public IHttpActionResult ChangePassword(int id, ChangePasswordDTO data)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Member member = db.Members.FirstOrDefault(m => m.ID == id);
if (member == null)
{
return(NotFound());
}
member.Password = data.NewPassword;
member.ModifiedBy = db.Members.FirstOrDefault(d => d.Email == User.Identity.Name);
member.ModifyDate = DateTime.Now;
db.SaveChanges();
return(Ok());
}
public ActionResult EditUser(UserDTO objuser)
{
objuser.CreatedBy = User.Identity.GetUserId();
ChangePasswordDTO objuserinfo = new ChangePasswordDTO {
userid = objuser.Id, FirstName = objuser.FirstName, LastName = objuser.LastName, Email = objuser.Email, MobileNumber = objuser.MobileNumber, ChageType = 3
};
CustomResponse objres = APICalls.Put("AuthenticationAPI/Put", objuserinfo);
if (objres.Status == CustomResponseStatus.Successful)
{
return(RedirectToRoute("UsersHomeRoute", new { Role = "" }));
}
else
{
ViewBag.Message = "Error While Updating User";
}
return(View());
}
public int ChangePassword(ChangePasswordDTO dto, int?userId)
{
var user = Context.Users
.Include(u => u.Person.PersonRoles)
.ThenInclude(pr => pr.Role)
.ThenInclude(r => r.ClaimRoles)
.ThenInclude(c => c.Claim)
.FirstOrDefault(u => u.Id == userId);
if (user == null)
{
throw new UnauthorizedAccessException();
}
if (!Password.Compare(user.Password, dto.Password, PasswordsPepper))
{
throw new UnauthorizedAccessException();
}
user.Password = Password.Encode(dto.NewPassword, PasswordsPepper);
return(Context.SaveChanges());
}
public bool ChangePassword(ChangePasswordDTO model)
{
try
{
var encripted_newpassword = Encrypter.Encryption(model.NewPassword, Helper.Parametro.GetValue("3DESKey"));
var encripted_actualpassword = Encrypter.Encryption(model.ActualPassword, Helper.Parametro.GetValue("3DESKey"));
var usuario = _uow.UsuarioRepository.Find(x => x.Email == model.Email && x.Contrasena == encripted_actualpassword);
usuario.TSModificado = DateTime.Now;
usuario.Contrasena = encripted_newpassword;
_uow.UsuarioRepository.Update(usuario);
_uow.UsuarioRepository.Save();
_logger.LogInformation("[Backend-Usuario] - Contraseña de Usuario <{0}>, actualizada correctamente.", model.Email);
return(true);
}
catch (Exception ex)
{
_logger.LogErrorException(ex, "[Backend-Usuario] - Ocurrió un problema al intentar actualizar clave de usuario.");
return(false);
}
}
public MembershipUser ChangePassword([FromBody] ChangePasswordDTO jsonData)
{
try
{
// Go get our user
var user = Membership.GetUser(jsonData.UserName.ToLower());
// If we found, attempt to change the password, if it fails send an error back
if (user != null && !user.ChangePassword(jsonData.OldPassword, jsonData.NewPassword))
{
throw new Exception("Password change failed");
}
return(user);
}
catch (Exception e)
{
var response = Request.CreateErrorResponse(HttpStatusCode.Conflict, e.Message);
throw new HttpResponseException(response);
}
}
public HttpResponseMessage Post(ChangePasswordDTO request)
{
HttpResponseMessage responseMessage = null;
JSendMessage json;
if (request.Password != null)
{
var token = Request.Headers.SingleOrDefault(x => x.Key == "token").Value.First();
var updated = users.ChangePassword(token, request.Password);
if (!updated)
{
responseMessage = Request.CreateResponse(HttpStatusCode.BadRequest);
}
else
{
json = new JSendMessage("success", "Your password has been successfully changed");
responseMessage = Request.CreateResponse(HttpStatusCode.OK, json);
}
}
return(responseMessage);
}
public async Task <ActionResult <bool> > ChangePassword(ChangePasswordDTO user)
{
if (user == null)
{
return(BadRequest("User not found!"));
