public async Task <IHttpActionResult> PutPassword(string id, AppUserDTOPassword user) { if (!id.Equals(user.Id)) { logger.Info("Id does not match, put Password, account controller"); return(BadRequest("Id not match")); } logger.Info("Accessing user service for password update, account controller, put password"); AppUserDTOOutPass appUserPassChanged = await service.UpdatePassword(id, user); return(Ok(appUserPassChanged)); }
public async Task <AppUserDTOOutPass> UpdatePassword(string id, AppUserDTOPassword userPass) { logger.Info($"Accessing db over auth repo, find user by id {id}, user service, update password"); AppUser user = await db.AuthRepository.FindUserById(id); if (user == null) { logger.Info("Throwing an user not found exception, no user found update password, user service"); throw new UserNotFoundException($"User with ID {id} does not exists."); } logger.Info($"User with username {user.UserName} trying to change password, hashing of new password"); string newPassHashed = Utilities.HashPass.HashedPassword(userPass.NewPassword); if (Utilities.HashPass.VerifyHashedPassword(user.PasswordHash, userPass.OldPassword)) { user.PasswordHash = newPassHashed; } else { logger.Info("Wrong old password, update password, user service"); throw new BadRequestException("Wrong password"); } logger.Info($"Updating user {user.UserName} with new password, update password, user service"); var result = await db.AuthRepository.UpdateUser(user); if (!result.Succeeded) { logger.Info("Update has failed, result not succeeded, user service"); return(null); } logger.Info("Getting updated user with auth repository"); var userUpdated = await db.AuthRepository.FindUserById(user.Id); logger.Info("Converting user to AppUser dto"); AppUserDTOOutPass userDTO = Utilities.ConverterDTO.SimpleDTOConverter <AppUserDTOOutPass>(userUpdated); return(userDTO); }