private async Task <ActionResult <string[]> > VerifyNewAccount(NewAccount newAccount)
{
var errors = new List <string>();
Check(string.IsNullOrWhiteSpace(newAccount.AccountName), "Empty account name is not allowed");
Check(newAccount.Password.Length == 0, "Empty password is not allowed");
Check(await AccountNameIsUsed(newAccount.AccountName), "Account name has already been used");
if (errors.Any())
{
return(ActionResult <string[]> .CreateError(errors.ToArray()));
}
else
{
return(ActionResult <string[]> .CreateSuccess());
}
void Check(bool check, string error)
{
if (check)
{
errors.Add(error);
}
}
}
public Task <ActionResult <string> > UpdatePassword(string name, string newPassword)
{
lock (_lock)
{
if (!_accounts.TryGetValue(name, out var account))
{
return(Task.FromResult(ActionResult <string> .CreateError("Unknown account")));
}
account.Password = newPassword;
return(Task.FromResult(ActionResult <string> .CreateSuccess()));
}
}
public async Task <ActionResult <string> > ChangePassword(string accountName, string currentPassword, string newPassword)
{
_logger.LogInformation("Changing password for account {AccountName}", accountName);
var account = await _accountStore.GetByName(accountName);
if (account == null)
{
return(ActionResult <string> .CreateError("Account does not exist"));
}
var currentPasswordHash = PasswordHasher.Hash(currentPassword, account.PasswordSalt);
if (currentPasswordHash != account.Password)
{
return(ActionResult <string> .CreateError("Current password is invalid"));
}
var passwordHash = PasswordHasher.Hash(newPassword, account.PasswordSalt);
return(await _accountStore.UpdatePassword(accountName, passwordHash));
}
