/// <summary> /// Changes user's password /// </summary> /// <param name="newPass"></param> /// <param name="oldPass"></param> /// <returns></returns> public static async Task <ChangePassOutput> ChangePasswordAsync(string newPass, string oldPass) { var output = new ChangePassOutput { Success = true }; //need to verify the user pass first and in order to do so, need to simulate user auth var uuid = Cartomatic.Utils.Identity.GetUserGuid(); if (!uuid.HasValue) //this shouldn't happen really as the service should only allow authenticated access, but... { output.Success = false; output.FailureReason = "unknown_user"; } else { try { var userId = Cartomatic.Utils.Identity.GetUserGuid();; var userManager = MapHive.Core.Identity.UserManagerUtils.GetUserManager(); var idUser = await userManager.FindByIdAsync(userId.ToString()); if (idUser != null) { if (!await userManager.CheckPasswordAsync(idUser, oldPass)) { output.FailureReason = "invalid_old_pass"; output.Success = false; } else if (await userManager.CheckPasswordAsync(idUser, newPass)) { output.FailureReason = "new_pass_same_as_old_pass"; output.Success = false; } else { var passResetToken = await userManager.GeneratePasswordResetTokenAsync(idUser); var result = await userManager.ResetPasswordAsync(idUser, passResetToken, newPass); output.Success = result.Succeeded; } } } catch (Exception ex) { output.Success = false; output.FailureReason = "unknown_error"; } } return(output); }
/// <summary> /// Changes user's password /// </summary> /// <typeparam name="TAccount"></typeparam> /// <param name="userAccountService"></param> /// <param name="newPass"></param> /// <param name="oldPass"></param> /// <returns></returns> public static async Task <ChangePassOutput> ChangePasswordAsync <TAccount>( UserAccountService <TAccount> userAccountService, string newPass, string oldPass) where TAccount : RelationalUserAccount { var output = new ChangePassOutput { Success = true }; //need to verify the user pass first and in order to do so, need to simulate user auth var uuid = Utils.Identity.GetUserGuid(); if (!uuid.HasValue) //this shouldn't happen really as the service should only allow authenticated access, but... { output.Success = false; output.FailureReason = "unknown_user"; } else { try { userAccountService.ChangePassword(uuid.Value, oldPass, newPass); } catch (Exception ex) { output.Success = false; if (ex.Message == "Invalid old password.") { output.FailureReason = "invalid_old_pass"; } if (ex.Message == "The new password must be different from the old password.") { output.FailureReason = "new_pass_same_as_old_pass"; } } } return(output); }