public async Task <IActionResult> ResetPassword([FromForm] UserPasswordResetDto passwordResetDetails)
{
if (passwordResetDetails == null)
{
throw new ArgumentNullException(nameof(passwordResetDetails));
}
var result = await _userAdminSvc.ResetPasswordAsync(passwordResetDetails);
string message;
switch (result)
{
case ServiceResultStatusCode.Success:
message = $"User password successfully updated. \"Username\"={passwordResetDetails.Username}, \"UserId\"={passwordResetDetails.Id}";
_logger.LogInformation(message + $", \"ServiceResultStatusCode\"={result}");
Alert(message, AlertType.success);
return(RedirectToAction("Index"));
default:
message = $"An error occurred. Could not update user password. \"Username\"={passwordResetDetails.Username}, \"UserId\"={passwordResetDetails.Id}";
_logger.LogInformation(message + $", \"ServiceResultStatusCode\"={result}");
Alert(message, AlertType.danger);
return(RedirectToAction("Index"));
}
}
public IActionResult ResetPassword([FromBody] UserPasswordResetDto model)
{
bool passwordsMatch = _userRepo.DoPasswordsMatch(model.Password, model.ConfirmPassword);
if (!passwordsMatch)
{
return(BadRequest(new { message = "Passwords do not match" }));
}
var reset = _userRepo.ResetPassword(model.Username, model.Password, model.ConfirmPassword, model.ExistingPassword);
if (reset == false)
{
return(BadRequest(new { message = "Error while resetting password" }));
}
return(Ok());
}
public IActionResult ChangePassword([FromBody] UserPasswordResetDto model)
{
var userId = ClaimsReader.GetUserId(Request.HttpContext.Request);
var user = context.Users.SingleOrDefault(a => a.Id == userId);
if (user == null)
{
return(NotFound());
}
if (!UserValidators.CheckIfPasswordIsCorrect(model.Password))
{
return(BadRequest("Hasło musi posiadać wielką i małą literę, liczbę oraz znak specjalny a także składać się co najmniej z 8 znaków"));
}
try
{
if (!VerifyPasswordHash(model.OldPassword, user.PasswordHash, user.PasswordSalt))
{
return(BadRequest());
}
}
catch (Exception)
{
return(BadRequest());
}
CreatePasswordHash(model.Password, out byte[] passwordHash, out byte[] passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
try
{
context.SaveChanges();
}
catch (Exception)
{
return(BadRequest());
}
return(Ok());
}
public void ResetPasswordAsync_UserNotFound_ReturnsServiceResultStatusCodeNotFound()
{
var mockDal = Substitute.For <IUserDal>();
var mockLogger = Substitute.For <ILogger <UserAdministrationService> >();
var mockCryptoSvc = Substitute.For <ICryptographyService>();
mockDal.GetEntityAsync(1).Returns((User)null);
var adminSvc = new UserAdministrationService(mockLogger, mockDal, mockCryptoSvc);
var passwordRequest = new UserPasswordResetDto()
{
Id = 1
};
var result = adminSvc.ResetPasswordAsync(passwordRequest).GetAwaiter().GetResult();
Assert.That(result, Is.EqualTo(ServiceResultStatusCode.NotFound));
}
public async Task <IActionResult> ResetPassword(UserPasswordResetDto userPasswordResetDto)
{
TempData["Active"] = "Kullanıcı";
if (ModelState.IsValid)
{
User user = await _userManager.FindByEmailAsync(userPasswordResetDto.Email);
if (user != null)
{
string resetToken = await _userManager.GeneratePasswordResetTokenAsync(user);
MailMessage mail = new MailMessage();
mail.IsBodyHtml = true;
mail.To.Add(userPasswordResetDto.Email);
mail.From = new MailAddress("*****@*****.**", "Şifre Güncelleme", System.Text.Encoding.UTF8);
mail.Subject = "Şifre Güncelleme Talebi";
mail.Body = $"<a target=\"_blank\" href=\"https://*****:*****@gmail.com", "bitirmeprojesi7bitirmeprojesi7");
smp.UseDefaultCredentials = false;
smp.Port = 587;
smp.Host = "smtp.gmail.com";
smp.EnableSsl = true;
smp.Send(mail);
ViewBag.State = true;
}
else
{
ViewBag.State = false;
return(View());
}
}
else
{
return(View(userPasswordResetDto));
}
return(View());
}
public void ResetPasswordAsync_PasswordUpdateSuccess_ReturnsServiceResultStatusCodeSuccess()
{
var mockDal = Substitute.For <IUserDal>();
var mockLogger = Substitute.For <ILogger <UserAdministrationService> >();
var mockCryptoSvc = Substitute.For <ICryptographyService>();
var mockJobDescription = new JobDescription()
{
Description = "Head Honcho",
Role = UserRole.MedicalPractitioner
};
var mockEmployeeDetails = new Employee()
{
Firstname = "Aoife",
Lastname = "McGonagle",
Title = Title.Miss,
};
var mockUser = new User()
{
EmployeeDetails = mockEmployeeDetails,
Username = "******",
JobDescription = mockJobDescription,
State = AccountState.Active
};
mockDal.GetEntityAsync(1).Returns(mockUser);
mockDal.UpdateAsync(Arg.Any <User>()).Returns(mockUser);
var adminSvc = new UserAdministrationService(mockLogger, mockDal, mockCryptoSvc);
var passwordRequest = new UserPasswordResetDto()
{
Id = 1
};
var result = adminSvc.ResetPasswordAsync(passwordRequest).GetAwaiter().GetResult();
Assert.That(result, Is.EqualTo(ServiceResultStatusCode.Success));
}
/// <summary>
/// Reset the user account password
/// </summary>
/// <param name="userPasswordReset"></param>
/// <returns></returns>
public async Task <ServiceResultStatusCode> ResetPasswordAsync(UserPasswordResetDto userPasswordReset)
{
if (userPasswordReset == null)
{
throw new ArgumentNullException(nameof(userPasswordReset));
}
var user = await _userDal.GetEntityAsync(userPasswordReset.Id);
if (user == null)
{
return(ServiceResultStatusCode.NotFound);
}
// Generate the password hash and salt
_cryptoSvc.CreateHash(userPasswordReset.Password, out var hashPassword, out var saltPassword);
// update the user account
user.PasswordHash = hashPassword;
user.PasswordSalt = saltPassword;
return(await _userDal.UpdateAsync(user) != null ? ServiceResultStatusCode.Success : ServiceResultStatusCode.Failed);
}
