Ejemplo n.º 1
0
        /// <summary>
        /// Changes a user's password. Allows an admin to resets a user's password without a current password.
        /// </summary>
        /// <param name="userName">Username of the user.</param>
        /// <param name="newPassword">The new password.</param>
        /// <returns>The change password result.</returns>
        public async Task <ChangePasswordResult> ResetPassword(string userName, string newPassword)
        {
            var strongPassword = IsStrongPassword(newPassword);
            var result         = new ChangePasswordResult();

            if (!strongPassword)
            {
                result.PasswordNotStrong = true;
                return(result);
            }

            var user = await GetUser(userName, false);

            var passwordCheckHash = PasswordHash.CreateHashSameSalt(user.PasswordHash, newPassword);

            user.PasswordHash       = PasswordHash.CreateHash(newPassword);
            user.PasswordHistory   += $"\n{passwordCheckHash}";
            user.LastLogin          = DateTime.Now;
            user.FailedLoginCount   = 0;
            user.MustChangePassword = false;

            await _userData.UpdateAsync(user);

            result.User = user;
            _adminLogService.LogNeutral($"Password reset for {user.UserName} succeeded.", LogCategory.Security);

            return(result);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Changes a user's password.
        /// </summary>
        /// <param name="userName">Username of the user.</param>
        /// <param name="currentPassword">The current password.</param>
        /// <param name="newPassword">The new password.</param>
        /// <returns>The change password result.</returns>
        public async Task <ChangePasswordResult> ChangePassword(string userName, string currentPassword, string newPassword)
        {
            var result = new ChangePasswordResult(await Authenticate(userName, currentPassword));

            if (!(result.Success || result.MustChangePassword))
            {
                _adminLogService.LogElevated($"Password change for {userName} rejected (invalid password).", LogCategory.Security);
                return(new ChangePasswordResult(result));
            }

            var strongPassword = IsStrongPassword(newPassword);

            if (!strongPassword)
            {
                result.PasswordNotStrong = true;
                return(result);
            }

            var user = await GetUser(userName, false);

            var passwordHistory   = (user.PasswordHistory ?? "").Split('\n');
            var passwordCheckHash = PasswordHash.CreateHashSameSalt(user.PasswordHash, newPassword);

            if (passwordHistory.Any(s => s == passwordCheckHash))
            {
                _adminLogService.LogElevated($"Password change for {userName} rejected (password used previously).", LogCategory.Security);
                return(new ChangePasswordResult {
                    PasswordUsedPreviously = true
                });
            }

            user.PasswordHash       = PasswordHash.CreateHash(newPassword);
            user.PasswordHistory   += $"\n{passwordCheckHash}";
            user.LastLogin          = DateTime.Now;
            user.FailedLoginCount   = 0;
            user.MustChangePassword = false;

            await _userData.UpdateAsync(user);

            _adminLogService.LogNeutral($"Password change for {user.UserName} succeeded.", LogCategory.Security);

            return(new ChangePasswordResult
            {
                User = user
            });
        }