Open Closed

Send the same message when an account exists or not in the recovery password #4488


User avatar
0
peyman@debtrak.com created

ABP Framework version: v5.3.4

UI type: Angular

DB provider: EF Core

Tiered (MVC) or Identity Server Separated (Angular): yes Hi .we want for security in Forgot password , flow and messages be the same when an account exist or not exist, how can I do that? and i want to know how override SendPasswordResetCodeAsync and config it.


1 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    You can try to override the SendPasswordResetCodeAsync method to handle the exception.

    For example:

    [Dependency(ReplaceServices = true)]
    [ExposeServices(typeof(IAccountAppService))]
    public class MyAccountAppService: AccountAppService
    {
       public MyAccountAppService(
           IdentityUserManager userManager,
           IAccountEmailer accountEmailer,
           IAccountPhoneService phoneService,
           IIdentityRoleRepository roleRepository,
           IdentitySecurityLogManager identitySecurityLogManager,
           IBlobContainer<AccountProfilePictureContainer> accountProfilePictureContainer,
           ISettingManager settingManager,
           IOptions<IdentityOptions> identityOptions,
           IIdentitySecurityLogRepository securityLogRepository) : base(userManager, accountEmailer, phoneService, roleRepository, identitySecurityLogManager, accountProfilePictureContainer, settingManager, identityOptions, securityLogRepository)
       {
       }
       public override async Task SendPasswordResetCodeAsync(SendPasswordResetCodeDto input)
       {
           try
           {
               var user = await GetUserByEmail(input.Email);
               var resetToken = await UserManager.GeneratePasswordResetTokenAsync(user);
               await AccountEmailer.SendPasswordResetLinkAsync(user, resetToken, input.AppName, input.ReturnUrl, input.ReturnUrlHash);
           }
           catch (Exception e)
           {
               throw new UserFriendlyException("custom message");
           }
    
       }
    }
    
Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38