public async Task <ValidationResult> IsPasswordValid(ChangePasswordUserDTO dto, ExtendedIdentityUser user) { ValidationResult result = new ValidationResult(); if (dto.NewPassword != dto.ConfirmPassword) { result.Message = "New and confirm password did not match."; return(result); } else if (!Commons.Helper.Validation.IsValidPassword(dto.NewPassword)) { result.Message = "Invalid password. Password must be at least 8 characters long, contain a number and an uppercase letter."; return(result); } //see if user filled old password is same as current password var hasSameOldPassword = await _userManager.CheckPasswordAsync(user, dto.OldPassword); //if filled old pass and current pass did not match if (!hasSameOldPassword) { result.Message = "Invalid old password."; return(result); } else if (hasSameOldPassword && dto.OldPassword == dto.NewPassword) { result.Message = "New password must be different."; return(result); } // Its valid if reached here result.IsValid = true; return(result); }
public async Task <Result> ChangePasswordUser(ChangePasswordUserDTO dto) { var response = new Result(); try { //find user by given ID var user = await _userManager.FindByIdAsync(dto.Id); var valResult = await _validationService.IsPasswordValid(dto, user); if (!valResult.IsValid) { response.Message = valResult.Message; response.ErrorCode = ErrorCode.INVALID_INPUT; return(response); } else { user.HasPasswordChanged = true; //change user password var result = await _userManager.ChangePasswordAsync(user, dto.OldPassword, dto.NewPassword); var verify = false; var hasSMTP = false; if (result.Succeeded) { if (verify && hasSMTP) { //var msg = EmailNotification.ChangePassword(user.FirstName, user.Email); //await _emailSender.SendEmailAsync(user.Email, "Your Password changed", msg); } response.Success = true; response.Message = "Password has been successfully changed."; } else { response.ErrorCode = ErrorCode.DATA_NOT_FOUND; response.Message = "Password is not correct."; } } } catch (Exception e) { _logger.LogError("Error updating User: {0}", e.Message); } return(response); }