}
var editUser = await _context.User.FindAsync(user.Username);
if (editUser == null)
{
return(NotFound("User not found!"));
}
if (!VerifyPassword(editUser.Password, user.OldPassword))
{
return(BadRequest("Wrong Old Password!"));
}
_context.Entry(editUser).State = EntityState.Modified;
editUser.Password = HashPassword(user.NewPassword);
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!UserExists(user.Username))
{
return(NotFound());
}
else
{
throw;
}
}
return(true);
}
public async Task ChangePasswordAsync(ChangePasswordDTO model)
{
var idClaim = _httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier).Value;
if (!long.TryParse(idClaim, out var ownerId))
{
throw new UnauthorizedAccessException();
}
var user = await _userRepository.GetByIdAsync(ownerId);
if (model.OldPassword.CreateMd5() != user.Password)
{
throw new ArgumentException("Wrong old password");
}
user.Password = model.NewPassword.CreateMd5();
await _emailService.SendEmailAsync(user.Email, "Password changed",
"Your password was changed. If you didn't change your password, please, contact us.");
await _userRepository.UpdateAsync(user);
}
public async Task <IActionResult> ChangePasswordAsync([FromBody] ChangePasswordDTO changePasswordDto)
{
var user = await GetCurrentUserAsync();
var verification = _userService.ConfirmUserPersonality(user, changePasswordDto.OldPassword);
if (!verification)
{
return(BadRequest("Wrong password"));
}
if (changePasswordDto.NewPassword != changePasswordDto.NewPasswordConfirmation)
{
return(BadRequest("Password doesnt match"));
}
var result = await _userManager.ChangePasswordAsync(user, changePasswordDto.OldPassword, changePasswordDto.NewPassword);
if (result.Succeeded)
{
return(Ok());
}
return(Ok(result.Errors));
}
public async Task <ResultDTO> ChangePassword(ChangePasswordDTO changePasswordDTO, ClaimsPrincipal userClaims)
{
var user = await _userManager.GetUserAsync(userClaims);
if (user == null)
{
return(new ResultDTO(false, $"User {_userManager.GetUserId(userClaims)} data not found!", null));
}
var result = await _userManager.ChangePasswordAsync(user, changePasswordDTO.OldPassword, changePasswordDTO.NewPassword);
if (!result.Succeeded)
{
var listError = new List <IdentityError>();
foreach (var error in result.Errors)
{
listError.Add(error);
}
return(new ResultDTO(false, "An error ocurred.", listError));
}
return(new ResultDTO(true, "Password was changed successfully.", null));
}
public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
using (var client = new HttpClient())
{
client.BaseAddress = new Uri("http://localhost:49884");
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
ChangePasswordDTO changePasswordModel = new ChangePasswordDTO()
{
Email = User.Identity.GetUserName(),
OldPassword = model.OldPassword,
NewPassword = model.NewPassword
};
var res = client.PostAsJsonAsync($"/api/login/resetPassword", changePasswordModel).Result;
if (res.IsSuccessStatusCode == true)
{
var ok = res.Content.ReadAsAsync <ChangePasswordViewModel>().Result;
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
return(RedirectToAction("MainPageAfterLogin", "Home", ok)); //, new { Message = ManageMessageId.ChangePasswordSuccess });
}
else
{
//AddErrors(result);
return(Content("result = null"));
}
}
}
public IActionResult ChangePassword(uint cedula, [FromBody] ChangePasswordDTO request)
{
var resultDTO = new ResultDTO
{
Succeed = false
};
if (request.NewPassword != request.NewPasswordConfirmation)
{
resultDTO.Message = "Las password introducidas no concuerdan";
return(BadRequest(resultDTO));
}
bool userExists = UserExists(cedula);
if (!userExists)
{
