public IActionResult ChangePasswordPost(ChangePasswordViewModel viewModel)
{
ControllerHelper.ThrowIfAdminIsImpersonatingUser(User);
ControllerHelper.ThrowIfUserAccountRetiredOrEmailNotVerified(User, dataRepository);
// Check all values are provided and NewPassword is at least 8 characters long
viewModel.ParseAndValidateParameters(Request, m => m.CurrentPassword);
viewModel.ParseAndValidateParameters(Request, m => m.NewPassword);
viewModel.ParseAndValidateParameters(Request, m => m.ConfirmNewPassword);
// Get the current user
User currentUser = ControllerHelper.GetGpgUserFromAspNetUser(User, dataRepository);
// Check that passwords are valid
ValidatePasswords(viewModel, currentUser);
if (viewModel.HasAnyErrors())
{
return(View("ChangePassword", viewModel));
}
userRepository.UpdatePassword(currentUser, viewModel.NewPassword);
// send password change notification
emailSendingService.SendChangePasswordCompletedEmail(currentUser.EmailAddress);
// Set up success notification on Manage Account page
string nextPageUrl = Url.Action("ManageAccountGet", "ManageAccount");
StatusMessageHelper.SetStatusMessage(Response, "Your password has been changed successfully", nextPageUrl);
// Return user to the Manage Account page
return(LocalRedirect(nextPageUrl));
}
public IActionResult ChangePasswordPost(ChangePasswordViewModel viewModel)
{
ControllerHelper.ThrowIfAdminIsImpersonatingUser(User);
ControllerHelper.ThrowIfUserAccountRetiredOrEmailNotVerified(User, dataRepository);
// Check all values are provided and NewPassword is at least 8 characters long
viewModel.ParseAndValidateParameters(Request, m => m.CurrentPassword);
viewModel.ParseAndValidateParameters(Request, m => m.NewPassword);
viewModel.ParseAndValidateParameters(Request, m => m.ConfirmNewPassword);
// Get the current user
User currentUser = ControllerHelper.GetGpgUserFromAspNetUser(User, dataRepository);
// Check that passwords are valid
ValidatePasswords(viewModel, currentUser);
if (currentUser.ResetAttempts == Global.MaxAuthAttempts)
{
currentUser.ResetAttempts = 0;
dataRepository.SaveChanges();
StatusMessageHelper.SetStatusMessage(Response, "You have been logged out for security reasons", Url.Action("LoggedOut", "Login"));
return(LoginHelper.Logout(HttpContext, RedirectToAction("LoggedOut", "Login")));
}
if (viewModel.HasAnyErrors())
{
return(View("ChangePassword", viewModel));
}
userRepository.UpdatePassword(currentUser, viewModel.NewPassword);
// send password change notification
emailSendingService.SendChangePasswordCompletedEmail(currentUser.EmailAddress);
// Set up success notification on Manage Account page
string nextPageUrl = Url.Action("LoggedOut", "Login");
StatusMessageHelper.SetStatusMessage(Response, "Your password has been changed successfully", nextPageUrl);
return(LoginHelper.Logout(HttpContext, RedirectToAction("LoggedOut", "Login")));
}