public async Task<ActionResult> Manage(ManageUserViewModel model) { ViewBag.ReturnUrl = Url.Action("Manage"); if (ModelState.IsValid) { var user = await _userManager.FindByIdAsync(User.Identity.GetUserId<int>()); if (_userManager.PasswordHasher.VerifyHashedPassword(user.PasswordHash, model.OldPassword) == PasswordVerificationResult.Failed) { TempData["UpdatePasswordSuccess"] = "Old password is not correct"; return RedirectToAction("Manage"); } else { IdentityResult result = await _userManager.ChangePasswordAsync(User.Identity.GetUserId<int>(), model.OldPassword, model.NewPassword); if (result.Succeeded) { await SignInAsync(user, isPersistent: false); TempData["UpdatePasswordSuccess"] = "Password Updated Successfully!"; return RedirectToAction("Manage"); } else { AddErrors(result); } } } // If we got this far, something failed, redisplay form return View(model); }
public async Task<IHttpActionResult> ChangePassword(ManageUserViewModel model) { if (model.Email != null) { model.Email = EncryptDecryptHelper.Decrypt(model.Email); UserDto user = Services.Users.GetUserByEmail(model.Email); if (user != null) { Regex regex = new Regex(RegularExpressions.Password); model.OldPassword = EncryptDecryptHelper.Decrypt(model.OldPassword); model.NewPassword = EncryptDecryptHelper.Decrypt(model.NewPassword); model.ConfirmPassword = EncryptDecryptHelper.Decrypt(model.ConfirmPassword); if (model.NewPassword.Length >= MIN_PASSWORD_LENGTH && model.NewPassword.Length <= MAX_PASSWORD_LENGTH) { if (regex.IsMatch(model.NewPassword)) { if (model.NewPassword.Equals(model.ConfirmPassword)) { bool hasPassword = HasPassword(user); if (hasPassword) { if (_userManager.PasswordHasher.VerifyHashedPassword(user.Password, model.OldPassword) == PasswordVerificationResult.Failed) { return Json(new { Success = false, Error = "Old password is not correct." }); } else { IdentityResult result = await _userManager.ChangePasswordAsync(user.Id, model.OldPassword, model.NewPassword); if (result.Succeeded) { return Json(new { Success = true }); } else { return Json(new { Success = false, Error = result.Errors.First() }); } } } else { IdentityResult result = await _userManager.AddPasswordAsync(user.Id, model.NewPassword); if (result.Succeeded) { return Json(new { Success = true }); } else { return Json(new { Success = false, Error = result.Errors }); } } } else { return Json(new { Success = false, Error = "Passwords do not match" }); } } else { return Json(new { Success = false, Error = "New password must be at least 7 characters long and contain at least one capitalized letter (A-Z) and one digit (0-9)" }); } } else { return Json(new { Success = false, Error = "New password should be 6-20 characters in length." }); } } else { return Json(new { Success = false, Error = "Email does not exist" }); } } else { return Json(new { Success = false, Error = "Email is null" }); } }