public IHttpActionResult ChangePassword(Models.PasswordChangeViewModel dtoItem) { Library.DTO.Notification notification = new Library.DTO.Notification() { Type = Library.DTO.NotificationType.Success }; // authentication Module.Framework.BLL fwBll = new Module.Framework.BLL(); if (!fwBll.CanPerformAction(ControllerContext.GetAuthUserId(), moduleCode, Library.DTO.ModuleAction.CanUpdate)) { // edit case return(InternalServerError(new Exception(Properties.Resources.NOT_AUTHORIZED))); } // validation if (!Helper.CommonHelper.ValidateDTO <Models.PasswordChangeViewModel>(dtoItem, out notification)) { return(Ok(new Library.DTO.ReturnData <Models.PasswordChangeViewModel>() { Data = dtoItem, Message = notification })); } // change password try { using (AuthRepository _repo = new AuthRepository()) { if (dtoItem.NewPassword.Length < 7) { throw new Exception("Password length must be at least 7 chars"); } if (dtoItem.NewPassword != dtoItem.Confirmation) { throw new Exception("Password and confirmation do not match!"); } _repo.ResetPassword(dtoItem.UserName, dtoItem.NewPassword); } } catch (Exception ex) { notification.Type = Library.DTO.NotificationType.Error; notification.Message = ex.Message; return(Ok(new Library.DTO.ReturnData <DTO.UserMng.UserProfile>() { Data = null, Message = notification })); } return(Ok(new Library.DTO.ReturnData <bool>() { Data = true, Message = notification })); }
public IHttpActionResult ChangePassword(Models.PasswordChangeViewModel dtoItem) { Library.DTO.Notification notification = new Library.DTO.Notification() { Type = Library.DTO.NotificationType.Success }; // validation if (!Helper.CommonHelper.ValidateDTO <Models.PasswordChangeViewModel>(dtoItem, out notification)) { return(Ok(new Library.DTO.ReturnData <Models.PasswordChangeViewModel>() { Data = dtoItem, Message = notification })); } // change password try { using (AuthRepository _repo = new AuthRepository()) { if (dtoItem.NewPassword.Length < 7) { throw new Exception("Password length must be at least 7 chars"); } if (dtoItem.NewPassword != dtoItem.Confirmation) { throw new Exception("Password and confirmation do not match!"); } _repo.ResetPassword(ControllerContext.GetAuthUserName(), dtoItem.NewPassword); } } catch (Exception ex) { notification.Type = Library.DTO.NotificationType.Error; notification.Message = ex.Message; return(Ok(new Library.DTO.ReturnData <DTO.UserMng.UserProfile>() { Data = null, Message = notification })); } return(Ok(new Library.DTO.ReturnData <bool>() { Data = true, Message = notification })); }
public IHttpActionResult ChangePassword(Models.PasswordChangeViewModel data) { Library.DTO.Notification notification = new Library.DTO.Notification() { Type = Library.DTO.NotificationType.Success }; // change password using (AuthRepository _repo = new AuthRepository()) { if (data.NewPassword.Length < 7) { throw new Exception("Password length must be at least 7 chars"); } string errMsg = string.Empty; if (!_repo.ChangePassword(data.UserName, data.NewPassword, data.OldPassword, out errMsg)) { notification.Type = Library.DTO.NotificationType.Error; notification.Message = errMsg; return(Ok(new Library.DTO.ReturnData <string>() { Data = string.Empty, Message = notification })); } } // auto login var tokenExpiration = TimeSpan.FromDays(1); IdentityUser user = null; using (AuthRepository _repo = new AuthRepository()) { //_repo.RetrieveHash(); user = _repo.FindByUserNameNormal(data.UserName); } if (user != null) { Module.Framework.DTO.UserInfoDTO dtoUserInfo = bll.GetUserInfo(user.UserName); ClaimsIdentity identity = new ClaimsIdentity(OAuthDefaults.AuthenticationType); identity.AddClaim(new Claim("sub", user.UserName)); identity.AddClaim(new Claim("subid", dtoUserInfo.UserID.ToString())); identity.AddClaim(new Claim("branchid", dtoUserInfo.UserBranchID.ToString())); identity.AddClaim(new Claim("companyid", dtoUserInfo.UserCompanyID.ToString())); identity.AddClaim(new Claim("factoryid", dtoUserInfo.UserFactoryID.ToString())); identity.AddClaim(new Claim("role", "user")); var props = new AuthenticationProperties() { IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.Add(tokenExpiration), }; var ticket = new AuthenticationTicket(identity, props); var accessToken = Startup.OAuthBearerOptions.AccessTokenFormat.Protect(ticket); JObject tokenResponse = new JObject( new JProperty("access_token", accessToken), new JProperty("expires_in", tokenExpiration.TotalSeconds.ToString()) ); return(Ok(new Library.DTO.ReturnData <Object>() { Data = tokenResponse, Message = notification })); } // if we get here, something wrong with the process return(InternalServerError()); }