public string RequestPasswordChange([FromUri] PasswordChange obj)
{
//1. create a password change request
var user = appRepository.ChangePasswordRequest(obj.Email);
//2. send a request emailmessage
ITextReplace replace = new TextReplace();
if (!string.IsNullOrEmpty(user.Name))
{
replace.Add("%name%", user.Name);
}
else
{
replace.Add("%name%", "");
}
replace.Add("%epost%", user.Email.Trim());
if (user.ChangePasswordRequest != null)
{
replace.Add("%url%", string.Format(obj.Url + "changepassword.html?key={0}", user.ChangePasswordRequest.Value));
}
string body = replace.ReplaceFromFile(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Templates", "ChangePassword.html"));
MailService smtp = new MailService("http://communicationservice.woxion.com/MailService.asmx");
bool result = smtp.Send("Projektplaneraren", "*****@*****.**", user.Email.Trim(), null, "Ändra lösenord", body);
return("Request Created");
}
public static PasswordChangeStatus ChangePassword(int OrcaUserID, PasswordChange passwordChange)
{
OrcaContext db = new OrcaContext();
OrcaPassword userPasswordQuery = null;
// get the password from Passwords db table
try
{
//OrcaPassword userPasswordQuery = (from user in db.OrcaPasswords
// where user.OrcaUserID == OrcaUserID
// select user).First();
userPasswordQuery = db.OrcaPasswords.AsQueryable().First(user => user.OrcaUserID == OrcaUserID);
}
catch (Exception)// if the OrcaUserID could not be found, return INVALID_USER
{
return(PasswordChangeStatus.INVALID_USER);
}
// make sure the proper original password was entered
if (userPasswordQuery.Password == passwordChange.CurrentPassword)
{
// change the password
userPasswordQuery.Password = passwordChange.Password;
// update the database
db.Entry(userPasswordQuery).State = EntityState.Modified;
db.SaveChanges();
return(PasswordChangeStatus.SUCCESS);
}
return(PasswordChangeStatus.INVALID_PASSWORD);
}
public ActionResult ChangePassword([Bind(Include = "CurrentPassword,Password,ConfirmPassword")] PasswordChange passwordChange)
{
// convnention for making it easier to pass messages between controllers
if (TempData["Message"] != null)
{
ViewBag.Message += (" " + TempData["Message"].ToString());
}
OrcaContext db = new OrcaContext();
if (ModelState.IsValid)
{
// change password for logged in user and get the success status
PasswordChangeStatus status = OrcaHelper.ChangePassword(Convert.ToInt32(Session["OrcaUserID"].ToString()), passwordChange);
switch (status)
{
case PasswordChangeStatus.SUCCESS:
ViewBag.Message += " Your password has been changed.";
break;
case PasswordChangeStatus.INVALID_PASSWORD:
ViewBag.Message += " The Current Password you entered was incorrect. Please try again";
break;
case PasswordChangeStatus.INVALID_USER:
default:
ViewBag.Message += " Something went wrong. This may suggest an Invalid User login.";
break;
}
}
return(View());
}
public async Task <PasswordChangeEnum> PasswordChange(string email, string countryCode, string password1, string password2)
{
PasswordChange userPasswordChange = new PasswordChange
{
Email = email,
Password = password1,
Password2 = password2,
DeviceId = GlobalAccess.DeviceId,
CountryCode = countryCode
};
var changeResult = await authenticationService.PasswordChange(userPasswordChange);
if (changeResult.IsSuccess)
{
var response = changeResult.DeserializeObject <PasswordChangeResponse>();
if (response.Status)
{
bool updateLocalPWD = (userAccess.UpdatePassword(email, countryCode, password1) > 0);