resultDTO.Message = $"No existe un usuario con la cedula {cedula}";
return(BadRequest(resultDTO));
}
bool isCurrentPasswordValid = _db.UsuarioRepository.IsCurrentPasswordValid(cedula, request.CurrentPassword);
if (!isCurrentPasswordValid)
{
resultDTO.Message = "La password actual no coincide con la enviada";
return(BadRequest(resultDTO));
}
_db.UsuarioRepository.ChangePassword(cedula, request.NewPassword);
resultDTO.Succeed = _db.Save();
if (!resultDTO.Succeed)
{
resultDTO.Message = $"Ocurrio un error al actualizar la password del usuario {cedula}";
return(StatusCode(500, resultDTO));
}
resultDTO.Message = "Password actualizado exitosamente";
return(Ok(resultDTO));
}
public async Task <ApiResponse> ChangePassword([FromBody] ChangePasswordDTO arg)
{
try
{
var ip = httpService.IpAddress(Request, HttpContext);
var token = await userService.ChangePasswordAsync(arg, ip);
return(new ApiResponse(InfoMessages.PasswordHasChanged, token, HttpStatusCode.OK.ToInt()));
}
catch (ValidationException ex)
{
throw new ApiException(ex.Errors, ex.StatusCode);
}
catch (CustomException ex)
{
throw new ApiException(ex, ex.StatusCode);
}
catch (Exception ex)
{
throw new ApiException(ex);
}
}
public async Task ChangePasswordAsync(ChangePasswordDTO model)
{
if (string.IsNullOrWhiteSpace(model.CurrentPassword) && string.IsNullOrWhiteSpace(model.NewPassword))
{
throw new Exception("Password is empty.");
}
var user = await this.m_userRepository.GetByIdAsync(model.Id);
if (user == null)
{
throw new Exception("User not found.");
}
if (!BcryptHash.CheckBcryptPassword(model.CurrentPassword, user.Password))
{
throw new Exception("Incorrect password.");
}
user.Password = await this.EncryptPasswordAsync(model.NewPassword);
await this.m_userRepository.UpdateAsync(user);
}
public async Task <IActionResult> ChangePassword(ChangePasswordDTO changePassword)
{
try
{
notification = new Notification();
var user = await _userManager.FindByIdAsync(changePassword.UserId);
var newPasswordHash = _userManager.PasswordHasher.HashPassword(user, changePassword.NewPassword);
user.PasswordHash = newPasswordHash;
var res = await _userManager.UpdateAsync(user);
notification.Type = "success";
notification.Message = "Password successfully changed.";
return(Json(notification));
}
catch (Exception exception)
{
notification.Type = "error";
notification.Message = $"Failed to change password. ";
return(Json(notification));
}
}
public async Task UpdatePassword(ChangePasswordDTO changePasswordDTO)
{
ApplicationUser user = await worker.UserManager.FindByIdAsync(changePasswordDTO.UserId);
var oldPasswordConfirmation = await worker.UserManager.CheckPasswordAsync(user, changePasswordDTO.OldPassword);
if (!oldPasswordConfirmation)
{
throw new OldPasswordIsWrongException();
}
IdentityResult result = await worker.UserManager.ChangePasswordAsync(
changePasswordDTO.UserId,
changePasswordDTO.OldPassword,
changePasswordDTO.NewPassword);
if (result.Errors.Any(error => error.Contains("Password")))
{
throw new InsecurePasswordException();
}
await worker.SaveAsync();
}
public async Task <IHttpActionResult> Post([FromBody] ChangePasswordDTO value)
{
var currentUser = ServiceContext.CurrentUser;
var userManager = ServiceContext.UserManager;
var selfReset = (value.OldPassword?.Length ?? 0) > 0;
var isAdmin = !(currentUser is OrgUser) || (currentUser as OrgUser).Type.GetRoles().Contains(Role.ORG_ADMINSTRATOR);
var user = selfReset ? currentUser : Users.Find(value.UserId);
if (selfReset && userManager.PasswordHasher.VerifyHashedPassword(currentUser.PasswordHash, value.OldPassword) != PasswordVerificationResult.Success)
{
