public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordUserDto changePasswordUserDto)
{
var userId = User.GetUserId();
var userEmail = User.GetUserEmail();
var userBrowser = changePasswordUserDto.Browser;
var userBrowserVersion = changePasswordUserDto.BrowserVersion;
var changePasswordResult = await _changePasswordService.ChangePassword(changePasswordUserDto, userId);
if (changePasswordResult != null && changePasswordResult.Succeeded)
{
await _changePasswordService.SendPasswordChangeInformation(userEmail, userBrowser, userBrowserVersion);
_logger.LogInformation($"User with id: {userId} changed password");
return(NoContent());
}
_logger.LogInformation($"Ivalid password change as a user with id: {userId}");
return(BadRequest());
}
public async Task <IActionResult> OnPostAsync()
{
await GetPasswordHint();
PasswordStrength passwordStrength = (PasswordStrength)AccountPolicyAdapterModel.PasswordComplexity;
ClaimsPrincipal claimsPrincipal = HttpContextAccessor.HttpContext.User;
if (claimsPrincipal.Identity.IsAuthenticated == false)
{
Msg = "無法變更密碼,請先進行帳號密碼身分驗證程序";
return(Page());
}
else if (NewPassword != AgainPassword)
{
Msg = "請確認兩次輸入的密碼都是相同的";
return(Page());
}
else
{
var inputPasswordStrength = PasswordCheck.GetPasswordStrength(NewPassword);
if (passwordStrength > inputPasswordStrength)
{
Msg = "密碼強度不足,請輸入符合密碼政策的密碼";
return(Page());
}
var userId = Convert.ToInt32(claimsPrincipal.FindFirst(ClaimTypes.Sid)?.Value);
var myUser = await myUserService.GetAsync(userId);
if (myUser.Status == false)
{
#region 使用者已經被停用,無法變更密碼
Msg = $"使用者 {myUser.Account} 已經被停用,無法變更密碼";
await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
{
Message = Msg,
Category = LogCategories.User,
Content = "",
LogLevel = LogLevels.Information,
Updatetime = DateTime.Now,
IP = HttpContextAccessor.GetConnectionIP(),
});
logger.LogInformation($"{Msg}");
return(Page());
#endregion
}
Msg = await changePasswordService.CheckWetherCanChangePassword(myUser, NewPassword);
if (string.IsNullOrEmpty(Msg) == false)
{
return(Page());
}
await changePasswordService.ChangePassword(myUser, NewPassword,
HttpContextAccessor.GetConnectionIP());
Msg = $"使用者 {myUser.Account} / {myUser.Name} " +
$"已經變更密碼 {DateTime.Now}";
await SystemLogHelper.LogAsync(new SystemLogAdapterModel()
{
Message = Msg,
Category = LogCategories.User,
Content = "",
LogLevel = LogLevels.Information,
Updatetime = DateTime.Now,
IP = HttpContextAccessor.GetConnectionIP(),
});
logger.LogInformation($"{Msg}");
}
string returnUrl = Url.Content("~/");
return(LocalRedirect(returnUrl));
}