if (updateLocalPWD)
{
return(PasswordChangeEnum.ChangeSuccess);
}
}
}
return(PasswordChangeEnum.ChangeFailure);
}
public ActionResult Create(PasswordModel password)
{
try
{
userInfo = GetUserInfo();
UserModel user;
user = dbContext.GetUserById(userInfo.Id);
password.IdUser = userInfo.Id;
password.PasswordHash = EncryptionHelper.EncryptPasswordAES(password.PasswordHash, userInfo.LoggedUserPassword);
CreatePassword(password);
PasswordChange.LogPasswordCreate(
dbContext.GetPasswordByHash(password.PasswordHash),
dbContext);
ActivityLog.Log(userInfo.Id, ActionType.CreatePassword, dbContext);
return(RedirectToAction(nameof(Index), new { idUser = password.IdUser }));
}
catch
{
return(View());
}
}
public ActionResult RestorePasswordState(int passwordChangeId)
{
PasswordChange passwordChange = dbContext.GetPasswordChange(passwordChangeId);
PasswordModel oldPassword;
PasswordModel newPassword;
if (String.IsNullOrEmpty(passwordChange.OldData))
{
newPassword = PasswordChange.StringToPassword(passwordChange.NewData);
oldPassword = dbContext.GetPassword(passwordChange.PasswordId);
}
else if (String.IsNullOrEmpty(passwordChange.NewData))
{
newPassword = PasswordChange.StringToPassword(passwordChange.OldData);
oldPassword = dbContext.GetPassword(passwordChange.PasswordId);
}
else
{
newPassword = PasswordChange.StringToPassword(passwordChange.OldData);
oldPassword = PasswordChange.StringToPassword(passwordChange.NewData);
}
dbContext.UpdatePassword(newPassword);
PasswordChange.LogPasswordEdit(oldPassword, newPassword, dbContext);
return(RedirectToAction(nameof(Index)));
}
public async Task <ActionResult> ChangePassword(PasswordChange std)
{
await Task.Delay(0);
Response res = new Response();
var Id = EncryptionDecryption.Decrypt(std.id);
DataTable table = SQLDatabase.GetDataTable("SELECT * FROM users WHERE Id='" + Id + "' AND Password='******'");
if (table.Rows.Count > 0)
{
if (SQLDatabase.ExecNonQuery("update users set Password='******' where Id='" + Id + "'") > 0)
{
res.Status = "Password Update Successfully";
}
else
{
res.Status = "Password Updation Failed";
}
}
else
{
res.Status = "Old Password is Incorrect";
}
return(Ok(res));
}
public async Task <ActionResult> ChangePasswordEdit(PasswordChange data)
{
PasswordChange passwordChange = new PasswordChange()
{
Username = data.Username
};
if (!data.NewPassword.Equals(data.NewPasswordConfirmation, StringComparison.Ordinal))
{
ModelState.AddModelError(key: "", errorMessage: "Las contraseñas no coinciden.\n");
return(await Task.FromResult <ActionResult>(View(passwordChange)));
}
var result = await _utilsMethods.ComparePassword(data.Username, data.ActualPassword);
switch (result)
{
case true:
var resultUpdate = _utilsMethods.UpdatePassword(data.Username, data.NewPassword);
if (resultUpdate)
{
return(RedirectToAction("ChangePasswordUsers"));
}
ModelState.AddModelError(key: "", errorMessage: "Ha ocurrido un error al cambiar la contraseña.\n");
return(await Task.FromResult <ActionResult>(View(passwordChange)));
case false:
ModelState.AddModelError(key: "", errorMessage: "La contraseña con coincide con la del sistema.\n");
return(await Task.FromResult <ActionResult>(View(passwordChange)));
default:
ModelState.AddModelError(key: "", errorMessage: "Ha ocurrido un error.\n");
return(await Task.FromResult <ActionResult>(View(passwordChange)));
}
}
public ActionResult Delete(string id, IFormCollection collection)
{
try
{
if (ValidateViewMode("Cannot delete. You are in view mode!"))
