public async Task ChangePassword(string lastPassword, string newPassword)
{
short userId = Convert.ToInt16(_httpContext.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier).Value);
Member member = await _memberRepository.GetMember(userId);
if (member == null)
{
throw new UnauthorizedAccessException("User not found");
}
if (!member.Password.DecryptTextWithBCrypt(lastPassword))
{
throw new ArgumentException("Last password isn't correct");
}
member.Password = newPassword.EncryptWithBCrypt();
await _memberRepository.Update(userId, member);
await _memberRepository.CommitAsync();
}
