public async Task <ActionResult <UserAuthResponse> > ChangePassword([FromBody] UserChangePassword ucp)
{
var ua = await dbHelper.GetUserAuthAsync(ucp.Username);
if (ua != null)
{
var oldValid = PasswordHasher.IsEqual(ua.PasswordHash, ua.PasswordSalt, ucp.OldPassword);
if (oldValid)
{
var newPasswordHash = PasswordHasher.GeneratePasswordHash(ucp.NewPassword, ua.PasswordSalt);
var resp = await dbHelper.ChangePasswordAsync(ua.UserId, newPasswordHash);
return(new UserAuthResponse
{
IsSuccess = resp.IsSuccess,
Message = resp.Message
});
}
else
{
return(new UserAuthResponse
{
IsSuccess = false,
Message = "Old password doesn't match"
});
}
}
return(new UserAuthResponse
{
IsSuccess = false,
Message = "User not authenticated"
});
}