{
string passwordHash = collection["PasswordHash"];
PasswordChange.LogPasswordDelete(
dbContext.GetPasswordByHash(passwordHash),
dbContext);
dbContext.DeletePassword(passwordHash);
ActivityLog.Log(
GetUserInfo().Id,
ActionType.DeletePassword,
dbContext);
}
return(RedirectToAction(nameof(Index)));
}
catch
{
return(View());
}
}
public int ChangePassword(PasswordChange obj)
{
try
{
using (SqlConnection conn = SqlHelper.GetOpenConnection())
{
var par = new Dapper.DynamicParameters();
par.Add("@Name", obj.Name);
par.Add("@Password", obj.Password);
par.Add("@ChangePasswordRequest", obj.Key);
int result = conn.Execute("ChangePassword", par, commandType: CommandType.StoredProcedure);
if (result == -1)
{
string msg = string.Format("ChangePassword with key: '{0}' failed. The request has expired!", obj.Key);
log.Warning(msg);
//throw new Exception(msg);
}
return(result);
}
}
catch (Exception ex)
{
log.Error("ChangePassword with key: '" + obj.Key + "' failed", ex);
throw;
}
}
public async Task <IActionResult> ChangePassword(PasswordChange data)
{
//var hash_password = SHA1HashStringForUTF8String(data.User_Old_Password);
var user = await _context.User.Where(u => u.User_login == data.User_Login && u.User_password.ToUpper() == data.User_Old_Password).SingleOrDefaultAsync();
if (user != null)
{
if (user.User_password.ToUpper() == data.User_New_Password.ToUpper())
{
//TODO: Change the return for same password
return(BadRequest("Password cannot be the same"));
}
user.User_password = data.User_New_Password.ToUpper();
//user.User_password = SHA1HashStringForUTF8String(data.User_New_Password);
user = await Authenticate(user);
await _context.SaveChangesAsync();
return(Ok(user));
}
else
{
return(BadRequest("User doesn't exist."));
}
}
public IActionResult ChangePassword(PasswordChange userSubmission)
{
if (!ModelState.IsValid)
{
return(View("Account"));
}
int? id = HttpContext.Session.GetInt32("UserId");
User oneUser = dbContext.Users.FirstOrDefault(a => a.UserId == id);
var hasher = new PasswordHasher <PasswordChange>();
var result = hasher.VerifyHashedPassword(userSubmission, oneUser.Password, userSubmission.CurrentPassword);
if (result == 0)
{
ModelState.AddModelError("CurrentPassword", "Invalid Password");
return(View("Account"));
}
PasswordHasher <PasswordChange> Hasher = new PasswordHasher <PasswordChange>();
userSubmission.NewPassword = Hasher.HashPassword(userSubmission, userSubmission.NewPassword);
oneUser.Password = userSubmission.NewPassword;
dbContext.SaveChanges();
ModelState.AddModelError("Success", "Password updated!");
return(View("Account"));
}
public async Task <IActionResult> ChangePassword(PasswordChange customUser)
{
var user = await _userManager.FindByNameAsync(customUser.Username);
if (user == null)
{
return(StatusCode(StatusCodes.Status500InternalServerError, new Response {
Status = "Error", Message = "User does not exist."
}));
}
if (!await _userManager.CheckPasswordAsync(user, customUser.CurrentPassword))
{
return(StatusCode(StatusCodes.Status500InternalServerError, new Response {
Status = "Error", Message = "Current password is not correct."
}));
}
await _userManager.ChangePasswordAsync(user, customUser.CurrentPassword, customUser.NewPassword);
var result = await _userManager.CheckPasswordAsync(user, customUser.NewPassword);
if (!result)
{
return(StatusCode(StatusCodes.Status500InternalServerError, new Response {
Status = "Error", Message = "New password does not meet the requirements."
}));
}
return(Ok(new Response {
Status = "Success", Message = "Password changed successfully."
