public ResultMessage SetResetedPassword(SetPasswordDto data)
{
try
{
var user = _unitOfWork.UsersRepository.Get(u => u.SecurityStamp == data.ActivationToken).First();
if (user == null)
{
return new ResultMessage {
Status = HttpStatusCode.BadRequest, ErrorCode = (int)AuthenticationErrorsCodeEnum.UserDoesNotExist
}
}
;
CreatePasswordHash(data.NewPassword, out byte[] passwordHash, out byte[] passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
user.SecurityStamp = Helper.GenerateToken();
_unitOfWork.UsersRepository.Update(user);
_unitOfWork.Commit();
return(new ResultMessage {
Status = HttpStatusCode.OK, Data = AuthenticateUser(user)
});
}
catch (Exception ex)
{
_logger.LogError(ex, string.Empty);
return(new ResultMessage {
Status = HttpStatusCode.InternalServerError, ErrorCode = (int)AuthenticationErrorsCodeEnum.AuthenticationError
});
}
}
public async Task <IActionResult> SetPassword(SetPasswordDto request)
{
int id = int.Parse(User.Claims.FirstOrDefault(claim => claim.Type == ClaimTypes.NameIdentifier).Value);
ServiceResponse <string> response = await authRepo.SetOrChangePassword(userId : id, oldPassword : null, newPassword : request.Password);
if (!response.Success)
{
return(BadRequest(response));
}
return(Ok(response));
}
public async Task <IHttpActionResult> SetPassword(int id, [FromBody] SetPasswordDto dto)
{
if ((await _userManager.FindByIdAsync(id)) == null)
{
return(NotFound());
}
await _userManager.RemovePasswordAsync(id);
await _userManager.AddPasswordAsync(id, dto.Password);
return(StatusCode(HttpStatusCode.Accepted));
}
public async Task <IActionResult> SetPassword(SetPasswordDto dto)
{
var result = await _mediator.Send(new SetPasswordRequest(User.Identity.Name, dto));
if (!result.Succeeded)
{
ModelState.AddErrors(result);
return(BadRequest(ModelState));
}
return(Ok(new ResponseViewModel("Your password has been reset!")));
}
public async Task <IActionResult> SetNewPassword(SetPasswordDto setPasswordDto)
{
IDatabaseContext context = _getDatabaseContext();
User currentUser = await HttpContext.GetCurrentUserAsync(context);
bool currentPasswordCorrect = _passwordService.VerifyPassword(setPasswordDto.CurrentPassword, currentUser.PasswordHash);
if (!currentPasswordCorrect)
{
return(BadRequest(RequestStringMessages.CurrentPasswordWrong));
}
currentUser.PasswordHash = _passwordService.HashPassword(setPasswordDto.NewPassword);
await context.SaveChangesAsync();
_logger.LogInformation("{0}(): User changed his password", nameof(SetNewPassword));
return(Ok());
}
public async Task <IActionResult> ResetPassword([FromBody] SetPasswordDto setPasswordDto)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
var user = await _userManager.FindByIdAsync(setPasswordDto.Id);
if (user == null)
{
return(NotFound());
}
var resetResult = _userManager.ResetPasswordAsync(user, setPasswordDto.Token, setPasswordDto.Password).Result;
if (!resetResult.Succeeded)
{
return(BadRequest());
}
return(Ok());
}
public async Task <IHttpActionResult> SetNewPassword([FromBody] SetPasswordDto setPasswordDto)
{
// Validate parameters
if (!ModelState.IsValid || setPasswordDto == null)
{
return(BadRequest());
}
var authorizedAdministrator =
(Administrator)ActionContext.Request.Properties[AuthorizationConstants.UserInformationKey];
using (var dbContext = new HappyMeterDatabaseContext())
{
dbContext.Administrators.Attach(authorizedAdministrator);
authorizedAdministrator.UpdatePassword(setPasswordDto.NewPassword);
await dbContext.SaveChangesAsync();
return(Ok());
}
}
public async Task SetPassword(SetPasswordDto input)
{
// Kiểm tra password admin
var adminUser = await _userRepository.FirstOrDefaultAsync((long)AbpSession.UserId);
var loginAsync = await _logInManager.LoginAsync(adminUser.UserName, input.AdminPassword, shouldLockout : false);
if (loginAsync.Result != AbpLoginResultType.Success)
{
throw new UserFriendlyException(L("WrongAdminPassword"));
}
var currentUser = await _userRepository.FirstOrDefaultAsync(input.UserId);
if (currentUser != null)
{
currentUser.Password = _passwordHasher.HashPassword(currentUser, input.Password);
}
else
{
throw new UserFriendlyException(L("AccountIsNotFound"));
}
}
public SetPasswordRequest(string userName, SetPasswordDto input)
{
UserName = userName;
Input = input;
}
public async Task <ActionResult> SetPassword(Guid id, SetPasswordDto pwDto, [FromServices] IMeansValueHasher pwHasher)
{
var userId = id;
if ((await _usersService.GetUser(userId)) is null)
{
throw new BaristaException("user_not_found", $"Could not find user with ID '{userId}'");
}
var passwordPage = await _identityService.BrowseMeansAssignedToUser(userId, new BrowseAssignedMeans { IsValid = true, Method = MeansMethod.Password, ResultsPerPage = 1 });
if (passwordPage.TotalResults == 1)
{
var means = passwordPage.Items.Single();
return(await SendAndHandleOperationCommand(new UpdateAuthenticationMeansValue(means.Id, pwHasher.Hash(pwDto.NewPassword))));
}
else if (passwordPage.TotalResults > 1)
{
_logger.LogWarning("The user {userId} has more than one password authentication means assigned. They will be purged before the new password is set.", userId);
int deletedPasswordMeans;
var query = new BrowseAssignedMeans {
IsValid = true, Method = MeansMethod.Password
};
do
{
deletedPasswordMeans = 0;
var passwordMeansPage = await _identityService.BrowseMeansAssignedToUser(userId, query);
foreach (var passwordMeans in passwordMeansPage.Items)
{
await Publisher.SendRequest(new DeleteAuthenticationMeans(passwordMeans.Id));
_logger.LogInformation("Purged one of multiple passwords assigned to user {userId} with means ID {meansId}", userId, passwordMeans.Id);
deletedPasswordMeans++;
}
} while (deletedPasswordMeans > 0);
}
var meansCreation = await Publisher.SendRequest <ICreateAuthenticationMeans, IIdentifierResult>(
new CreateAuthenticationMeans(Guid.NewGuid(), null, MeansMethod.Password, pwHasher.Hash(pwDto.NewPassword), DateTimeOffset.UtcNow, null)
);
if (!meansCreation.Successful)
{
throw meansCreation.ToException();
}
var meansAssignment = await Publisher.SendRequest <ICreateAssignmentToUser, IIdentifierResult>(
new CreateAssignmentToUser(Guid.NewGuid(), meansCreation.Id.Value, DateTimeOffset.UtcNow, null, userId, false)
);
if (!meansAssignment.Successful)
{
throw meansAssignment.ToException();
}
return(Ok());
}
public async Task <IActionResult> SetPassword(Guid id, SetPasswordDto passwordDto)
{
await _localUserService.SetPassword(id, passwordDto.Password);
return(Ok());
}
public IActionResult SetResetedPassword([FromBody] SetPasswordDto data)
{
return(GetStatusCodeResult(_userService.SetResetedPassword(data)));
}
