public IHttpActionResult ChangePassword(ChangePasswordUserBaseUpdateRequest model)
{
try
{
model.CurrentUserBaseId = currentUserId;
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Boolean isPasswordChanged = _appTokenService.ChangePassword(model);
if (!isPasswordChanged)
{
return(BadRequest(ModelState));
}
//if the passwords fail, don't return OK
return(Ok(new SuccessResponse()));
}
catch (Exception ex)
{
int currentUser = _userService.GetCurrentUserId();
_appLogService.Insert(new AppLogAddRequest
{
AppLogTypeId = 1,
Message = ex.Message,
StackTrace = ex.StackTrace,
Title = "Error in " + GetType().Name + " " + System.Reflection.MethodBase.GetCurrentMethod().Name,
UserBaseId = currentUser
});
return(BadRequest(ex.Message));
}
}
public Boolean ChangePassword(ChangePasswordUserBaseUpdateRequest model)
{
Boolean isPasswordChanged;
UserBase user = new UserBase();
DataProvider.ExecuteCmd("dbo.UserBase_SelectById",
inputParamMapper: (SqlParameterCollection inputs) =>
{
inputs.AddWithValue("@id", model.CurrentUserBaseId);
},
singleRecordMapper: (IDataReader reader, short resultSet) =>
{
if (resultSet == 0)
{
user = DataMapper <UserBase> .Instance.MapToObject(reader);
}
});
string oldPasswordHash = _cryptographyService.Hash(model.OldPassword, user.Salt, HASH_ITERATION_COUNT);
if (user.PasswordHash == oldPasswordHash)
{
//use user id to get guid
ForgotPasswordAppTokenAddRequest addRequest = new ForgotPasswordAppTokenAddRequest();
addRequest.Email = user.Email;
string currentUserGUID = InsertGUID(addRequest);
//use guid to update password
ForgotPasswordUserBaseUpdateRequest updateRequest = new ForgotPasswordUserBaseUpdateRequest();
updateRequest.Password = model.NewPassword;
updateRequest.GUID = currentUserGUID;
UpdatePassword(updateRequest);
isPasswordChanged = true;
}
else
{
isPasswordChanged = false;
}
return(isPasswordChanged);
}