return(BadRequest("provided old password is incorrect"));
}
if (!selfReset && !isAdmin)
{
return(Unauthorized());
}
try
{
var token = await user.GeneratePasswordResetTokenAsync(userManager);
var result = userManager.ResetPassword(user.Id, token, value.NewPassword);
if (result.Succeeded)
{
return(Ok());
}
return(BadRequest(string.Join(" ,", result.Errors)));
}
catch (Exception ex)
{
return(InternalServerError(ex));
}
}
public ServiceMessage ChangePassword(ChangePasswordDTO changePasswordDTO)
{
List <string> errors = new List <string>();
bool succeeded = true;
try
{
ApplicationUser applicationUser = userManager.FindByName(changePasswordDTO.Login);
if (applicationUser != null)
{
IdentityResult identityResult = userManager.ChangePassword(
applicationUser.Id,
changePasswordDTO.OldPassword,
changePasswordDTO.NewPassword
);
succeeded = identityResult.Succeeded;
errors.AddRange(identityResult.Errors);
}
else
{
succeeded = false;
errors.Add("User with such login was not found");
}
}
catch (Exception ex)
{
succeeded = false;
ExceptionMessageBuilder.FillErrors(ex, errors);
}
return(new ServiceMessage
{
Succeeded = succeeded,
Errors = errors
});
}
public async Task <ActionResult> ChangeUserPassword(ChangePasswordDTO data)
{
string email = User.Identity.GetUserName();
JsonResult retValue = new JsonResult();
try
{
var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(),
data.CurrentPassword, data.NewPassword);
if (result.Succeeded)
{
data.Email = email;
var dsResult = await DataService.CallDataService <ResultDTO>("user", "ChangePassword",
postData : data);
retValue.Data = dsResult;
}
else
{
ResultDTO retData = new ResultDTO
{
StatusCode = (int)HttpStatusCode.BadRequest,
StatusCodeSuccess = false,
StatusMessage = result.Errors.Count() > 0 ? result.Errors.First() : "Error while changing password"
};
retValue.Data = retData;
}
}
catch (Exception ex)
{
}
return(retValue);
}
public IActionResult ChangePassword([FromBody] ChangePasswordDTO user)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
try
{
var result = _authenticationService.ChangePassword(user);
if (result == 200)
{
return(Ok("Password changed successfully"));
}
else if (result == 401)
{
return(StatusCode(401, "Passwords do not match"));
}
else if (result == 402)
{
return(BadRequest("New password must be different from the old one"));
}
else
{
return(BadRequest("Something went wrong"));
}
}
catch (NullReferenceException ex)
{
return(NotFound(ex.Message));
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
}
public async Task <AuthResult <Token> > ChangePassword(ChangePasswordDTO changePasswordDto)
{
if (changePasswordDto == null ||
string.IsNullOrEmpty(changePasswordDto.ConfirmPassword) ||
string.IsNullOrEmpty(changePasswordDto.Password) ||
changePasswordDto.Password != changePasswordDto.ConfirmPassword
)
{
return(AuthResult <Token> .UnvalidatedResult);
}
int.TryParse(HttpContext.Current.User.Identity.GetUserId(), out var currentUserId);
if (currentUserId > 0)
{
var result = await userManager.ChangePasswordAsync(currentUserId, null, changePasswordDto.Password);
if (result.Succeeded)
{
return(AuthResult <Token> .SucceededResult);
}
}
return(AuthResult <Token> .UnauthorizedResult);
}
private string EditUserLogin(string connString, ChangePasswordDTO changeInfo, int pwdHisId, string newPasswordHash)
{
string resultCode = string.Empty;
string sql = @"sp_editUserLogin";
var p = new DynamicParameters();
p.Add("UserId", changeInfo.UserId);
p.Add("UserName", changeInfo.UserName);
p.Add("PwdHisId", pwdHisId);
p.Add("LoginId", changeInfo.LoginId);
p.Add("PasswordHash", changeInfo.PasswordHash);
p.Add("NewPasswordHash", newPasswordHash);
