public IHttpActionResult ResetPassword(VMResetPassword model) { Users user = _dbUsers.FindByResetPasswordToken(model.ResetPasswordToken); if (user == null) { return(NotFound()); } Regex passwordRule = new Regex(@"(?=^.{6,}$)(?=.*\d)(?=.*[a-zA-Z])"); if (string.IsNullOrEmpty(model.NewPassword) || model.NewPassword != model.ConfirmNewPassword || !passwordRule.IsMatch(model.NewPassword)) { return(BadRequest()); } if (!_dbAuthenticationTokens.DeactivateByUserID(user.UserID)) { return(StatusCode((HttpStatusCode)456)); } user.PasswordSalt = PasswordGenerator.GenerateSalt(); user.PasswordHash = PasswordGenerator.GenerateHash(model.NewPassword, user.PasswordSalt); user.LastPasswordChange = DateTime.Now; user.ResetPasswordToken = null; user.ResetPasswordTokenExpiration = null; if (!_dbUsers.Edit(user)) { return(StatusCode((HttpStatusCode)554)); } return(Ok()); }
public ActionResult ResetPassword(int id, VMResetPassword VMResetPassword) { response = GlobalVariable.WebApiClient.GetAsync(string.Concat(controller, $"/{id}")).Result; Customer customer = response.Content.ReadAsAsync <Customer>().Result; if (customer.Password != VMResetPassword.OldPassword) { ViewBag.ErrorMessage = "Invalid Old Password !"; ViewBag.ErrorMessage2 = "Please try again later."; return(View()); } customer.Password = VMResetPassword.Password; response = GlobalVariable.WebApiClient.PutAsJsonAsync(string.Concat(controller, $"/{customer.ID}"), customer).Result; return(RedirectToAction("Index")); }