public async Task <Result <AccountDto> > ChangePasswordAsync(ChangeCurrentPasswordDto changePasswd) { var user = await _unitOfWork.AccountRepository.GetAccountCredentialsByEmailAsync(changePasswd.Email); if (user == null) { return(Result <AccountDto> .GetError(ErrorCode.NotFound, "Account does not exist.")); } var salt = await _unitOfWork.AccountRepository.GetAccountSaltByEmail(changePasswd.Email); if (!string.IsNullOrEmpty(salt)) { string checkPassword = HashPassword(changePasswd.CurrentPassword, salt); if (user.Password == checkPassword) { user.Salt = GenerateSalt(); user.Password = HashPassword(changePasswd.NewPassword, user.Salt); await _unitOfWork.CommitAsync(); return(Result <AccountDto> .GetSuccess(_mapper.Map <AccountDto>(user))); } else { return(Result <AccountDto> .GetError(ErrorCode.Conflict, "Wrong current password.")); } } return(Result <AccountDto> .GetError(ErrorCode.InternalServerError, "Salt for this account does not exist.")); }
public async Task <ActionResult> ChangePassword(ChangeCurrentPasswordDto changePasswd) { var updatedAccount = await _accountService.ChangePasswordAsync(changePasswd); return(updatedAccount.ToActionResult()); }
public async Task ChangePasswordAsync() { //Arrange var salt = GenerateSalt(); var oldPassword = "******"; var newPassword = "******"; Account account = new Account { Id = 5, IsActive = true, Email = "*****@*****.**", Password = HashPassword(oldPassword, salt), Salt = salt, Role = UserRole.Mentor }; var changePass = new ChangeCurrentPasswordDto { Email = "*****@*****.**", CurrentPassword = "******", NewPassword = newPassword, ConfirmNewPassword = newPassword }; AccountDto updatedAccountDto = new AccountDto { Id = 5, Email = "*****@*****.**", IsActive = true, Role = UserRole.Mentor }; var notExistDto = new ChangeCurrentPasswordDto { Email = "*****@*****.**" }; var wrongPasswordDto = new ChangeCurrentPasswordDto { Email = "*****@*****.**", CurrentPassword = "******", NewPassword = newPassword, ConfirmNewPassword = newPassword }; var withoutSaltDto = new ChangeCurrentPasswordDto { Email = "*****@*****.**" }; Account accountWithoutSalt = new Account { Id = 5, IsActive = true, Email = "*****@*****.**", Password = HashPassword(oldPassword, salt), Salt = null, Role = UserRole.Mentor }; _unitOfWorkMock.Setup(x => x.AccountRepository.GetAccountSaltByEmail(account.Email)) .ReturnsAsync(salt); _unitOfWorkMock.Setup(x => x.AccountRepository.GetAccountCredentialsByEmailAsync(changePass.Email)) .ReturnsAsync(account); _unitOfWorkMock.Setup(x => x.AccountRepository.GetAccountCredentialsByEmailAsync(accountWithoutSalt.Email)) .ReturnsAsync(accountWithoutSalt); var accountService = new AccountService( _unitOfWorkMock.Object, _mapper, _notificationServiceMock.Object); //Act var notExistAccount = await accountService.ChangePasswordAsync(notExistDto); var successResult = await accountService.ChangePasswordAsync(changePass); var wrongPassword = await accountService.ChangePasswordAsync(wrongPasswordDto); var accWithoutSalt = await accountService.ChangePasswordAsync(withoutSaltDto); //Assert Assert.NotNull(notExistDto); Assert.NotNull(successResult); Assert.NotNull(wrongPassword); Assert.NotNull(accWithoutSalt); Assert.Equal(ErrorCode.NotFound, notExistAccount.Error.Code); Assert.Equal(ErrorCode.Conflict, wrongPassword.Error.Code); Assert.Equal(ErrorCode.InternalServerError, accWithoutSalt.Error.Code); Assert.Equal(updatedAccountDto.Id, successResult.Data.Id); Assert.Equal(updatedAccountDto.Email, successResult.Data.Email); Assert.Equal(updatedAccountDto.IsActive, successResult.Data.IsActive); Assert.Equal(updatedAccountDto.Role, successResult.Data.Role); }