public async Task <PasswordChangeResult> ChangeAsync(int CompanyId, int LoginUserId, string OldPassword, string NewPassword, CancellationToken token = default(CancellationToken))
{
var policy = await passwordPolicyProcessor.GetAsync(CompanyId, token);
var oldHash = hashAlgorithm.Compute(policy.Convert(OldPassword));
var password = await loginUserPasswordQueryProcessor.GetAsync(CompanyId, LoginUserId, token);
if (password.PasswordHash != oldHash)
{
return(PasswordChangeResult.Failed);
}
var newHash = hashAlgorithm.Compute(policy.Convert(NewPassword));
if (policy.HistoryCount > 0)
{
if (!password.Validate(newHash, policy.HistoryCount))
{
return(PasswordChangeResult.ProhibitionSamePassword);
}
}
var type = typeof(LoginUserPassword);
for (var i = 9; i > 0; i--)
{
var nextHash = type.GetProperty($"PasswordHash{i}");
var prevHash = type.GetProperty($"PasswordHash{(i - 1)}");
var nextValue = policy.HistoryCount <= i
? string.Empty
: prevHash.GetValue(password);
nextHash.SetValue(password, nextValue);
}
if (policy.HistoryCount > 0)
{
password.PasswordHash0 = password.PasswordHash;
}
else
{
password.PasswordHash0 = string.Empty;
}
password.PasswordHash = newHash;
await addLoginUserPasswordQueryProcessor.SaveAsync(password, token);
return(PasswordChangeResult.Success);
}
private async Task InitializeLoginUserPasswordAsync(CompanySource source, LoginUser loginUser, CancellationToken token)
{
var hash = hashAlgorithm.Compute(source.PasswordPolicy.Convert("password"));
var password = new LoginUserPassword
{
LoginUserId = loginUser.Id,
PasswordHash = hash,
};
await addLoginUserPasswordQueryProcessor.SaveAsync(password);
}
