public async Task <IHttpActionResult> PutPassword(string id, AppUserDTOPassword user)
        {
            if (!id.Equals(user.Id))
            {
                logger.Info("Id does not match, put Password, account controller");
                return(BadRequest("Id not match"));
            }

            logger.Info("Accessing user service for password update, account controller, put password");
            AppUserDTOOutPass appUserPassChanged = await service.UpdatePassword(id, user);

            return(Ok(appUserPassChanged));
        }
Exemple #2
0
        public async Task <AppUserDTOOutPass> UpdatePassword(string id, AppUserDTOPassword userPass)
        {
            logger.Info($"Accessing db over auth repo, find user by id {id}, user service, update password");
            AppUser user = await db.AuthRepository.FindUserById(id);

            if (user == null)
            {
                logger.Info("Throwing an user not found exception, no user found update password, user service");
                throw new UserNotFoundException($"User with ID {id} does not exists.");
            }

            logger.Info($"User with username {user.UserName} trying to change password, hashing of new password");
            string newPassHashed = Utilities.HashPass.HashedPassword(userPass.NewPassword);

            if (Utilities.HashPass.VerifyHashedPassword(user.PasswordHash, userPass.OldPassword))
            {
                user.PasswordHash = newPassHashed;
            }
            else
            {
                logger.Info("Wrong old password, update password, user service");
                throw new BadRequestException("Wrong password");
            }

            logger.Info($"Updating user {user.UserName} with new password, update password, user service");
            var result = await db.AuthRepository.UpdateUser(user);

            if (!result.Succeeded)
            {
                logger.Info("Update has failed, result not succeeded, user service");
                return(null);
            }

            logger.Info("Getting updated user with auth repository");
            var userUpdated = await db.AuthRepository.FindUserById(user.Id);

            logger.Info("Converting user to AppUser dto");
            AppUserDTOOutPass userDTO = Utilities.ConverterDTO.SimpleDTOConverter <AppUserDTOOutPass>(userUpdated);

            return(userDTO);
        }