public async Task <IHttpActionResult> ChangePassword([FromBody] AccountModel account)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
string userId = ClaimsPrincipal.Current?.FindFirst(ClaimTypes.NameIdentifier).Value ?? string.Empty;
if (!string.IsNullOrEmpty(userId))
{
bool isMatchPassword = await this._identityService.IsMatchPassword(userId, account.OldPassword);
if (isMatchPassword)
{
SystemIdentityResult result = await this._identityService.ChangePassword(userId, account.NewPassword);
if (result.IsError)
{
this.AddErrors(result.Errors);
}
else
{
return(Ok(account.NewPassword));
}
}
}
return(BadRequest());
}
public async Task <IHttpActionResult> Register([FromBody] RegisterModel account)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Create User account in AspNetUsers
SystemIdentityResult result = await this._identityService.Register(account.Username, account.Password);
if (result.IsError)
{
this.AddErrors(result.Errors);
return(BadRequest(ModelState));
}
else
{
// Create user info in User
User user = AutoMapper.Mapper.Map <RegisterModel, User>(account);
_userService.CreateUser(user);
_userService.SaveUserChanges();
return(Ok(user));
}
}
public async Task <SystemIdentityResult> Register(string username, string password)
{
SystemIdentityResult result = new SystemIdentityResult();
using (var scope = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled))
{
Account account = new Account {
UserName = username, PhoneNumber = username
};
IdentityResult user = await this._accountService.CreateAsync(account, password);
if (!user.Succeeded)
{
result.Errors.AddRange(user.Errors);
}
else
{
var role = _accountService.AddToRole(account.Id, UserType.Member.ToString());
if (!role.Succeeded)
{
result.Errors.AddRange(role.Errors);
}
}
scope.Complete();
}
return(result);
}
public async Task <SystemIdentityResult> GrantResourceOwnerCredentials(string userName, string password, string authenticateType)
{
SystemIdentityResult result = new SystemIdentityResult();
Account user = await this._accountService.FindAsync(userName, password);
if (user == null)
{
result.Errors.Add("Invalid Username or Password.");
}
else
{
if (user.LockoutEnabled)
{
result.Errors.Add("Unable to login, please contact your administrator for more information");
}
else
{
ClaimsIdentity claimsIdentity = await this._accountService.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
claimsIdentity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
claimsIdentity.AddClaim(new Claim(ClaimTypes.Role, user.UserType.ToString()));
result.Data = claimsIdentity;
}
}
return(result);
}
public async Task <SystemIdentityResult> ChangePassword(string userId, string newPassword)
{
SystemIdentityResult result = new SystemIdentityResult();
IdentityResult user = await this._accountService.ResetPasswordAsync
(userId, await this._accountService.GeneratePasswordResetTokenAsync(userId), newPassword);
if (!user.Succeeded)
{
result.Errors.AddRange(user.Errors);
}
return(result);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
SystemIdentityResult result = await _identityService.GrantResourceOwnerCredentials(context.UserName, context.Password, context.Options.AuthenticationType);
if (result.IsError)
{
context.SetError("invalid_grant", result.Errors.FirstOrDefault());
return;
}
ClaimsIdentity claimIdentity = result.Data as ClaimsIdentity;
context.Validated(claimIdentity);
}
