public IActionResult ChangePassword([FromBody] ChangePasswordPayload payload)
{
String[] authorization = Request.Headers["authorization"].ToString().Split(" ");
String token = authorization[1];
String userId = ((JwtSecurityToken) new JwtSecurityTokenHandler().ReadToken(token)).Claims.First(claim => claim.Type == "id").Value;
try
{
var selectedUser = _db.Users.Find(Int32.Parse(userId));
if (BC.Verify(payload.Password, selectedUser.PasswordHash))
{
selectedUser.PasswordHash = BC.HashPassword(payload.NewPassword);
_db.SaveChanges();
return(Ok(new { message = true }));
}
else
{
return(StatusCode(401, "Wrong password!"));
}
}
catch (Exception ex)
{
return(StatusCode(500, $"Internal server error: {ex}"));
}
}
public void ChangePassword(string userName, string oldPassword, string newPassword)
{
var payload = new ChangePasswordPayload {
OldPassword = oldPassword, NewPassword = newPassword
};
IRestResponse response = Request.ExecuteJsonRequest(string.Format("/users/{0}/password", userName), Method.POST, payload);
ValidateResponse(response);
}
