public bool ChangePassword(UserChangePassword user)
{
try
{
db.Open();
int n = db.Execute(@"Update Users set
Password = @Password
where UserId = @id",
new
{
@id = user.UserId,
@Password = user.Password
}
);
return(n > 0);
}
catch (Exception ex)
{
throw ex;
}
finally
{
db.Close();
}
}
public async Task <User> ChangePassword(UserChangePassword user)
{
try
{
var objUser = new User();
objUser = await GetUserById(user.id);
if (objUser != null)
{
//check pass
if (SecurityBCryptMethod.VerifyPassword(user.Password, objUser.Password))
{
// update pass
objUser.Password = SecurityBCryptMethod.CreatePasswordHash(user.NewPassword);
await Update(objUser);
}
else
{
return(null);
}
}
return(objUser);
}
catch (Exception)
{
throw;
}
}
public UserChangePassword ChangePassword(UserChangePassword user)
{
try
{
using (SqlConnection con = new SqlConnection(_connectionString))
{
con.Open();
using (SqlCommand cmd = new SqlCommand("pr_user_change_password", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add("@user_name", SqlDbType.VarChar).Value = user.UserName;
cmd.Parameters.Add("@password_old", SqlDbType.VarChar).Value = user.OldPassword;
cmd.Parameters.Add("@password_new", SqlDbType.VarChar).Value = user.NewPassword;
cmd.Parameters.Add("@password_confirmnew", SqlDbType.VarChar).Value = user.ConfirmNewPassword;
cmd.Parameters.Add("@is_valid", SqlDbType.Int).Direction = ParameterDirection.Output;
cmd.ExecuteNonQuery();
user.Updated = Convert.ToInt32(cmd.Parameters["@is_valid"].Value);
}
}
return(user);
}
catch (Exception ex)
{
user.ErrorMessage = ex.Message;
user.Updated = 0;
return(user);
}
}
public bool updateNewPassword(UserChangePassword cp)
{
bool result = false;
using (var cn = new SqlConnection(@"Data Source=(LocalDb)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\BookStoreContext.mdf;Initial Catalog=BookStoreContext;Integrated Security=True"))
{
string _sql = @"Update [dbo].[Users] " +
@"SET [Password]= @p WHERE [Username] = @u";
var cmd = new SqlCommand(_sql, cn);
cmd.Parameters
.Add(new SqlParameter("@p", SqlDbType.NVarChar))
.Value = Helpers.SHA.Encode(cp.uPwd);
cmd.Parameters
.Add(new SqlParameter("@u", SqlDbType.NVarChar))
.Value = cp.uName;
cn.Open();
try
{
cmd.ExecuteNonQuery();
result = true;
}
catch (Exception ex)
{
result = false;
}
}
return(result);
}
public async Task <ActionResult <UserAuthResponse> > ChangePassword([FromBody] UserChangePassword ucp)
{
var ua = await dbHelper.GetUserAuthAsync(ucp.Username);
if (ua != null)
{
var oldValid = PasswordHasher.IsEqual(ua.PasswordHash, ua.PasswordSalt, ucp.OldPassword);
if (oldValid)
{
var newPasswordHash = PasswordHasher.GeneratePasswordHash(ucp.NewPassword, ua.PasswordSalt);
var resp = await dbHelper.ChangePasswordAsync(ua.UserId, newPasswordHash);
return(new UserAuthResponse
{
IsSuccess = resp.IsSuccess,
Message = resp.Message
});
}
else
{
return(new UserAuthResponse
{
IsSuccess = false,
Message = "Old password doesn't match"
});
}
}
return(new UserAuthResponse
{
IsSuccess = false,
Message = "User not authenticated"
});
}
protected virtual bool ChangeCurrentUserPassword(string pwd, string newPwd, UserChangePassword control)
{
if (pwd.Equals(newPwd))
{
var u = User.LoadNode(User.Current.Id) as User;
#region from changeset #16856
u.Password = pwd;
#endregion
u.PasswordHash = User.EncodePassword(pwd);
this.ChangeToAdminAccount();
u.Save();
this.RestoreOriginalUser();
return(true);
}
else
{
control.Message = HttpContext.GetGlobalResourceObject("PublicRegistrationPortlet", "PasswordsDontMatch") as string;
}
return(false);
}
public bool checkOldPassword(UserChangePassword cp)
{
using (var cn = new SqlConnection(@"Data Source=(LocalDb)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\BookStoreContext.mdf;Initial Catalog=BookStoreContext;Integrated Security=True"))
{
bool result = false;
