public GenericStatusMessage ChangePassword([FromBody] PasswordChangePayload payload) { long?userId = AuthenticationService.IsAuthorized(Request, UserRole.Coach, UserRole.RoomOwner); if (userId == null) { Response.StatusCode = 401; return(new GenericStatusMessage(false)); } else { UserManipulationService userManipulationService = new UserManipulationService(); GenericStatusMessage message = userManipulationService.ChangePassword(payload, userId.Value); Response.StatusCode = message.Success ? 200 : 401; return(message); } }
public GenericStatusMessage ChangePassword(PasswordChangePayload payload, long userId) { using (ReservationDataContext context = new ReservationDataContext()) { User user = context.Users.Single(x => x.Id == userId); bool correctPassword = PasswordHasher.Validate(payload.CurrentPassword, user.PasswordHash); if (!correctPassword) { Logger.Debug($"{user.Username} failed to change password due to incorrect password."); return(new GenericStatusMessage(false, "Password incorrect.")); } else if (payload.NewPassword != payload.NewPasswordAgain) { Logger.Debug($"{user.Username} failed to change password due to mismatching passwords."); return(new GenericStatusMessage(false, "Passwords do not match.")); } user.PasswordHash = PasswordHasher.Create(payload.NewPassword); context.SaveChanges(); return(new GenericStatusMessage(true)); } }