public async Task <IActionResult> ChangePassword(int id, AccountForChangePWDTO account) { if (User.FindFirst(ClaimTypes.NameIdentifier).Value == null) { return(Unauthorized()); } if (id != int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value)) { return(Unauthorized()); } var accountFromDb = await _repo.GetUser(id); if (accountFromDb == null) { return(NotFound()); } var updatedAccount = await _repo.ChangePassword(account); if (updatedAccount == null) { return(BadRequest("Wrong old password")); } if (await _repo.SaveAll()) { return(NoContent()); } throw new Exception($"Error on updating account {id} password"); }
public async Task <Account> ChangePassword(AccountForChangePWDTO account) { var accountFromDb = await GetUser(account.Username); if (!ComparePassword(account.OldPassword, accountFromDb.PasswordHash, accountFromDb.PasswordSalt)) { return(null); } byte[] hasedPassword, passwordSalt; CreateHashedPassword(account.NewPassword, out hasedPassword, out passwordSalt); accountFromDb.PasswordHash = hasedPassword; accountFromDb.PasswordSalt = passwordSalt; await UpdateUser(accountFromDb); return(accountFromDb); }