//[ValidateJsonAntiForgeryToken]
public ActionResult ManagePassword(LocalPasswordModel model)
{
bool hasLocalAccount = _membershipProvider.HasLocalAccount(User.Identity.Name);
if (hasLocalAccount)
{
if (ModelState.IsValid)
{
// ChangePassword will throw an exception rather than return false in certain failure scenarios.
bool changePasswordSucceeded;
try {
changePasswordSucceeded = _membershipProvider.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword);
} catch (Exception) {
changePasswordSucceeded = false;
}
if (!changePasswordSucceeded)
{
ModelState.AddModelError("", "The current password is incorrect or the new password is invalid.");
}
}
}
else
{
// User does not have a local password so remove any validation errors caused by a missing
// OldPassword field
ModelState state = ModelState["OldPassword"];
if (state != null)
{
state.Errors.Clear();
}
if (ModelState.IsValid)
{
try {
_membershipProvider.SetLocalPassword(User.Identity.Name, model.NewPassword);
} catch (MembershipException e) {
ModelState.AddModelError("", e.Message);
}
}
}
if (!ModelState.IsValid)
{
Response.StatusCode = (int)HttpStatusCode.BadRequest;
return(Json(ModelState.ToDictionary(kvp => kvp.Key, kvp => kvp.Value.Errors.Select(e => e.ErrorMessage).ToArray())));
}
return(Json(true));
}
