public async Task <IActionResult> NewPassword(UserNewPasswordDto userNewPasswordDto)
{
if (ModelState.IsValid && userNewPasswordDto.Id != Guid.Empty && userNewPasswordDto.NewPassword.Equals(userNewPasswordDto.NewPasswordConfirm))
{
var user = await _userManager.FindByIdAsync(userNewPasswordDto.Id.ToString());
if (user != null)
{
var _passwordValidator = HttpContext
.RequestServices.GetService(typeof(IPasswordValidator <User>)) as IPasswordValidator <User>;
var _passwordHasher =
HttpContext.RequestServices.GetService(typeof(IPasswordHasher <User>)) as IPasswordHasher <User>;
IdentityResult result =
await _passwordValidator.ValidateAsync(_userManager, user, userNewPasswordDto.NewPassword);
if (result.Succeeded)
{
user.PasswordHash = _passwordHasher.HashPassword(user, userNewPasswordDto.NewPassword);
await _userManager.UpdateAsync(user);
await _emailService.SendAsync(ChangePasswordSettings.subject,
ChangePasswordSettings.GetMessage(userNewPasswordDto.Email,
userNewPasswordDto.NewPassword), userNewPasswordDto.Email);
return(RedirectToAction("Authenticate", "Account"));
}
else
{
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
}
else
{
ModelState.AddModelError(string.Empty, "Користувач незнайдений");
}
}
else
{
return(Content("Model state isn't valid"));
}
return(View(userNewPasswordDto));
}
private async Task SavePasswordAsync(object parameter)
{
PasswordBox[] passwords = parameter as PasswordBox[];
if (passwords == null || passwords.Length != 3)
{
throw new ArgumentException();
}
string oldClearTextPassword = passwords[0].Password;
string newPassword = passwords[1].Password;
string newPasswordConfirmed = passwords[2].Password;
string message;
if (!_validator.ValidatePassword(newPassword, out message) && !_validator.ValidatePasswordConfirmation(newPassword, newPasswordConfirmed, out message))
{
Error = message;
return;
}
CustomIdentity identity = await _loginService.GetUserAsync(_username, oldClearTextPassword);
if (identity == null)
{
Error = "Nieprawidłowe hasło dla użytkownika " + _username;
return;
}
UserNewPasswordDto dto = new UserNewPasswordDto()
{
Username = _username,
Password = oldClearTextPassword,
NewPassword = newPassword
};
try
{
await _profileProxy.ChangeUserPasswordAsync(dto);
MessageBox.Show("Nowe hasło zostało pomyślnie zapisane.", "Hasło zmienione");
}
catch (Exception)
{
MessageBox.Show("Wystąpił błąd podczas zmiany hasła. Hasło nie zostało zmienione", "Błąd");
}
Close();
}
public IHttpActionResult ChangeUserPassword(UserNewPasswordDto dto)
{
IRegisterUser register = new UserRegister();
User newUser = register.GetNewUser(dto.Username, dto.NewPassword);
using (var context = _provider.GetNewContext())
{
using (var transaction = new TransactionScope())
{
User user = context.Users.FirstOrDefault(u => u.Username.Equals(dto.Username));
if (user == null)
{
return(NotFound());
}
user.Salt = newUser.Salt;
user.HashedPassword = newUser.HashedPassword;
context.SaveChanges();
transaction.Complete();
}
}
return(Ok(true));
}
public async Task <ActionResult <UserNewPasswordDto> > UpdatePassword([FromQuery(Name = "resetToken")] string resetToken, [FromBody] UserNewPasswordDto userNewPassword)
{
var handler = new JwtSecurityTokenHandler();
var tokenRead = handler.ReadJwtToken(resetToken);
var tkRead = tokenRead.Claims.ToList();
var email = tkRead.Where(s => s.Type == "email").Select(c => c.Value).FirstOrDefault();
byte[] passwordHash, passwordSalt;
CreatePasswordHash(userNewPassword.Password, out passwordHash, out passwordSalt);
Usuario usuario = await _context.Usuarios.FirstOrDefaultAsync(x => x.Email.Equals(email));
usuario.PasswordHash = passwordHash;
usuario.PasswordSalt = passwordSalt;
List <Usuario> usuarios = new List <Usuario>();
usuarios.Add(usuario);
await _context.BulkUpdateAsync <Usuario>(usuarios);
return(Ok());
}
public async Task ChangeUserPasswordAsync(UserNewPasswordDto dto)
{
await Post <UserNewPasswordDto, bool>("changePassword", dto);
}