string _sql = @"SELECT * FROM [dbo].[Users] " +
@"WHERE [Username] = @u AND [Password] = @p";
var cmd = new SqlCommand(_sql, cn);
cmd.Parameters
.Add(new SqlParameter("@u", SqlDbType.NVarChar))
.Value = cp.uName;
cmd.Parameters
.Add(new SqlParameter("@p", SqlDbType.NVarChar))
.Value = Helpers.SHA.Encode(cp.uOPwd);
cn.Open();
try
{
//didnt read
var reader = cmd.ExecuteReader();
if (reader.Read())
{
result = true;
reader.Dispose();
cmd.Dispose();
}
}
catch (Exception ex) { }
return(result);
}
}
public async Task <IActionResult> ChangePassword(UserChangePassword changePassword)
{
if (changePassword != null && ModelState.IsValid)
{
changePassword.UserId = User.Identity.Name;
IdentityResult result = await _dataProcessingConveyor.ChangePasswordAsync(changePassword);
if (result.Succeeded)
{
return(RedirectToAction("Login", "Account"));
}
else
{
string errorText, key;
foreach (var error in result.Errors)
{
errorText = error.Description;
key = String.Empty;
if (error.Description == "Incorrect password.")
{
errorText = "Неправильный старый пароль";
key = "OldPassword";
}
ModelState.AddModelError(key, errorText);
}
return(View(changePassword));
}
}
return(View(changePassword));
}
public async Task <IActionResult> UpdatePassword([FromBody] UserChangePassword userpassword)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
try
{
var userchange = await _userRepository.ChangePassword(userpassword);
if (userchange != null)
{
return(Ok(userchange));
}
else
{
return(NotFound());
}
}
catch (Exception)
{
throw;
}
}
public async Task <IActionResult> ChangePassword(UserChangePassword model)
{
if (ModelState.IsValid)
{
var user = await userManager.FindByIdAsync(model.Id);
if (user != null)
{
var result = await userManager.ChangePasswordAsync(user, model.CurrentPassword, model.NewPassword);
if (result.Succeeded)
{
await userPasswordChangeHistoryService.AddHistory(user.Id, model.NewPassword);
return(RedirectToAction(nameof(Index)));
}
else
{
foreach (var item in result.Errors)
{
ModelState.AddModelError("", item.Description);
}
}
}
else
{
ModelState.AddModelError("", "Can Not Find User");
}
}
return(View(model));
}
public async Task <IActionResult> ChangePasswordPost([FromRoute] string userId,
[FromForm] UserChangePassword userChangePassword, [FromForm] string button)
{
if (button != "change")
{
return(RedirectToAction("UserView", new { userId }));
}
if (!ModelState.IsValid)
{
return(View("ChangePassword"));
}
string viewingUserId = this.GetViewerUserId();
if (viewingUserId != userId)
{
return(Unauthorized());
}
await _userService.UpdatePassword(userId, userChangePassword.OldPassword, userChangePassword.NewPassword).ConfigureAwait(false);
_logger.LogInformation("User: {UserId} has changed their password", viewingUserId);
return(RedirectToAction("UserView", new { userId }));
}
public bool ChangePassword(UserChangePassword model)
{
var userId = _tcContext.Users.Where(x => x.UserName.ToLower() == model.UserName.ToLower()).FirstOrDefault().UserId;
var passwordHistoryList = _tcContext.UserPasswordHistories
.Where(x => x.UserId == userId).OrderByDescending(x => x.TrackingId).Take(5).ToList();
if (!PasswordManager.IsPreviousUsedPassword(passwordHistoryList, model.Password))
{
UserDto user = new UserDto()
{
UserId = userId, UserName = model.UserName, UserPassword = model.Password
};
byte[] paswordHash;
byte[] passworSalt;
PasswordManager.GeneratePasswordHash(model.Password, out paswordHash, out passworSalt);
if (_userManagerRepository.SaveUser(user, paswordHash, passworSalt, TransactionType.Reset.ToString()) == 0)
{
throw new ServiceException(new ErrorMessage[]
{
new ErrorMessage()
{
Message = $"Unable to reset user "
}
});
}
}
return(true);
}
public async Task <UserAuthResponse> ChangePasswordAsync(string username, string oldPassword, string newPassword)
{
try
{
var cp = new UserChangePassword
{
Username = username,
