public async Task <IActionResult> ChangePassword([FromBody] ResetPasswordViewModel model)
{
if (string.IsNullOrEmpty(model.OldPassword))
{
return(BadRequest("Old Password must be supplied for password change."));
}
if (!ModelState.IsValid)
{
return(BadRequest(model));
}
var user = await _userSvc.GetUserProfileByEmailAsync(model.Email);
if (user == null)
{
// Don't reveal that the user does not exist
return(Ok(new { message = "Password changed Successfully" }));
}
if (!await _userSvc.CheckPasswordAsync(user, model.OldPassword))
{
// Notify attempt was made - to change password failed
ActivityModel activityModel = new ActivityModel
{
UserId = user.UserId,
Date = DateTime.UtcNow,
IpAddress = _cookieSvc.GetUserIP(),
Location = _cookieSvc.GetUserCountry(),
OperatingSystem = _cookieSvc.GetUserOS(),
Type = "Profile update failed - Invalid Old Password",
Icon = "fas fa-exclamation-triangle",
Color = "warning"
};
var activityAdd = await _userSvc.AddUserActivity(activityModel);
return(BadRequest(new { message = "Invalid Old Password" }));
}
var result = await _userSvc.ChangePasswordAsync(user, model.Password);
if (result)
{
return(Ok(new { message = "Password changed Successfully" }));
}
return(BadRequest(new { message = "Password could not be Changed. Try again later" }));
}
