public static async Task ResetForAsync(string sessionToken, string email)
        {
            Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod());

            var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false)
                        ?? throw new LogicException(ErrorType.InvalidToken);

            using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext())
                  {
                      SessionToken = sessionToken
                  };
            var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active &&
                                                     e.Email.ToLower() == email.ToLower())
                           .FirstOrDefault();

            if (identity == null)
            {
                throw new LogicException(ErrorType.InvalidAccount);
            }


            identity.AccessFailedCount = 0;
            await identityCtrl.UpdateAsync(identity).ConfigureAwait(false);

            await identityCtrl.SaveChangesAsync().ConfigureAwait(false);
        }
Ejemplo n.º 2
0
        public static async Task ChangePasswordForAsync(string sessionToken, string email, string newPassword)
        {
            await Authorization.CheckAuthorizationAsync(sessionToken, MethodBase.GetCurrentMethod(), AccessType.Update).ConfigureAwait(false);

            var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false)
                        ?? throw new AuthorizationException(ErrorType.InvalidToken);

            using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext())
                  {
                      SessionToken = sessionToken
                  };
            var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.State == Contracts.Modules.Common.State.Active &&
                                                                         e.AccessFailedCount < 4 &&
                                                                         e.Email.ToLower() == email.ToLower())
                           .ConfigureAwait(false);

            if (identity == null)
            {
                throw new AuthorizationException(ErrorType.InvalidAccount);
            }

            identity.AccessFailedCount = 0;
            identity.Password          = newPassword;
            await identityCtrl.UpdateAsync(identity).ConfigureAwait(false);

            await identityCtrl.SaveChangesAsync().ConfigureAwait(false);

            if (login.Identity != null)
            {
                var(Hash, Salt) = CreatePasswordHash(newPassword);

                login.Identity.PasswordHash = Hash;
                login.Identity.PasswordSalt = Salt;
            }
        }
        public static async Task ChangePasswordAsync(string sessionToken, string oldPassword, string newPassword)
        {
            Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod());

            var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false)
                        ?? throw new LogicException(ErrorType.InvalidToken);

            using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext())
                  {
                      SessionToken = Authorization.SystemAuthorizationToken
                  };
            var identity = identityCtrl.ExecuteQueryById(login.IdentityId);

            if (identity != null)
            {
                if (ComparePasswords(identity.PasswordHash, CalculateHash(oldPassword)) == false)
                {
                    throw new LogicException(ErrorType.InvalidPassword);
                }

                identity.Password = newPassword;
                await identityCtrl.UpdateAsync(identity).ConfigureAwait(false);

                await identityCtrl.SaveChangesAsync().ConfigureAwait(false);

                if (login.Identity != null)
                {
                    login.Identity.PasswordHash = CalculateHash(newPassword);
                }
            }
        }
Ejemplo n.º 4
0
        public static async Task ChangePasswordAsync(string sessionToken, string oldPassword, string newPassword)
        {
            await Authorization.CheckAuthorizationAsync(sessionToken, MethodBase.GetCurrentMethod(), AccessType.Update).ConfigureAwait(false);

            var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false)
                        ?? throw new AuthorizationException(ErrorType.InvalidToken);

            using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext())
                  {
                      SessionToken = Authorization.SystemAuthorizationToken
                  };
            var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.Id == login.IdentityId)
                           .ConfigureAwait(false);

            if (identity != null)
            {
                if (VerifyPasswordHash(oldPassword, identity.PasswordHash, identity.PasswordSalt) == false)
                {
                    throw new AuthorizationException(ErrorType.InvalidPassword);
                }

                identity.Password = newPassword;
                await identityCtrl.UpdateAsync(identity).ConfigureAwait(false);

                await identityCtrl.SaveChangesAsync().ConfigureAwait(false);

                if (login.Identity != null)
                {
                    var(Hash, Salt) = CreatePasswordHash(newPassword);

                    login.Identity.PasswordHash = Hash;
                    login.Identity.PasswordSalt = Salt;
                }
            }
        }