public IHttpActionResult ChangePassword(int id, [FromBody] PasswordDto password)
{
try
{
var token = Request.Headers.GetValues("Authorization").First();
if (!FunctionCommon.ValidatePermission(token, id))
{
return(ResponseMessage(new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent("Not allowed.")
}));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var i = _accountService.ChangePassword(password, id);
if (i == -1)
{
return(BadRequest("Cannot found this account"));
}
else if (i == 0)
{
return(BadRequest("Old password isn't correct"));
}
return(Ok("Update password success"));
}
catch (Exception e)
{
return(InternalServerError(e));
}
}
