public IResult ChangePassword(int userId, string currentPassword, string newPassword)
{
var errorResult = BusinessEngine.Run(
CheckIfPasswordDoesNotContainVarietyOfCharacters(newPassword)
);
if (errorResult != null)
{
return(new ErrorResult(errorResult.Message));
}
var user = _userService.GetById(userId).Data;
//if (user == null) {
// return new ErrorResult(Messages.UserNotFound);
//}
if (!HashingTool.VerifyPasswordHash(currentPassword, user.PasswordHash, user.PasswordSalt))
{
return(new ErrorResult(Messages.WrongPassword));
}
byte[] passwordHash, passwordSalt;
HashingTool.HashPassword(newPassword, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
_userService.Update(user);
return(new SuccessResult(Messages.PasswordChanged));
}
//[ValidationAspect(typeof(UserLoginDtoValidator))]
public IDataResult <User> Login(UserLoginDto userLoginDto)
{
var userToCheck = _userService.GetByEmail(userLoginDto.Email).Data;
if (userToCheck == null)
{
return(new ErrorDataResult <User>(Messages.UserNotFound));
}
if (!HashingTool.VerifyPasswordHash(userLoginDto.Password, userToCheck.PasswordHash, userToCheck.PasswordSalt))
{
return(new ErrorDataResult <User>(Messages.WrongPassword));
}
return(new SuccessDataResult <User>(userToCheck, Messages.LoginSuccessful));
}
