public async Task <IActionResult> ResetPassword([FromBody] ModelResetPassword model)
{
var requestUri = $"{_WebApiModel.BaseURL}/{"PrivateRegister"}/{"ResetPassword"}";
string authHeader = HttpContext.Request?.Headers["Authorization"];
if (authHeader != null && authHeader.StartsWith("Bearer"))
{
BearerToken = authHeader.Substring("Bearer ".Length).Trim();
}
var response = await HttpRequestFactory.Post(requestUri, BearerToken, model);
switch (response.StatusCode)
{
case HttpStatusCode.Unauthorized:
return(Unauthorized(response.ContentAsString()));
case HttpStatusCode.BadRequest:
return(BadRequest(response.ContentAsString()));
case HttpStatusCode.OK:
return(Ok(response.ContentAsString()));
default:
return(StatusCode(500));
}
}
public async Task <Result> ResetPasswordAsync(ModelResetPassword resetPassword)
{
// check password and confirm password
if (resetPassword.NewPassword != resetPassword.ConfirmPassword)
{
return(new Result
{
StatusCode = ResultCodes.DataError,
Description = "Password does not match"
});
}
using (IDbConnection conn = Connection)
{
try
{
string sQuery = @"UPDATE UserCredentials SET
Password = @Password,
Salt = @Salt,
ResetToken = @NewResetToken,
LastPasswordChange = @LastPasswordChange
WHERE Email = @Email AND
ResetToken = @ResetToken;";
var newresettoken = Guid.NewGuid().ToString();
string currenttime = DateTime.Now.ToString();
string salt = Salt.Create();
resetPassword.NewPassword = Hash.Create(resetPassword.NewPassword, salt);
conn.Open();
int effectedrows = await conn.ExecuteAsync(sQuery, new
{
Password = resetPassword.NewPassword,
Salt = salt,
LastPasswordChange = currenttime,
NewResetToken = newresettoken,
ResetToken = resetPassword.ResetToken,
Email = resetPassword.Email
});
if (effectedrows > 0)
{
return(new Result
{
StatusCode = ResultCodes.Success,
Description = "Password has been changed"
});
}
else
{
return(new Result
{
StatusCode = ResultCodes.DBError,
Description = "Reseting Password fail"
});
}
}
catch (Exception ex)
{
_logger.LogDebug(ex.StackTrace);
return(new Result
{
StatusCode = ResultCodes.Error,
Description = "Error, Reseting Password fail"
});
}
}
}
public async Task <ModelResponseMessageUpdateUserRegister> ResetPasswordAsync(ModelResetPassword model)
{
ModelResponseMessageUpdateUserRegister resp = new ModelResponseMessageUpdateUserRegister();
resp.Status = false;
if (string.IsNullOrEmpty(model.oldpassw))
{
resp.Message = "กรุณาระบุรหัสผ่านเดิม";
}
else if (string.IsNullOrEmpty(model.newpassw))
{
resp.Message = "กรุณาระบุรหัสผ่านใหม่";
}
else if (string.IsNullOrEmpty(model.confirmpassw))
{
resp.Message = "กรุณายืนยันรหัสผ่าน";
}
else if (model.newpassw != model.confirmpassw)
{
resp.Message = "รหัสผ่านใหม่ไม่ตรงกัน";
}
else
{
resp = await _IRegisterUserRepository.ResetPasswordAsync(model);
}
return(resp);
}
// [Route("dob/{dateOfBirth}")]
public async Task <ActionResult <Result> > ResetPassword(ModelResetPassword resetpassword)
{
return(await _credRepo.ResetPasswordAsync(resetpassword));
}
public async Task <ModelResponseMessageUpdateUserRegister> ResetPasswordAsync(ModelResetPassword model)
{
ModelResponseMessageUpdateUserRegister resp = new ModelResponseMessageUpdateUserRegister();
string userid = Encoding.UTF8.GetString(Convert.FromBase64String(model.registerid));
using (SqlConnection conn = new SqlConnection(ConnectionString))
{
conn.Open();
using (SqlCommand cmd = new SqlCommand("sp_reset_password", conn))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@RegisterId", SqlDbType.VarChar, 100).Value = userid;
string encrypt_old_passw = System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(model.oldpassw));
cmd.Parameters.Add("@OldPassword", SqlDbType.VarChar, 100).Value = encrypt_old_passw;
string encrypt_passw = System.Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(model.newpassw));
cmd.Parameters.Add("@Password", SqlDbType.VarChar, 100).Value = encrypt_passw;
SqlParameter rStatus = cmd.Parameters.Add("@rStatus", SqlDbType.Int);
rStatus.Direction = ParameterDirection.Output;
SqlParameter rMessage = cmd.Parameters.Add("@rMessage", SqlDbType.NVarChar, 500);
rMessage.Direction = ParameterDirection.Output;
await cmd.ExecuteNonQueryAsync();
if ((int)cmd.Parameters["@rStatus"].Value > 0)
{
resp.Status = true;
}
else
{
resp.Message = (string)cmd.Parameters["@rMessage"].Value;
}
}
conn.Close();
}
return(resp);
}
public async Task <IActionResult> ResetPassword(ModelResetPassword model)
{
ModelResponseMessageUpdateUserRegister e = await _IRegisterUserService.ResetPasswordAsync(model);
return(Ok(e));
}
