/// <summary> /// Update a manager's password to a new value. /// </summary> /// <param name="managerId">Manager ID</param> /// <param name="newPassword">New password (clear-text)</param> /// <returns></returns> public async Task UpdatePassword(string managerId, string newPassword) { // Lookup manager information so that we have access to the salt. var manager = await _database.GetManagerById(managerId); // Create a new password hash using the original manager salt. var newPasswordInfo = _password.CreatePassword(newPassword); // Save the new password. await _database.ManagerUpdatePassword(manager.Id, newPasswordInfo.HashedPassword, newPasswordInfo.Salt); // Deactivate all previous manager sessions (force logout). await _database.ManagerDeactivateSessions(manager.Id); }