public async Task NewPasswordAfterForgetPassword(NewPasswordDto forgetPasswordDto, string token, string id)
{
if (forgetPasswordDto.Password == null)
{
throw new AppException("A password é de preenchimento obrigatorio!");
}
if (token == null)
{
throw new AppException("A Token não é valido!");
}
if (id == null)
{
throw new AppException("O id não é valido");
}
var user = await _userManager.FindByIdAsync(id);
if (user == null)
{
throw new AppException("Utilizador Invalido!");
}
var resetPassword = await _userManager.ResetPasswordAsync(user, token, forgetPasswordDto.Password);
if (!resetPassword.Succeeded)
{
throw new AppException("Não foi possivel efectuar o reset a sua password. \nDos dados necessarios para realizar esta operação alguns nao se encontram corretos!");
}
}
public async Task Post_Password_Should_Change_Password()
{
var jwtService = new JwtService()
{
Configuration = GuiApiTestStartup.Configuration,
Logger = new FakeLogger(),
RepositoriesFactory = null,
StringLocalizerFactory = new FakeStringLocalizerFactory()
};
var token = jwtService.GenerateMailToken(_sammyUser.UserName);
var idUser = _sammyUser.Id;
var newPasswordString = "newPassword#1234";
User myUser = null;
using (var context = new DaOAuthContext(_dbContextOptions))
{
myUser = context.Users.FirstOrDefault(u => u.Id.Equals(idUser));
}
Assert.IsNotNull(myUser);
var actualPassword = myUser.Password;
var newPasswordDto = new NewPasswordDto()
{
NewPassword = newPasswordString,
NewPasswordRepeat = newPasswordString,
Token = token.Token
};
var httpResponseMessage = await _client.PostAsJsonAsync("users/password", newPasswordDto);
Assert.IsTrue(httpResponseMessage.IsSuccessStatusCode);
using (var context = new DaOAuthContext(_dbContextOptions))
{
myUser = context.Users.FirstOrDefault(u => u.Id.Equals(idUser));
}
Assert.IsNotNull(myUser);
Assert.IsFalse(actualPassword.SequenceEqual <byte>(myUser.Password));
var encryptonService = new EncryptionService();
var newPassword = encryptonService.Sha256Hash($"{GuiApiTestStartup.Configuration.PasswordSalt}{newPasswordString}");
Assert.IsTrue(newPassword.SequenceEqual <byte>(myUser.Password));
}
public bool ChangePassword(NewPasswordDto newPassword)
{
var user = new User
{
UserId = newPassword.UserID,
Name = newPassword.Name,
Surname = newPassword.Surname,
Password = Hash.GetHash(newPassword.Password)
};
DeleteWorker(newPassword.UserID);
_context.Users.Add(user);
_context.SaveChanges();
return(false);
}
public void ChangePassword(NewPasswordDto dto)
{
var iduser = (int)_userContextService.GetUserId;
var user = _context.Users
.Include(u => u.Role)
.FirstOrDefault(u => u.Id == iduser);
var result = _passwordHasher.VerifyHashedPassword(user, user.PasswordHash, dto.OldPassword);
if (result == PasswordVerificationResult.Failed)
{
throw new BadRequestException("Incorrect password");
}
var newhashedPassword = _passwordHasher.HashPassword(user, dto.NewPassword);
user.PasswordHash = newhashedPassword;
_context.SaveChanges();
}
public async Task <IActionResult> UpdatePassword(
[FromBody] NewPasswordDto newPasswordDto,
[FromHeader(Name = "userId")] int userId)
{
var isOldPassCorrect =
await _userDataService.CheckOldPasswordBeforeUpdateByUserIdAsync(userId,
newPasswordDto.OldPassword);
if (isOldPassCorrect)
{
await _userDataUpdateService.UpdatePasswordByIdAsync(userId,
newPasswordDto.NewPassword);
return(Ok());
}
return(UnprocessableEntity("PREVIOUS PASSWORD IS NOT CORRECT"));
}
public IActionResult ChangeClientPassword(int clientId, NewPasswordDto newPassword)
{
try
{
var client = _context.Clients.FirstOrDefault(x => x.Id == clientId);
if (client == null)
{
return(new NotFoundResult());
}
if (client.Password != Hash.GetHash(newPassword.OldPassword))
{
return(new BadRequestResult());
}
client.Password = Hash.GetHash(newPassword.NewPassword);
_context.Clients.Update(client);
_context.SaveChanges();
return(new OkResult());
}
catch (System.Exception)
{
return(new StatusCodeResult(StatusCodes.Status500InternalServerError));
}
}
public void SetNewUserPassword(NewPasswordDto infos)
{
Logger.LogInformation($"Define a new password using JWT token {infos.Token}");
Validate(infos);
var local = this.GetErrorStringLocalizer();
var tokenInfos = JwtService.ExtractMailToken(infos.Token);
if (!tokenInfos.IsValid)
{
throw new DaOAuthServiceException(local["SetNewUserPasswordInvalidToken"]);
}
if (!infos.NewPassword.IsMatchPasswordPolicy())
{
throw new DaOAuthServiceException(local["SetNewUserPasswordNewPasswordDontMatchPolicy"]);
}
if (!infos.NewPassword.Equals(infos.NewPasswordRepeat, StringComparison.Ordinal))
{
throw new DaOAuthServiceException(local["SetNewUserPasswordDifferentsNewPasswords"]);
}
using (var context = RepositoriesFactory.CreateContext())
{
var userRepo = RepositoriesFactory.GetUserRepository(context);
var user = userRepo.GetByUserName(tokenInfos.UserName);
user.Password = EncryptionService.Sha256Hash(String.Concat(Configuration.PasswordSalt, infos.NewPassword));
userRepo.Update(user);
context.Commit();
}
}
public async Task <IActionResult> NewPasswordFromForgetPassword([FromQuery] string token, [FromQuery] string id, [FromBody] NewPasswordDto newPasswordDto)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState.Values.SelectMany(v => v.Errors).Select(modelError => modelError.ErrorMessage).ToList()));
}
await _authService.NewPasswordAfterForgetPassword(newPasswordDto, token, id);
return(Ok(new { message = "Password Alterada Com sucesso!" }));
}
catch (AppException ex)
{
return(BadRequest(new { message = ex.Message }));
}
}
public IActionResult SetNewPassword(NewPasswordDto model)
{
_service.SetNewUserPassword(model);
return(Ok());
}
public bool ChangePassword(NewPasswordDto newPassword)
{
return(userService.ChangePassword(newPassword));
}
public ActionResult ChangePassword([FromBody] NewPasswordDto dto)
{
_accountService.ChangePassword(dto);
return(Ok());
}
public IActionResult ChangeClientPassword(int clientId, NewPasswordDto newPassword)
{
return(clientsService.ChangeClientPassword(clientId, newPassword));
}
