public async Task<IHttpActionResult> ChangePassword(ChangePasswordModel model)
{
try
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
using (AuthRepository repo = new AuthRepository())
{
ApplicationUser appUser = await repo.FindAspUserByUserId(User.Identity.Name);
var user = await repo.CheckCredentials(appUser.UserName, model.OldPassword);
if (user == null)
{
// Don't reveal that the user does not exist
ModelState.AddModelError(ModelStateType.ErrorList, "The current password is incorrect");
return BadRequest(ModelState);
}
IdentityResult result = await repo.ChangePasswordAsync(user, model.OldPassword, model.NewPassword);
if (!result.Succeeded)
{
foreach (string error in result.Errors)
ModelState.AddModelError(ModelStateType.ErrorList, error);
return BadRequest(ModelState);
}
return Ok();
}
}
catch (Exception ex)
{
Helper.ErrorLogging.LogError(ex);
return InternalServerError(ex);
}
}
public async Task<IHttpActionResult> ResendTFAEmail(ResendTFAEmailModel model)
{
try
{
if (!ModelState.IsValid)
return BadRequest(ModelState);
using (AuthRepository repo = new AuthRepository())
{
ApplicationUser currentUser = await repo.CheckCredentials(model.HiddenUserName, model.HiddenPassword);
if (currentUser != null)
{
await repo.SendTwoFactorAuthentionToken(currentUser.Id);
}
}
return Ok();
}
catch (Exception ex)
{
Helper.ErrorLogging.LogError(ex);
return InternalServerError(ex);
}
}