Example #1
0
        public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordUserDto changePasswordUserDto)
        {
            var userId             = User.GetUserId();
            var userEmail          = User.GetUserEmail();
            var userBrowser        = changePasswordUserDto.Browser;
            var userBrowserVersion = changePasswordUserDto.BrowserVersion;

            var changePasswordResult = await _changePasswordService.ChangePassword(changePasswordUserDto, userId);

            if (changePasswordResult != null && changePasswordResult.Succeeded)
            {
                await _changePasswordService.SendPasswordChangeInformation(userEmail, userBrowser, userBrowserVersion);

                _logger.LogInformation($"User with id: {userId} changed password");
                return(NoContent());
            }
            _logger.LogInformation($"Ivalid password change as a user with id: {userId}");
            return(BadRequest());
        }
        public async Task <IActionResult> OnPostAsync()
        {
            await GetPasswordHint();

            PasswordStrength passwordStrength = (PasswordStrength)AccountPolicyAdapterModel.PasswordComplexity;

            ClaimsPrincipal claimsPrincipal = HttpContextAccessor.HttpContext.User;

            if (claimsPrincipal.Identity.IsAuthenticated == false)
            {
                Msg = "無法變更密碼,請先進行帳號密碼身分驗證程序";
                return(Page());
            }
            else if (NewPassword != AgainPassword)
            {
                Msg = "請確認兩次輸入的密碼都是相同的";
                return(Page());
            }
            else
            {
                var inputPasswordStrength = PasswordCheck.GetPasswordStrength(NewPassword);
                if (passwordStrength > inputPasswordStrength)
                {
                    Msg = "密碼強度不足,請輸入符合密碼政策的密碼";
                    return(Page());
                }
                var userId = Convert.ToInt32(claimsPrincipal.FindFirst(ClaimTypes.Sid)?.Value);
                var myUser = await myUserService.GetAsync(userId);

                if (myUser.Status == false)
                {
                    #region 使用者已經被停用,無法變更密碼
                    Msg = $"使用者 {myUser.Account} 已經被停用,無法變更密碼";
                    await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
                    {
                        Message    = Msg,
                        Category   = LogCategories.User,
                        Content    = "",
                        LogLevel   = LogLevels.Information,
                        Updatetime = DateTime.Now,
                        IP         = HttpContextAccessor.GetConnectionIP(),
                    });

                    logger.LogInformation($"{Msg}");
                    return(Page());

                    #endregion
                }
                Msg = await changePasswordService.CheckWetherCanChangePassword(myUser, NewPassword);

                if (string.IsNullOrEmpty(Msg) == false)
                {
                    return(Page());
                }
                await changePasswordService.ChangePassword(myUser, NewPassword,
                                                           HttpContextAccessor.GetConnectionIP());

                Msg = $"使用者 {myUser.Account} / {myUser.Name} " +
                      $"已經變更密碼 {DateTime.Now}";
                await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
                {
                    Message    = Msg,
                    Category   = LogCategories.User,
                    Content    = "",
                    LogLevel   = LogLevels.Information,
                    Updatetime = DateTime.Now,
                    IP         = HttpContextAccessor.GetConnectionIP(),
                });

                logger.LogInformation($"{Msg}");
            }

            string returnUrl = Url.Content("~/");
            return(LocalRedirect(returnUrl));
        }