p.Add("Date", changeInfo.Date);
p.Add("CreatedBy", changeInfo.CreatedBy);
p.Add("LastUpdatedBy", changeInfo.LastUpdatedBy);
p.Add("Result", dbType: DbType.String, direction: ParameterDirection.Output, size: 6);
using (IDbConnection db = new SqlConnection(connString))
{
int result = db.Execute(sql, p, commandType: CommandType.StoredProcedure);
resultCode = p.Get <String>("Result");
}
return(resultCode);
}
public void ChangePasswordTest()
{
// Arrange
User user = new User()
{
Login = "******",
Password = "******",
Tickets = ""
};
Data.Users.Add(user);
UserModel userModel = new UserModel();
Data.SaveChanges();
ChangePasswordDTO changepassDTO = Mapper.Map <User, ChangePasswordDTO>(user);
changepassDTO.NewPassword = "******";
//Act
UserDTO userDTO = userModel.ChangePassword(changepassDTO, Data);
//Assert
Assert.AreEqual("dupa", user.Password);
}
public async Task <AuthResult <Token> > ChangePassword(ChangePasswordDTO changePasswordDto, string currentUserId)
{
if (changePasswordDto == null ||
string.IsNullOrEmpty(changePasswordDto.ConfirmPassword) ||
string.IsNullOrEmpty(changePasswordDto.Password) ||
changePasswordDto.Password != changePasswordDto.ConfirmPassword
)
{
return(AuthResult <Token> .UnvalidatedResult);
}
var user = await userManager.FindByIdAsync(currentUserId.ToString());
var result = await userManager.ChangePasswordAsync(user, null, changePasswordDto.Password);
if (result.Succeeded)
{
return(AuthResult <Token> .SucceededResult);
}
return(AuthResult <Token> .UnauthorizedResult);
}
public UIElement GetPasswordElement()
{
ChangePasswordControl control = new ChangePasswordControl(login);
control.PasswordChanged += (s, e) =>
{
ChangePasswordModel model = e.ChangePasswordModel;
if (model.NewPassword == model.ConfirmPassword)
{
ChangePasswordDTO changePasswordDTO = new ChangePasswordDTO
{
Login = model.Login,
OldPassword = model.OldPassword,
NewPassword = model.NewPassword
};
using (IAccountService service = factory.CreateAccountService())
{
ServiceMessage serviceMessage = service.ChangePassword(changePasswordDTO);
RaiseReceivedMessageEvent(serviceMessage.IsSuccessful, serviceMessage.Message);
if (serviceMessage.IsSuccessful)
{
System.Diagnostics.Process.Start(Application.ResourceAssembly.Location);
Application.Current.Shutdown();
}
}
}
else
{
RaiseReceivedMessageEvent(false, "Passwords are not same");
}
};
return(control);
}
public async Task <AuthResult <Token> > ChangePassword(ChangePasswordDTO changePasswordDto)
{
if (changePasswordDto == null ||
string.IsNullOrEmpty(changePasswordDto.ConfirmPassword) ||
string.IsNullOrEmpty(changePasswordDto.Password) ||
changePasswordDto.Password != changePasswordDto.ConfirmPassword
)
{
return(AuthResult <Token> .UnvalidatedResult);
}
int.TryParse(this.httpContextAccessor.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier).Value, out var currentUserId);
if (currentUserId > 0)
{
var succeeded = await userManager.ChangePasswordAsync(currentUserId, null, changePasswordDto.Password);
if (succeeded)
{
return(AuthResult <Token> .SucceededResult);
}
}
return(AuthResult <Token> .UnauthorizedResult);
}
public async Task UpdatePasswordAsync(ChangePasswordDTO passwordDTO)
{
var user = await _userRepository.GetByIdAsync(passwordDTO.Id);
if (user == null)
{
throw new HttpStatusCodeException(HttpStatusCode.NotFound, $"Wrong user Id");
}
var oldPasswordHash = PasswordGenerators.CreatePasswordHash(passwordDTO.OldPassword);
if (user.PasswordHash != oldPasswordHash)
{
throw new HttpStatusCodeException(HttpStatusCode.BadRequest, $"Wrong user Password");
}
await _userRepository.UpdatePasswordAsync(new ChangePasswordModel
