Verify user invite token (#14491)

* Added functionality to verify user invite tokens and create the initial password * Add response types * Fail ValidateCredentialsAsync when user is not approved * Enable user as part of initial password creating using validation token * Adds documentation to badrequest and changed nocontent to ok, to align with other APIs * Fixed tests and added a new one --------- Co-authored-by: nikolajlauridsen <nikolajlauridsen@protonmail.ch>
2023-07-05 12:42:52 +02:00
parent 8bccab3b60
commit 59df7439db
12 changed files with 185 additions and 4 deletions
--- a/src/Umbraco.Cms.Api.Management/Controllers/User/VerifyInviteUsersController.cs
+++ b/src/Umbraco.Cms.Api.Management/Controllers/User/VerifyInviteUsersController.cs
@@ -0,0 +1,32 @@
+using Asp.Versioning;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using Umbraco.Cms.Api.Management.ViewModels.User;
+using Umbraco.Cms.Core;
+using Umbraco.Cms.Core.Services;
+using Umbraco.Cms.Core.Services.OperationStatus;
+
+namespace Umbraco.Cms.Api.Management.Controllers.User;
+
+[ApiVersion("1.0")]
+public class VerifyInviteUserController : UserControllerBase
+{
+    private readonly IUserService _userService;
+
+    public VerifyInviteUserController(IUserService userService) => _userService = userService;
+
+    [AllowAnonymous]
+    [HttpPost("invite/verify")]
+    [MapToApiVersion("1.0")]
+    [ProducesResponseType(StatusCodes.Status200OK)]
+    [ProducesResponseType(StatusCodes.Status400BadRequest)]
+    public async Task<IActionResult> Invite(VerifyInviteUserRequestModel model)
+    {
+        Attempt<UserOperationStatus> result = await _userService.VerifyInviteAsync(model.UserId, model.Token);
+
+        return result.Success
+            ? Ok()
+            : UserOperationStatusResult(result.Result);
+    }
+}