348a6a62f
commit f07ed53f7e
6 changed files with 217 additions and 25 deletions
--- a/BTCPayServer/Controllers/UIServerController.Users.cs
+++ b/BTCPayServer/Controllers/UIServerController.Users.cs
@@ -210,6 +210,32 @@ namespace BTCPayServer.Controllers
            return RedirectToAction(nameof(User), new { userId });
        }

+        [HttpGet("server/users/{userId}/reset-password")]
+        public async Task<IActionResult> ResetUserPassword(string userId)
+        {
+            var user = await _UserManager.FindByIdAsync(userId);
+            if (user == null)
+                return NotFound();
+            return View(new ResetUserPasswordFromAdmin { Email = user.Email });
+        }
+
+        [HttpPost("server/users/{userId}/reset-password")]
+        public async Task<IActionResult> ResetUserPassword(string userId, ResetUserPasswordFromAdmin model)
+        {
+
+            var user = await _UserManager.FindByEmailAsync(model.Email);
+            if (user == null || user.Id != userId)
+                return NotFound();
+
+            var result = await _UserManager.ResetPasswordAsync(user, await _UserManager.GeneratePasswordResetTokenAsync(user), model.Password);
+            TempData.SetStatusMessageModel(new StatusMessageModel
+            {
+                Severity = result.Succeeded ? StatusMessageModel.StatusSeverity.Success : StatusMessageModel.StatusSeverity.Error,
+                Message = result.Succeeded ? "Password successfully set" : "An error occurred while resetting user password"
+            });
+            return RedirectToAction(nameof(ListUsers));
+        }
+
        [HttpGet("server/users/new")]
        public async Task<IActionResult> CreateUser()
        {
@@ -416,6 +442,24 @@ namespace BTCPayServer.Controllers
        }
    }

+    public class ResetUserPasswordFromAdmin
+    {
+        [Required]
+        [EmailAddress]
+        [Display(Name = "Email")]
+        public string Email { get; set; }
+
+        [StringLength(100, ErrorMessage = "The {0} must be at least {2} and at max {1} characters long.", MinimumLength = 6)]
+        [DataType(DataType.Password)]
+        [Display(Name = "Password")]
+        public string Password { get; set; }
+
+        [DataType(DataType.Password)]
+        [Display(Name = "Confirm password")]
+        [Compare("Password", ErrorMessage = "The password and confirmation password do not match.")]
+        public string ConfirmPassword { get; set; }
+    }
+
    public class RegisterFromAdminViewModel
    {
        [Required]