/// <summary> /// Changes the password of the specified user /// </summary> /// <param name="username">the username of the user</param> /// <param name="oldPassword">old password for user</param> /// <param name="newPassword">new password for user</param> /// <param name="confirmPassword">confirmed new password for user</param> /// <returns></returns> public Status <User> ChangePassword(string username, string oldPassword, string newPassword, string confirmPassword) { if (confirmPassword != newPassword) { return(Status <User> .ValidationError <User>(null, "ConfirmPassword", "Passwords do not match")); } using (var context = new RentlerContext()) { // get user whose password needs to be reset var userStatus = GetUser(username, context); if (userStatus.StatusCode != 200) { return(userStatus); } var user = userStatus.Result; if (user.PasswordHash != FormsAuthentication.HashPasswordForStoringInConfigFile(oldPassword, "SHA1")) { return(Status <User> .ValidationError <User>(null, "OldPassword", "Old Password is incorrect")); } try { // reset password user.PasswordHash = FormsAuthentication.HashPasswordForStoringInConfigFile(newPassword, "SHA1"); context.SaveChanges(); // notify user by email that their password was changed successfully. EmailChangePasswordModel model = new EmailChangePasswordModel() { Name = string.Format("{0} {1}", user.FirstName, user.LastName), To = user.Email }; mailer.ChangePassword(model); return(Status <User> .OK(user)); } catch (Exception ex) { // TODO: log exception return(Status.Error <User>("System was unable to change password", null)); } } }
public ActionResult ChangePassword(EmailChangePasswordModel model) { var status = mailer.ChangePassword(model); return(Json(status, JsonRequestBehavior.AllowGet)); }