public ActionResult <UserDto> UpdatePassword(UserUpdateDto user)
{
var userId = _userHelper.GetUserId(HttpContext);
if (!_userHelper.MatchingUsers(HttpContext, userId))
{
return(Unauthorized());
}
var passwordHash = _userHelper.HashPassword(user.Password);
_userRepository.UpdatePasswordHash(userId, passwordHash);
return(_userRepository.GetUser(userId));
}
public ActionResult <UserDto> UpdateEmail(UserUpdateDto user)
{
var userId = _userHelper.GetUserId(HttpContext);
if (!_userHelper.MatchingUsers(HttpContext, userId))
{
return(Unauthorized());
}
if (_userRepository.UserExists(user.Email))
{
return(BadRequest($"Email {user.Email} is already in use."));
}
var currentUser = _userRepository.GetUser(userId);
currentUser.Email = user.Email;
_userRepository.Update(currentUser);
return(_userRepository.GetUser(userId));
}