}));
}
public async Task <bool> UpdateUserCredentialsAsync(PasswordChange passwordChange)
{
var response = await GetUsersUrl("/credentials")
.PutJsonAsync(passwordChange)
.ConfigureAwait(false);
return(await HandleResponseAsync(response).ConfigureAwait(false));
}
public int LogPasswordChange(PasswordChange change)
{
string sqlQuery = "Insert Into PasswordChange " +
"(PasswordId, UserId, OldData, NewData, ChangeDateTime) " +
"Values(@PasswordId, @UserId, @OldData, @NewData, @ChangeDateTime)";
return(db.Execute(sqlQuery, change));
}
public async Task <ActionResult> ChangePasswordEdit(string username)
{
PasswordChange passwordChange = new PasswordChange()
{
Username = username
};
return(View(passwordChange));
}
private void ChangePassword_Click(object sender, EventArgs e)
{
PasswordChange PasswordChange = new PasswordChange(ActivePerson);
PasswordChange.Size = new Size(908, 616);
PasswordChange.Location = new Point(0, 86);
this.Controls.Add(PasswordChange);
PasswordChange.BringToFront();
}
public object Get(HttpRequestMessage requestMessage, string id)
{
var messageId = requestMessage.GetCorrelationId().ToString();
TraceSources.AddAdditionalLogItem("RequestMessageId", messageId);
try
{
var passwordChange = new PasswordChange();
var token = passwordChange.ExpirationCheck(id);
return(new IsExpiredTokenSuccessResponse
{
Result = passwordChange.Result != PasswordChange.ValidatedResult.IsExpired && token != null
});
}
catch (InvalidRequestForTConnectApiException e)
{
PCSiteTraceSource.InvalidRequest_Api("is-expired-token", "token", e);
return(requestMessage.CreateResponse(HttpStatusCode.BadRequest));
}
catch (InvalidJwtException ex)
{
var trace = PCSiteTraceSource.InvalidJwt(id, ex);
var code = 0;
trace.TryGetId(out code);
return(requestMessage.CreateResponse(HttpStatusCode.BadRequest,
new ErrorResponse {
Errors = new Dictionary <string, string> {
{ "code", code.ToString() }
}
}));
}
catch (TableNotFoundException tex)
{
var trace = PCSiteTraceSource.ConnectionFailToAzureStorageTable_Api("StredTokenテーブルにアクセスできませんでした。", tex);
var code = 0;
trace.TryGetId(out code);
return(requestMessage.CreateResponse(HttpStatusCode.InternalServerError,
new ErrorResponse {
Errors = new Dictionary <string, string> {
{ "code", code.ToString() }
}
}));
}
catch (Exception ex)
{
var trace = PCSiteTraceSource.SystemError_Api("有効期限検証APIで想定外のエラーが発生", ex);
var code = 0;
trace.TryGetId(out code);
return(requestMessage.CreateResponse(HttpStatusCode.InternalServerError,
new ErrorResponse {
Errors = new Dictionary <string, string> {
{ "code", code.ToString() }
}
}));
}
}
public IHttpActionResult Put(PasswordChange passwordChange)
{
var user = HttpContext.Current.User as SessionPrincipal;
bus.Update(user.SessionIdentity.Id, passwordChange.OldPassword, passwordChange.NewPassword);
_userSessionbus.DeleteByUserId(user.SessionIdentity.Id);
return(Ok());
}
public ActionResult <UserModel> ChangePw(PasswordChange passwordChange)
{
var response = _userService.ChangePw(passwordChange);
if (response == null)
{
return(BadRequest(new { message = "Wrong password!" }));
}
return(Ok(response));
}
public async Task <IActionResult> ChangeOwnersPassword([FromBody] PasswordChange passwordChange, string login)
{
if (!ModelState.IsValid)
{
return(StatusCode(420, ModelState));
}
await _ownerService.ChangePassword(passwordChange, login);
return(Ok());
}
public void UpdatePassword(PasswordChange passwordChange)
{
var userAuthentication = _userDao.GetUserAuthenticationByUsername(passwordChange.Username);
if (userAuthentication == null)
{
throw new UserNotFoundException($"Given user {passwordChange.Username} was not found");
}
UpdateUserAuthentication(userAuthentication, passwordChange.NewPassword);
}
public async Task <IActionResult> UpdateCredentials([FromBody] PasswordChange passwordChange, CancellationToken cancellationToken)
{
return(this.Ok(await mediator.Send(
new PasswordChangeCommand(
User.GetTenantId(),
User.GetAccountId(),
passwordChange.OldPassword,
passwordChange.NewPassword,
passwordChange.ConfirmPassword),
cancellationToken)));
}
