public async Task <IActionResult> ChangePasswordAsync([FromBody] ChangePasswordBindingModel collection) { Log.Debug($"ChangePassword => {JsonConvert.SerializeObject(collection)}"); try { if (string.IsNullOrEmpty(collection?.Password) || string.IsNullOrEmpty(collection.NewPassword) || string.IsNullOrEmpty(collection.ConfirmPassword)) { return(BadRequest(_localizer[DataTransferer.DefectivePassword().Message])); } if (collection.NewPassword != collection.ConfirmPassword) { return(BadRequest(_localizer[DataTransferer.PasswordsMissmatch().Message])); } var account = await _accountService.FirstAsync(new AccountGetFirstSchema { Id = CurrentAccount.Id }).ConfigureAwait(true); if (account == null) { return(BadRequest(_localizer[DataTransferer.UserNotFound().Message])); } if (_cryptograph.IsEqual(collection.Password, account.Password)) { await _accountService.UpdateAsync(new AccountUpdateSchema { Id = account.Id.Value, Password = _cryptograph.RNG(collection.NewPassword) }).ConfigureAwait(false); return(Ok(_localizer[DataTransferer.PasswordChanged().Message])); } else { return(Unauthorized(_localizer[DataTransferer.WrongPassword().Message])); } } catch (Exception ex) { Log.Error(ex, ex.Source); return(Problem(_localizer[DataTransferer.SomethingWentWrong().Message])); } }
public async Task <IServiceResult> SigninAsync(SigninBindingModel signinModel) { var now = DateTime.UtcNow; using (var transaction = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled)) { try { var query = new AccountProfileGetFirstSchema { LinkedId = signinModel.Username //StatusId = Status.Active }; if (signinModel.Username.IsPhoneNumber()) { query.TypeId = AccountProfileType.Phone.ToInt(); } else if (new EmailAddressAttribute().IsValid(signinModel.Username)) { query.TypeId = AccountProfileType.Email.ToInt(); } else { return(DataTransferer.InvalidEmailOrCellPhone()); } var accountProfile = await _accountProfileService.FirstAsync(query).ConfigureAwait(true); if (accountProfile == null) { if (query.TypeId == AccountProfileType.Phone.ToInt()) { return(DataTransferer.PhoneNotFound()); } else { return(DataTransferer.EmailNotFound()); } } var account = await FirstAsync(new AccountGetFirstSchema { Id = accountProfile.AccountId, StatusId = Status.Active.ToInt() }).ConfigureAwait(true); if (account == null) { return(DataTransferer.UserIsNotActive()); } var deviceId = 0; // check password if (_cryptograph.IsEqual(signinModel.Password, account.Password)) { var accountDeviceQuery = new AccountDeviceGetFirstSchema { AccountId = account.Id, DeviceId = signinModel.DeviceId }; var accountDevice = await _accountDeviceService.FirstAsync(accountDeviceQuery); // todo: check the accountDevice if (accountDevice != null) { deviceId = accountDevice.Id.Value; // set new token await _accountDeviceService.UpdateAsync(new AccountDeviceUpdateSchema { Id = accountDevice.Id.Value, }); } else { // create new device for account deviceId = await _accountDeviceService.AddAsync(new AccountDeviceAddSchema { AccountId = account.Id, DeviceId = signinModel.DeviceId, DeviceName = signinModel.DeviceName, DeviceType = signinModel.DeviceType, CreatedAt = now, StatusId = Status.Active.ToInt() }); } } else { return(DataTransferer.WrongPassword()); } // clean forgot password tokens await _accountProfileService.CleanForgotPasswordTokensAsync(account.Id.Value); //if(accountProfilesQuery.StatusCode != 200) { // Log.Error($"Can't update 'ForgotPasswordTokens' to NULL for AccountId={account.Id}"); // return DataTransferer.SomethingWentWrong(); //} // set last signed in at var changedAccount = UpdateAsync(new AccountUpdateSchema { LastSignedinAt = now }); transaction.Complete(); var token = _jwtHandler.Bearer(new Account(account.Id.Value, deviceId, signinModel.Username, now).ToClaimsIdentity()); return(DataTransferer.Ok(token)); } catch (Exception ex) { Log.Error(ex, ex.Source); return(DataTransferer.InternalServerError()); } } }