/// <summary> /// Change the specified user account password. /// </summary> /// <param name="jsonPasswordChangeRequest">The password change details.</param> /// <returns></returns> private HttpResponseMessage ChangePasswordSoftwarePlatform(JsonPasswordChangeRequest jsonPasswordChangeRequest) { using (new SecurityBypassContext()) { try { UserAccountValidator.Authenticate(jsonPasswordChangeRequest.Username, jsonPasswordChangeRequest.OldPassword, jsonPasswordChangeRequest.Tenant, true, true); } catch (ArgumentException ex) { throw new InvalidCredentialException("Invalid user name, password or tenant", ex); } RequestContext context = ReadiNow.IO.RequestContext.GetContext(); UserAccount account = ReadiNow.Model.Entity.Get <UserAccount>(context.Identity.Id, true); // Can only change the password via this method if the password is already expired. if (account == null || !UserAccountValidator.HasAccountPasswordExpired(account)) { throw new InvalidCredentialException("Invalid user name, password or tenant"); } account.Password = jsonPasswordChangeRequest.NewPassword; account.Save(); } return(new HttpResponseMessage(HttpStatusCode.OK)); }
public HttpResponseMessage ChangePasswordSoftwarePlatform_Post([FromBody] JsonPasswordChangeRequest jsonPasswordChangeRequest) { return(ChangePasswordSoftwarePlatform(jsonPasswordChangeRequest)); }