Exemple #1
0
        public async Task <bool> ValidateUser(string username, string password)
        {
            var user = await GetUser(username);

            if (user == null)
            {
                return(false);
            }

            if (user.Value.DeactivatedAt.HasValue)
            {
                return(false);
            }

            var userCreds = new UserAuthentication.UserCredentials(user.Value.HashedPassword,
                                                                   user.Value.Salt, user.Value.HashingIterations);

            return(await(UserAuthentication.ConfirmUserPassword(userCreds, password)));
        }
Exemple #2
0
        public async Task UpdateUserPassword(string username, string oldPassword, string newPassword)
        {
            if (!await ValidateUser(username, oldPassword))
            {
                throw new ArgumentException("Specified username/oldPassword is not correct.");
            }

            using (var transactionScope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
            {
                var    user       = (await UserDAO.GetByUserName(DbConnection, username)).Value;
                string resetToken = await UserDAO.GeneratePasswordResetToken(DbConnection, user.Id);

                var newUserIdentity = await UserAuthentication.GenerateUserCreds(username, newPassword);

                Log.Info(string.Format("Updating password for user " + username));
                await UserDAO.UpdatePassword(DbConnection, user.Id, resetToken, newUserIdentity.HashedPassword,
                                             newUserIdentity.Salt, newUserIdentity.HashingIterations);

                transactionScope.Complete();
            }
        }