public async Task <ResBase> ChangePassword(string username, IMUser.ChangePassword input)
{
// get user
var tbuUser = await _repoUser.GetOne(username);
if (tbuUser == null)
{
return(new ResBase($"user {username} not found"));
}
// validate user's old password
if (!_utlPasswordHasher.ValidatePassword(input.oldPassword, tbuUser.password))
{
return(new ResBase($"old password is incorrect"));
}
// edit header
tbuUser.password = _utlPasswordHasher.HashPassword(input.newPassword);
tbuUser.md_password = now;
try {
// update user
_repoUser.Update(tbuUser);
// commit
await _unitOfWork.Commit();
return(new ResBase());
}
catch (Exception ex) {
return(new ResBase($"Server errror: {ex.Message}"));
}
}
// this is used to validate your user account with provided grant at /connect/token
public async Task ValidateAsync(ResourceOwnerPasswordValidationContext input)
{
try {
// get your user model from db (by username - in my case its email)
var repoUser = await _repoUser.GetOne(input.UserName);
if (repoUser != null)
{
// check if password match - remember to hash password if stored as hash in db
if (_utlPasswordHasher.ValidatePassword(input.Password, repoUser.password))
{
// set the result
input.Result = new GrantValidationResult(
subject: repoUser.username.ToString(),
authenticationMethod: "custom",
claims: GetUserClaims(repoUser.user_detail));
return;
}
input.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Incorrect password");
return;
}
input.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "User does not exist.");
return;
}
catch (Exception ex) {
input.Result = new GrantValidationResult(TokenRequestErrors.InvalidGrant, "Invalid username or password");
Log.Error($"Err: {ex.Message}");
}
}