Forgot password

Shogi.UI/Identity/CookieAuthenticationStateProvider.cs

@@ -1,6 +1,7 @@
 namespace Shogi.UI.Identity;
 
 using Microsoft.AspNetCore.Components.Authorization;
+using System.Net.Http;
 using System.Net.Http.Json;
 using System.Security.Claims;
 using System.Text;
@@ -235,6 +236,38 @@ public class CookieAuthenticationStateProvider : AuthenticationStateProvider, IA
 		return _authenticated;
 	}
 
+	/// <summary>
+	/// Ask for an email to be sent which contains a reset code. This reset code is used during <see cref="ChangePassword"/>
+	/// </summary>
+	/// <remarks>Do not surface errors from this to users which may tell bad actors if emails do or do not exist in the system.</remarks>
+	public async Task<HttpResponseMessage> RequestPasswordReset(string email)
+	{
+		return await _httpClient.PostAsJsonAsync("forgotPassword", new { email });
+	}
+
+	public async Task<FormResult> ChangePassword(string email, string resetCode, string newPassword)
+	{
+		var body = new
+		{
+			email,
+			resetCode,
+			newPassword
+		};
+		var response = await _httpClient.PostAsJsonAsync("resetPassword", body);
+		if (response.IsSuccessStatusCode)
+		{
+			return new FormResult { Succeeded = true };
+		}
+		else
+		{
+			return new FormResult
+			{
+				Succeeded = false,
+				ErrorList = [await response.Content.ReadAsStringAsync()]
+			};
+		}
+	}
+
 	public class RoleClaim
 	{
 		public string? Issuer { get; set; }