OldPassword = oldPassword,
NewPassword = newPassword
};
var resp = await client.PostAsJsonAsync($"api/user/change-password", cp);
var json = await resp.Content.ReadAsStringAsync();
return(JsonSerializer.Deserialize <UserAuthResponse>(json));
}
catch (Exception ex)
{
return(new UserAuthResponse
{
IsSuccess = false,
Message = ex.Message
});
}
}
public async Task <IActionResult> ChangeUserPassword(UserChangePassword userChangePassword)
{
if (!ModelState.IsValid)
{
return(View(userChangePassword));
}
var user = await GetCurrentUserAsync();
if (user != null)
{
var result = await _userManager.ChangePasswordAsync(user, userChangePassword.Oldpassword, userChangePassword.Newpassword);
if (result.Succeeded)
{
user.EmailConfirmed = true;
await _userManager.UpdateAsync(user);
await _signInManager.SignInAsync(user, isPersistent : false);
_logger.LogInformation(3, "User changed their password successfully.");
return(RedirectToAction(nameof(HomeController.Welcome), "Home", new { Message = MessageNote.Exist }));
}
AddErrors(result);
return(View(userChangePassword));
}
return(View(userChangePassword));
}
public async Task <ActionResult> DoChangePass(UserChangePassword model)
{
try
{
if (ModelState.IsValid == false)
{
return(Json(new ResponseMessageModel
{
HasError = true,
Title = ResShared.TITLE_REGISTER_FAILED,
Message = ResShared.ERROR_INVALID_MODEL
}));
}
using (var repository = new UserRepository())
{
if (repository.UserExistsById(model.Id) == false)
{
return(Json(new ResponseMessageModel
{
HasError = true,
Title = ResShared.TITLE_REGISTER_FAILED,
Message = "El usuario ya no existe"
}));
}
}
var token = await UserManager.GeneratePasswordResetTokenAsync(model.Id);
var result = await UserManager.ResetPasswordAsync(model.Id, token, model.Password);
if (!result.Succeeded)
{
return(Json(new ResponseMessageModel
{
HasError = true,
Title = ResShared.TITLE_REGISTER_FAILED,
Message = "No fue posible cambiar la contraseña debido a: " + string.Join(", ", result.Errors)
}));
}
return(Json(new ResponseMessageModel
{
HasError = false,
Title = ResShared.TITLE_REGISTER_SUCCESS,
Message = ResShared.INFO_REGISTER_SAVED
}));
}
catch (Exception ex)
{
SharedLogger.LogError(ex, model.Id);
return(Json(new ResponseMessageModel
{
HasError = true,
Title = ResShared.TITLE_REGISTER_FAILED,
Message = ResShared.ERROR_UNKOWN
}));
}
}
public UsersController(IUserRepository userRepository, UserRegister userRegister,
UserChangePassword userChangePassword, PhotoUser photoUser)
{
_userRepository = userRepository;
_userRegister = userRegister;
_userChangePassword = userChangePassword;
_photoUser = photoUser;
}
public ActionResult ChangePassword()
{
UserChangePassword cp = new UserChangePassword();
cp.uName = User.Identity.Name;
return(View(cp));
}
public async Task <bool> ChangePassword(UserChangePassword user)
{
string json = JsonConvert.SerializeObject(user);
var httpContent = new StringContent(json, Encoding.UTF8, "application/json");
var httpResponse = await _client.PostAsync("api/admin", httpContent);
return(httpResponse.IsSuccessStatusCode);
}
public UserChangePasswordTest()
{
GlobalParameters.KeyPassword = "******";
_userMocks = new UserMocks();
_userChangePassword = new UserChangePassword(_userMocks.UserRepository.Object);
_userRegisterDto = UserBuilder.New().BuildRegisterDto();
_userLog = "Admin";
}
internal static bool IsValidPassword(string pwd, string newPwd, UserChangePassword control)
{
if (String.IsNullOrEmpty(pwd) ||
String.IsNullOrEmpty(newPwd))
{
control.Message = HttpContext.GetGlobalResourceObject("PublicRegistrationPortlet", "PasswordNotValid") as string;
return(false);
}
return(true);
}
public async Task <ActionResult <User> > ChangePassword([FromBody] UserChangePassword user)
{
var userFound = await _mediator.Send(new ChangePasswordForUserCommand { User = user });
if (userFound == null)
