public ActionResult UpdatePassword()
{
var user = _session.Load<User>(_executionContext.UserId);
if (user != null)
{
UserUpdatePasswordModel model = new UserUpdatePasswordModel()
{
Username = user.Username
};
return View(model);
}
return RedirectToAction("Index", "Home");
}
public ActionResult UpdatePassword(UserUpdatePasswordModel model)
{
var user = _session.Load<User>(_executionContext.UserId);
if (!Encryption.Verify(model.OldPassword, user.Password))
{
ModelState.AddModelError("OldPassword", "Incorrect original password");
return View("UpdatePassword", model);
}
if (model.NewPassword != model.ConfirmNewPassword)
{
ModelState.AddModelError("ConfirmNewPassword", "New password confirmation incorrect");
return View("UpdatePassword", model);
}
user.ChangePassword(Encryption.HashPassword(model.NewPassword));
return RedirectToAction("Index", "Home");
}