public async Task <Result <AccountDto> > ChangePasswordAsync(ChangeCurrentPasswordDto changePasswd)
{
var user = await _unitOfWork.AccountRepository.GetAccountCredentialsByEmailAsync(changePasswd.Email);
if (user == null)
{
return(Result <AccountDto> .GetError(ErrorCode.NotFound, "Account does not exist."));
}
var salt = await _unitOfWork.AccountRepository.GetAccountSaltByEmail(changePasswd.Email);
if (!string.IsNullOrEmpty(salt))
{
string checkPassword = HashPassword(changePasswd.CurrentPassword, salt);
if (user.Password == checkPassword)
{
user.Salt = GenerateSalt();
user.Password = HashPassword(changePasswd.NewPassword, user.Salt);
await _unitOfWork.CommitAsync();
return(Result <AccountDto> .GetSuccess(_mapper.Map <AccountDto>(user)));
}
else
{
return(Result <AccountDto> .GetError(ErrorCode.Conflict, "Wrong current password."));
}
}
return(Result <AccountDto> .GetError(ErrorCode.InternalServerError, "Salt for this account does not exist."));
}
public async Task <ActionResult> ChangePassword(ChangeCurrentPasswordDto changePasswd)
{
var updatedAccount = await _accountService.ChangePasswordAsync(changePasswd);
return(updatedAccount.ToActionResult());
}
public async Task ChangePasswordAsync()
{
//Arrange
var salt = GenerateSalt();
var oldPassword = "******";
var newPassword = "******";
Account account = new Account
{
Id = 5,
IsActive = true,
Email = "*****@*****.**",
Password = HashPassword(oldPassword, salt),
Salt = salt,
Role = UserRole.Mentor
};
var changePass = new ChangeCurrentPasswordDto
{
Email = "*****@*****.**",
CurrentPassword = "******",
NewPassword = newPassword,
ConfirmNewPassword = newPassword
};
AccountDto updatedAccountDto = new AccountDto
{
Id = 5,
Email = "*****@*****.**",
IsActive = true,
Role = UserRole.Mentor
};
var notExistDto = new ChangeCurrentPasswordDto
{
Email = "*****@*****.**"
};
var wrongPasswordDto = new ChangeCurrentPasswordDto
{
Email = "*****@*****.**",
CurrentPassword = "******",
NewPassword = newPassword,
ConfirmNewPassword = newPassword
};
var withoutSaltDto = new ChangeCurrentPasswordDto
{
Email = "*****@*****.**"
};
Account accountWithoutSalt = new Account
{
Id = 5,
IsActive = true,
Email = "*****@*****.**",
Password = HashPassword(oldPassword, salt),
Salt = null,
Role = UserRole.Mentor
};
_unitOfWorkMock.Setup(x => x.AccountRepository.GetAccountSaltByEmail(account.Email))
.ReturnsAsync(salt);
_unitOfWorkMock.Setup(x => x.AccountRepository.GetAccountCredentialsByEmailAsync(changePass.Email))
.ReturnsAsync(account);
_unitOfWorkMock.Setup(x => x.AccountRepository.GetAccountCredentialsByEmailAsync(accountWithoutSalt.Email))
.ReturnsAsync(accountWithoutSalt);
var accountService = new AccountService(
_unitOfWorkMock.Object,
_mapper,
_notificationServiceMock.Object);
//Act
var notExistAccount = await accountService.ChangePasswordAsync(notExistDto);
var successResult = await accountService.ChangePasswordAsync(changePass);
var wrongPassword = await accountService.ChangePasswordAsync(wrongPasswordDto);
var accWithoutSalt = await accountService.ChangePasswordAsync(withoutSaltDto);
//Assert
Assert.NotNull(notExistDto);
Assert.NotNull(successResult);
Assert.NotNull(wrongPassword);
Assert.NotNull(accWithoutSalt);
Assert.Equal(ErrorCode.NotFound, notExistAccount.Error.Code);
Assert.Equal(ErrorCode.Conflict, wrongPassword.Error.Code);
Assert.Equal(ErrorCode.InternalServerError, accWithoutSalt.Error.Code);
Assert.Equal(updatedAccountDto.Id, successResult.Data.Id);
Assert.Equal(updatedAccountDto.Email, successResult.Data.Email);
Assert.Equal(updatedAccountDto.IsActive, successResult.Data.IsActive);
Assert.Equal(updatedAccountDto.Role, successResult.Data.Role);
}
