public void ResetPwConfirm(ResetPwRequest model)
{
string salt = _cryptographyService.GenerateRandomString(RAND_LENGTH);
string passwordHash = _cryptographyService.Hash(model.Password, salt, HASH_ITERATION_COUNT);
this.DataProvider.ExecuteNonQuery("dbo.ResetPw_Update"
, inputParamMapper : delegate(SqlParameterCollection paramCollection)
{
paramCollection.AddWithValue("@ResetCode", model.Code);
paramCollection.AddWithValue("@Password", passwordHash);
paramCollection.AddWithValue("@Salt", salt);
});
}
// Reset
public HttpResponseMessage ResetPassword(ResetPwRequest model)
{
if (!ModelState.IsValid)
{
return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState);
}
try
{
_userService.ResetPwConfirm(model);
return Request.CreateResponse(HttpStatusCode.OK, true);
}
catch (Exception ex)
{
return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex);
}
}