public Task <UserStatus> ChangePassword([FromBody] PasswordChange pasChangeModel)
{
var cos = User.Identity.Name;
var name = User.Claims.ToArray();
var value = name[1].Value;
UserStatus userStatus = new UserStatus();
userStatus.Pesel = 1;
userStatus.Message = "asda";
userStatus.Status = "ok";
return(null);
}
public async Task <IActionResult> ChangeCustomersPassword([FromBody] PasswordChange passwordChange, string login)
{
if (!ModelState.IsValid)
{
var result = Json(ModelState);
result.StatusCode = 420;
return(result);
}
await _customerService.ChangePassword(passwordChange, login);
return(Ok());
}
public void ChangePassword(PasswordChange input)
{
var info = _loginService.Login(new LoginPassword()
{
Login = input.Login,
Password = input.PreviousPassword
});
_loginService.ChangePassword(new LoginPassword()
{
Login = input.Login,
Password = input.NewPassword
});
}
public async Task <ActionResult> PasswordChanged(PasswordChange model)
{
ApplicationDbContext context = new ApplicationDbContext();
UserStore <ApplicationUser> store = new UserStore <ApplicationUser>(context);
UserManager <ApplicationUser> UserManager = new UserManager <ApplicationUser>(store);
String userId = User.Identity.GetUserId();//"<YourLogicAssignsRequestedUserId>";
String hashedNewPassword = UserManager.PasswordHasher.HashPassword(model.password);
ApplicationUser cUser = await store.FindByIdAsync(userId);
await store.SetPasswordHashAsync(cUser, hashedNewPassword);
await store.UpdateAsync(cUser);
Response.Write("<script>alert('Password Successfully Changed');</script>");
return(View("PasswordChange"));
}
public IActionResult ChangePassword([FromBody] PasswordChange change)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var myId = User.GetId();
var result = _userService.ChangePassword(myId, change.OldPassword, change.NewPassword);
if (result.IsFailure)
{
return(Unauthorized());
}
return(Ok());
}
/// <summary>
/// Change employees password.
/// </summary>
/// <param name="oldPassword"></param>
/// <param name="newPassword"></param>
/// <returns></returns>
public async Task ChangeEmployeesPassword(string oldPassword, string newPassword)
{
var login = base.GetAuthorizedUserLogin();
var changedPassword = new PasswordChange()
{
Login = login,
OldPassword = oldPassword,
NewPassword = newPassword
};
var changedPasswordJson = JsonConvert.SerializeObject(changedPassword);
var response = await Client.AuthenticatedPostJsonAsync($"employee/{login}/changepassword",
new StringContent(changedPasswordJson), Token);
//TODO exceptions
}
public object UpdatePassword(PasswordChange obj)
{
HttpResponseMessage message;
try
{
if (ValidatePassword(obj, out message))
{
/*int id = -1;
* if (obj.id != null)
* {
* var sId = Utilities.Unprotect(obj.id);
* int.TryParse(sId, out id);
*
* }*/
int id = CurrentUser?.id ?? 0;
if (id == 0 && obj.code == null)
{
if (obj.id != null)
{
var sId = Utilities.Unprotect(obj.id);
int.TryParse(sId, out id);
}
}
var user = id > 0 ? uow.UserRepository.GetByID(id) : uow.UserRepository.Get(u => u.registrationCode == obj.code).FirstOrDefault();
if (user != null)
{
user.password = obj.password;
uow.Save();
Nlog.Log(LogLevel.Info, $"User {user?.username} successfully updated password.");
return(obj);
}
return(new HttpResponseMessage(HttpStatusCode.BadRequest));
}
return(message);
}
catch (CryptographicException ex)
{
Nlog.Log(LogLevel.Error, ex, $"UpdatePassword. CurrentUser: {CurrentUser?.name} id: {obj.id}");
}
return(new HttpResponseMessage {
StatusCode = HttpStatusCode.BadRequest, Content = new StringContent("Greška u postavljanju lozinke.")
});
}
public ActionResult ManagePassword(PasswordChange model)
{
if (ModelState.IsValid)
{
// ChangePassword will throw an exception rather than return false in certain failure scenarios.
string username = (string)(Session["Username"]);
string usertype=(string)Session["TypeOfUser"];
bool val = new DataAccess.DataObj().ChangePassword(username, model.OldPassword, model.NewPassword,usertype);
if (val == false)
{
return View("ErrorChangePassword");
//go to error page
}
}
return RedirectToAction("Login");
}
