Ejemplo n.º 1
0
        public Result ChangePassword(int userID, string currentPassword, string newPassword)
        {
            if (string.IsNullOrEmpty(currentPassword) || string.IsNullOrEmpty(newPassword))
            {
                return(new Result(false, "Bad request received."));
            }

            var passwordResult = _accountAccessor.GetUserPassword(userID);

            if (!passwordResult.IsSuccess)
            {
                return(new Result(false, "User not found."));
            }

            var password       = passwordResult.Payload;
            var hashedPassword = _encryptionService.CreatePasswordHash(currentPassword, password.PasswordSalt);

            if (hashedPassword == password.Password)
            {
                var newSaltKey        = _encryptionService.CreateSaltKey(Convert.ToInt32(_configuration["PasswordSaltLength"]));
                var newHashedPassword = _encryptionService.CreatePasswordHash(newPassword, newSaltKey);
                _accountAccessor.ChangePassword(userID, newHashedPassword, newSaltKey);
                return(new Result(true));
            }
            else
            {
                return(new Result(false, "Current password was incorrect."));
            }
        }
Ejemplo n.º 2
0
        public Result ChangePassword(ChangePasswordRequest request)
        {
            var user = _accountAccessor.FindUserByEmail(request.Email);

            if (!user.IsSuccess)
            {
                return(new Result(false, "Invalid request received."));
            }

            var saltKey        = _encryptionService.CreateSaltKey(Convert.ToInt32(_configuration["PasswordSaltLength"]));
            var hashedPassword = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey);

            _accountAccessor.ChangePassword(user.Payload.UserID, hashedPassword, saltKey);
            return(new Result(true));
        }