public UserProfileVM Login()
{
Stream stream = Request.Body;
LoginVM loginVM = this.ReadRequestBody <LoginVM>(stream);
User?existingUser = _UserRepo.GetUserByUsername(loginVM.Username);
if (existingUser == null || !PasswordOperator.ValidateMe(existingUser.Password, loginVM.Password))
{
return(new UserProfileVM());
}
else
{
HttpContext.Session.SetString("sessionId", IdGenerator.GenerateId());
return(this.GetProfile(existingUser));
}
}
public ActionResult ChangePassword()
{
Stream stream = Request.Body;
ChangePasswordVM changeable = this.ReadRequestBody <ChangePasswordVM>(stream);
User user = _UserRepo.GetUserByUsername(changeable.Username);
bool isSame = PasswordOperator.ValidateMe(user.Password, changeable.NewPassword);
bool isValid = PasswordOperator.ValidateMe(user.Password, changeable.OldPassword);
if (isSame || !isValid)
{
return(StatusCode(417));
}
else
{
string hashedPassword = PasswordOperator.HashMe(changeable.NewPassword);
user.Password = hashedPassword;
_UserRepo.UpdateEntityById(user);
return(Ok());
}
}
