Harden password reset and email send flows

2026-03-28 14:17:12 +01:00
parent 25ae6b94e9
commit 9f949ee9df
15 changed files with 205 additions and 57 deletions
@@ -18,14 +18,16 @@ public sealed class AuthController : ControllerBase
    private readonly ITokenService _tokens;
    private readonly IAppEmailSender _email;
    private readonly IGoogleTokenValidator _googleTokens;
+    private readonly ILogger<AuthController> _logger;

-    public AuthController(IConfiguration cfg, UserManager<ApplicationUser> users, ITokenService tokens, IAppEmailSender email, IGoogleTokenValidator googleTokens)
+    public AuthController(IConfiguration cfg, UserManager<ApplicationUser> users, ITokenService tokens, IAppEmailSender email, IGoogleTokenValidator googleTokens, ILogger<AuthController> logger)
    {
        _cfg = cfg;
        _users = users;
        _tokens = tokens;
        _email = email;
        _googleTokens = googleTokens;
+        _logger = logger;
    }

    [HttpGet("config")]
@@ -395,12 +397,20 @@ public sealed class AuthController : ControllerBase

        var link = $"{baseUrl}/reset-password?email={Uri.EscapeDataString(user.Email)}&token={Uri.EscapeDataString(token)}";

-        await _email.SendAsync(
-            user.Email,
-            "Password reset",
-            $"You requested a password reset for Jobbjakt.\n\nReset link:\n{link}\n\nIf you did not request this, you can ignore this email.",
-            cancellationToken
-        );
+        try
+        {
+            await _email.SendAsync(
+                user.Email,
+                "Password reset",
+                $"You requested a password reset for Jobbjakt.\n\nReset link:\n{link}\n\nIf you did not request this, you can ignore this email.",
+                cancellationToken
+            );
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "Failed to send password reset email to {Email}", user.Email);
+            return Problem(statusCode: StatusCodes.Status503ServiceUnavailable, title: "Email delivery unavailable", detail: "Password reset email could not be sent right now. Please try again later.");
+        }

        return NoContent();
    }
@@ -429,6 +439,11 @@ public sealed class AuthController : ControllerBase
        return NoContent();
    }

+    private IActionResult EmailDeliveryUnavailable(string detail)
+    {
+        return Problem(statusCode: StatusCodes.Status503ServiceUnavailable, title: "Email delivery unavailable", detail: detail);
+    }
+
    private static string? TrimOrNull(string? value)
    {
        return string.IsNullOrWhiteSpace(value) ? null : value.Trim();