public async Task <IActionResult> ChangePassword([FromBody] UsersChangePasswordViewModel usersChangePasswordViewModel)
{
try
{
if (ModelState.IsValid)
{
var result = _users.ChangePassword(usersChangePasswordViewModel);
if (result)
{
return(Ok());//"Password changed"
}
}
return(BadRequest("Password not Updated"));
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
}
public bool ChangePassword(UsersChangePasswordViewModel usersChangePasswordViewModel)
{
var user = _context.Users.FirstOrDefault(p => p.UserId == usersChangePasswordViewModel.UserId);
if (user == null)
{
return(false);
}
if (user.UserName.ToUpper() == "SUPERADMIN")
{
return(false);
}
byte[] passwordHash, passwordSalt;
if (!VerifyPasswordHash(usersChangePasswordViewModel.oldPassword, user.PasswordHash, user.PasswordSalt))
{
throw new Exception("MSG_OLD_PASSWORD_NOT_CORRECT");
}
CreatePasswordHash(usersChangePasswordViewModel.newPassword, out passwordHash, out passwordSalt);
user.PasswordHash = passwordHash;
user.PasswordSalt = passwordSalt;
_context.Entry(user).Property(x => x.PasswordHash).IsModified = true;
_context.Entry(user).Property(x => x.PasswordSalt).IsModified = true;
var result = _context.SaveChanges();
if (result > 0)
{
return(true);
}
else
{
return(false);
}
}
