public async Task ChangePassword(PasswordChangeDto dto)
{
try
{
var user = (await _users.FindAsync(u => u.UserName == dto.UserName && u.Enabled == true)).FirstOrDefault();
if (user == null)
{
throw new UserNotFoundException(dto.UserName);
}
if (!_encryptor.TryMatchPassword(new HashedPassword(user.Salt, user.HashedPassword), dto.CurrentPassword))
{
throw new WrongPasswordException(dto.UserName);
}
var encrypted = _encryptor.CreateUserPassword(dto.NewPassword);
user.HashedPassword = Convert.ToBase64String(encrypted.HashedPasswordString);
user.Salt = Convert.ToBase64String(encrypted.Salt);
await _users.ReplaceOneAsync(u => u.Id == user.Id, user);
}
catch (Exception)
{
throw;
}
}