{
Id = passwordDTO.Id,
Password = PasswordGenerators.CreatePasswordHash(passwordDTO.NewPassword)
});
_theaterScheduleUnitOfWork.Save();
}
public ActionResult TestUserChangePwd()
{
User u = _userRepository.GetAll().First();
ChangePasswordDTO dto = new ChangePasswordDTO
{
NewPassword = EncryptorMD5.GetMd5Hash("123456"),
OldPassword = u.Password,
MasterId = u.Id
};
string mssg = "";
string type = "PasswordChange";
mssg = JsonConvert.SerializeObject(dto, new IsoDateTimeConverter());
Send(mssg, type);
return Json(dto, JsonRequestBehavior.AllowGet);
}
public string ChangePassword(ChangePasswordDTO changePassword)
{
userManagementService.ChangePassword(ClaimsPrincipal.Current.Identity.Name, changePassword.NewPassword,
changePassword.OldPassword);
return("Change password have done successfully");
}
public async Task ChangePassword(UserProfile user, ChangePasswordDTO changePassword)
{
await userManager.ChangePasswordAsync(user, changePassword.OldPassword, changePassword.NewPassword);
}
public dynamic Put(ChangePasswordDTO objresetpassword)
{
CustomResponse objres = new CustomResponse();
if (objresetpassword.ChageType == 1)
{
try
{
//compare key with database
if (AccountRepository.CompareResetToken(objresetpassword.userid, objresetpassword.oldpassword))
{
var provider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("Sample");
userManager.UserTokenProvider = new Microsoft.AspNet.Identity.Owin.DataProtectorTokenProvider <MyIdentityUser>(provider.Create("EmailConfirmation"));
string resettoken = userManager.GeneratePasswordResetToken(objresetpassword.userid);
IdentityResult objresult = userManager.ResetPassword(objresetpassword.userid, resettoken, objresetpassword.newpassword);
if (objresult.Succeeded)
{
objres.Status = CustomResponseStatus.Successful;
objres.Message = "Password Updated Successfully";
objres.Response = null;
}
else
{
objres.Status = CustomResponseStatus.UnSuccessful;
objres.Message = "Failed";
objres.Response = null;
}
}
else
{
objres.Status = CustomResponseStatus.UnSuccessful;
objres.Message = "Invalid Access token";
objres.Response = null;
}
}
catch (Exception ex)
{
objres.Status = CustomResponseStatus.Exception;
objres.Message = ex.Message;
objres.Response = null;
}
return(objres);
}
else if (objresetpassword.ChageType == 2)
{
try
{
IdentityResult result = userManager.ChangePassword(objresetpassword.userid, objresetpassword.oldpassword, objresetpassword.newpassword);
objres.Response = null;
if (result.Succeeded)
{
objres.Status = CustomResponseStatus.Successful;
objres.Message = "Password Changed Successfully";
}
else
{
objres.Status = CustomResponseStatus.UnSuccessful;
objres.Message = "Failed to update Password";
}
}
catch (Exception ex)
{
objres.Status = CustomResponseStatus.Successful;
objres.Message = ex.Message;
objres.Response = null;
}
return(objres);
}
else if (objresetpassword.ChageType == 3)
{
try
{
MyIdentityUser objuser = userManager.FindByEmail(objresetpassword.Email);
objuser.FirstName = objresetpassword.FirstName;
objuser.LastName = objresetpassword.LastName;
objuser.MobileNumber = objresetpassword.MobileNumber;
IdentityResult objidentityresult = userManager.Update(objuser);
objres.Response = null;
if (objidentityresult.Succeeded)
{
objres.Status = CustomResponseStatus.Successful;
objres.Message = "User Updated Successfully";
}
else
{
objres.Status = CustomResponseStatus.UnSuccessful;
objres.Message = "Failed to update User Details";
}
}
catch (Exception ex)
{
objres.Status = CustomResponseStatus.Successful;
objres.Message = ex.Message;
objres.Response = null;
}
return(objres);
}
else
{
return(null);
}
}
