public async Task <IActionResult> ChangePassword([FromBody] Authenticate user)
{
if (user == null)
{
return(BadRequest(StaticVar.MessageNotFound));
}
//get user from DB
UserTest dbUser = await _serviceUserTest.GetByIDAsync(user.Code).ConfigureAwait(false);
if (dbUser == null)
{
return(BadRequest(StaticVar.MessageNotFound));
}
//kiểm tra password cũ có đúng không
if (CustomPasswordHasher.VerifyPassword(dbUser.Password, user.OldPassword))
{
var passwordHashed = CustomPasswordHasher.HashPassword(user.Password);
//đúng thì cho đổi password
BsonDocument objBSON = new BsonDocument
{
{ "Password", passwordHashed }
};
await _serviceUserTest.UpdateCustomizeFieldByIdAsync(dbUser.Id, objBSON);
return(Ok("Đổi password thành công"));
}
else
{
//sai thì báo lỗi
return(BadRequest("User hoặc mật khẩu cũ không hợp lệ"));
}
}
public async Task <ServiceResponse <GetUserDto> > AuthenticateUser(AuthenticateUserDto authUser)
{
ServiceResponse <GetUserDto> serviceResponse = new ServiceResponse <GetUserDto>();
try
{
User user = await(from u in _context.Users
where u.Name == authUser.Email
select u).FirstOrDefaultAsync();
//if (user == null || !BC.Verify(authUser.Password, user.Password))
if (user == null || !customPasswordHasher.VerifyPassword(user.PasswordHash, authUser.Password))
{
serviceResponse.Data = null;
serviceResponse.Success = false;
serviceResponse.Message = "Wrong user and/or password";
}
else
{
serviceResponse.Data = _mapper.Map <GetUserDto>(user);
serviceResponse.Message = "JWT Token goes here!";
}
}
catch (System.Exception ex)
{
serviceResponse.Success = false;
serviceResponse.Message = ex.Message;
}
return(serviceResponse);
}
//!customPasswordHasher.VerifyPassword(user.PasswordHash, authUser.Password)
private bool VerifyPasswordHash(string password, string hash)
{
if (!customPasswordHasher.VerifyPassword(hash, password))
{
return(false);
}
else
{
return(true);
}
}
private async Task <string> LoginUser(string userID, string clearPassword)
{
if (string.IsNullOrEmpty(clearPassword))
{
clearPassword = string.Empty;
}
UserTest user = await _serviceUserTest.GetByIDAsync(userID).ConfigureAwait(false);// lstUser.SingleOrDefault(x => x.Code == userID);
//Xác thực User, nếu chưa đăng ký thì trả về false
if (user == null || !CustomPasswordHasher.VerifyPassword(user.Password, clearPassword))
{
return(string.Empty);
}
return(GenerateToken(user));
}
public async Task <ActionResult> Index(UserLoginModel userLoginModel)
{
if (ModelState.IsValid)
{
var user = await db.ApplicationUsers
.AsNoTracking()
.Where(a => a.UserName.ToUpper() == userLoginModel.UserName.ToUpper())
.FirstOrDefaultAsync()
.ConfigureAwait(false);
if (user == null)
{
ModelState.AddModelError(string.Empty, "Invalid User.");
return(View(userLoginModel));
}
CustomPasswordHasher customPasswordHasher = new CustomPasswordHasher();
if (!customPasswordHasher.VerifyPassword(user.Password, userLoginModel.Password))
{
ModelState.AddModelError(string.Empty, "Invalid Password.");
return(View(userLoginModel));
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.UserName),
new Claim("FullName", user.FullName)
};
var claimsIdentity = new ClaimsIdentity(claims, "ApplicationCookie");
var context = Request.GetOwinContext();
var authManager = context.Authentication;
authManager.SignIn(new AuthenticationProperties {
IsPersistent = false
}, claimsIdentity);
return(RedirectToAction("Index", "Home"));
}
return(View(userLoginModel));
}
