public async Task <Optional <User> > Register(string username, string email, string password)
{
string hashedPassword = _passwordEncoder.HashPassword(password);
byte[] bytes = Encoding.UTF8.GetBytes(hashedPassword);
return(await _userDao.Save(username, email, bytes));
}
public IHttpActionResult UpdatePassword([FromBody] UpdatePasswordForm form)
{
Dictionary <string, string> errorList;
if (!ModelState.IsValid)
{
errorList = AppUtils.Validation.GetErrorDictionary(ModelState);
return(Content(
HttpStatusCode.BadRequest,
new ResponseWrapper <object>(HttpStatusCode.BadRequest, errorList)
));
}
uint userId = Convert.ToUInt32(RequestContext.Principal.Identity.Name);
User user = new User();
if (!user.DAL_Load(userId))
{
return(NotFound());
}
//Later may move to its own validation that receive modelState as binding result
if (!_passwordEncoder.IsMatch(form.CurrentPassword, user.Password))
{
ModelState.AddModelError("CurrentPassword", "Current Password is not valid.");
errorList = AppUtils.Validation.GetErrorDictionary(ModelState);
return(Content(
HttpStatusCode.BadRequest,
new ResponseWrapper <object>(HttpStatusCode.BadRequest, errorList)
));
}
user.Password = _passwordEncoder.HashPassword(form.NewPassword);
user.ModifiedBy = userId;
if (user.DAL_UpdatePassword())
{
return(Ok(new ResponseWrapper <bool>(HttpStatusCode.OK, true)));
}
return(InternalServerError());
}