{
return(Conflict());
}
return(Ok(userFound));
}
public async Task <IActionResult> UpdatePasswordAsync(UserChangePassword changePasswordModel)
{
var result = await _userApplicationService.UpdatePasswordAsync(changePasswordModel);
if (result.Succeeded)
{
return(Ok());
}
return(Result(result));
}
public void ChangePassword(UserChangePassword user)
{
var userFromDb = MainRepository.FindFirstOrDefault(x => x.ResetPasswordToken == user.Token);
CheckIfTokenIsValid(userFromDb);
userFromDb.ResetPasswordTokenValid = DateTime.Now;
CreatePasswordHash(user.Password, out byte[] passwordHash, out byte[] passwordSalt);
userFromDb.PasswordSalt = passwordSalt;
userFromDb.PasswordHash = passwordHash;
MainRepository.Update(userFromDb);
MainRepository.Save();
}
public ActionResult ChangePassword(UserChangePassword user)
{
try
{
_userService.ChangePassword(user);
return(Ok());
}
catch (Exception ex)
{
return(BadRequest(new { message = ex.Message }));
}
}
public ActionResult ChangePassword()
{
if (!CheckLogin())
{
return(RedirectToAction("Login", "User"));
}
var user = new UserChangePassword();
user.UserName = Session[DSEConstant.UserName].ToString();
return(View(user));
}
public async Task <UserChangePassword> GetUserForChangePasswordAsync(string userName)
{
var user = await _userManager.FindByNameAsync(userName);
UserChangePassword changePassword = new UserChangePassword();
if (user != null)
{
changePassword.UserId = user.Id;
}
return(changePassword);
}
public async Task <IActionResult> ChangePassword([FromBody] UserChangePassword user)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (await _repository.ChangePassword(user.Id, user.Password))
{
return(NoContent());
}
return(BadRequest($"Failed to change password for User with ID of {user.Id}"));
}
public ActionResult PasswordEmail(MailModel model)
{
try
{
Random rd = new Random();
var data = new UserData();
var user = data.GetByEmail(model.To);
if (user != null)
{
int securityCode = rd.Next(000000, 999999);
//Cấu hình thông tin Gmail
var mail = new SmtpClient("smtp.gmail.com", 587)
{
Credentials = new NetworkCredential("*****@*****.**", "ZXCVB@1999"),
EnableSsl = true
};
//Tạo email
var message = new MailMessage("*****@*****.**", model.To);
//attach
message.Subject = "Yêu cầu đặt lại mật khẩu";
string htmlString = @"<html>
<body>
<p>Chào quý khách,</p>
<p>Chúng tôi đã nhận được yêu cầu thay đổi mật khẩu của quý khách.</p>
<p>Nhập mã đặt lại mật khẩu sau đây: " + securityCode +
"</p>" +
"</body>" +
"</html>";
message.IsBodyHtml = true;
message.Body = htmlString;
mail.Send(message);
var session = new UserChangePassword();
session.userID = user.UserID;
session.securityCode = securityCode.ToString();
Session.Add(CommonConstants.CODE_SESSION, session);
return(Redirect("~/Login/ChangePassword/" + user.UserID));
}
else
{
ViewBag.ThongBao = "Email không tồn tại. Vui lòng nhập lại!";
return(View(model));
}
}
catch
{
ViewBag.ThongBao = "Không gửi được mail, hãy kiểm tra lại kết nối internet";
return(View(model));
}
}
public async Task <User> ChangePassword(UserChangePassword user)
{
var userFound = await _context.Users.FirstOrDefaultAsync(u => u.Email == user.Email);
var authenticated = BCrypt.Net.BCrypt.Verify(user.OldPassword + userFound.Salt, userFound.Password);
if (!authenticated)
{
return(null);
}
userFound.Password = BCrypt.Net.BCrypt.HashPassword(user.NewPassword + userFound.Salt);
await _context.SaveChangesAsync();
return(userFound);
}
public IHttpActionResult ChangePassword(UserChangePassword changePassword)
{
ApplicationUser applicationUser = UserManager.FindByName(changePassword.Email);
if (applicationUser != null)
{
UserManager.RemovePassword(applicationUser.Id);
var result = UserManager.AddPassword(applicationUser.Id, changePassword.Password);
if (result.Succeeded)
{
return(Ok());
}
}
return(BadRequest("Erro interno"));
}
