public ActionResult ChangePassword(PasswordChanger pwdToChange)
{
if (ModelState.IsValid)
{
string userName = HttpContext.User.Identity.Name.ToString().Substring(2);
Person target = libRepo.LibrarianRepo.ListWhere(librarian => librarian.UserName == userName).SingleOrDefault();
if (target == null)
target = libRepo.MemberRepo.ListWhere(member => member.UserName == userName).SingleOrDefault();
if (Crypto.VerifyHashedPassword(target.Password, pwdToChange.oldPassword))
{
if (pwdToChange.isEqualPassword())
{
target.Password = Crypto.HashPassword(pwdToChange.newPassword);
if (target.Identify().StartsWith("Librarian"))
libRepo.LibrarianRepo.Update((Librarian)target);
else
libRepo.MemberRepo.Update((Member)target);
libRepo.Save();
TempData["SuccessNoti"] = "Change password successfully.";
return RedirectToAction("Index");
}
else
{
TempData["ErrorNoti"] = "New password and confirm password is not match.";
return View();
}
}
else
{
TempData["ErrorNoti"] = "Your current password information is incorrect.";
return View();
}
}
return View();
}
public ActionResult ResetPassword(string userName,PasswordChanger pwdToChange)
{
ModelState.Remove("oldPassword");
TempData["UserName"] = userName;
TempData["Token"] = pwdToChange.oldPassword;
if (ModelState.IsValid)
{
Person userToRecover = libRepo.MemberRepo.ListWhere(target => target.Password == pwdToChange.oldPassword
&& target.UserName == userName).SingleOrDefault();
if(userToRecover == null)
userToRecover = libRepo.LibrarianRepo.ListWhere(target => target.Password == pwdToChange.oldPassword
&& target.UserName == userName).SingleOrDefault();
if (userToRecover == null)
{
TempData["ErrorNoti"] = "Oops! Something went wrong.";
return RedirectToAction("Login");
}
if (pwdToChange.isEqualPassword())
{
try
{
userToRecover.Password = Crypto.HashPassword(pwdToChange.newPassword);
if (userToRecover.Identify().StartsWith("Member"))
{
libRepo.MemberRepo.Update((Member)userToRecover);
}
else
libRepo.LibrarianRepo.Update((Librarian)userToRecover);
libRepo.Save();
TempData["SuccessNoti"] = "Reset password successfully.";
return RedirectToAction("Login");
}
catch (Exception)
{
TempData["ErrorNoti"] = "Oops! Something went wrong.";
return RedirectToAction("Login");
}
}
else
{
TempData["ErrorNoti"] = "Password did not match.";
return View();
}
}
else
{
TempData["ErrorNoti"] = "Please fill in the blank of password and comfirm password.";
return View();
}
}