public void ChangePassword(int userId, string oldPasswordValue, string newPasswordValue) { var user = _userManager.GetUserById(userId); var oldPassword = user.Credentials.Passwords.First(p => p.IsActive); if (oldPassword.Value != oldPasswordValue) { throw new OldPasswordWrongException("Old password is wrong"); } if (_passwordPolicy.SatisfiesPolicy(user, newPasswordValue)) { throw new NewPasswordDoesNotApplyPolicyException("New password does not apply password policy."); } var newPassword = new Password(); newPassword.Value = _passwordHasher.GetHash(newPasswordValue); newPassword.ExpirationDate = DateTimeOffset.Now.AddYears(1); newPassword.Credentials = user.Credentials; newPassword.IsActive = true; user.Credentials.Passwords.Add(newPassword); oldPassword.IsActive = false; _userManager.UpdateUser(); }
public void RecoverPassword(string newPasswordValue, string codeValue) { _confirmationCodeService.ValidateCode(codeValue); var user = _confirmationCodeService.GetRelatedUser(codeValue); if (_passwordPolicy.SatisfiesPolicy(user, newPasswordValue)) { newPasswordValue = _passwordHasher.GetHash(newPasswordValue); user.UpdatePassword(newPasswordValue); _confirmationCodeService.DeactivateCode(codeValue); } }
public void RecoverPassword(string newPasswordValue, string codeValue) { _confirmationCodeService.ValidateCode(codeValue, Models.ConfirmationCodeType.PasswordRecovery); var user = _confirmationCodeService.GetRelatedUser(codeValue); if (!_passwordPolicy.SatisfiesPolicy(user, newPasswordValue)) { throw new PasswordDoesNotSatisfyPolicyException("Password does not satisfy policy."); } newPasswordValue = _passwordHasher.GetHash(newPasswordValue); user.UpdatePassword(newPasswordValue); _confirmationCodeService.DeactivateCode(codeValue); }