public async Task <Result <bool> > UpdatePasswordAsync(string username, string ipAddress,
string hashedPassword, string proxyPassword,
string salt, int currentNumExceptions)
{
try
{
bool updateSuccess = false;
// Check the length of their password.
if (!StringUtilityService.CheckLength(proxyPassword, Constants.MaximumPasswordCharacters,
Constants.MinimumPasswordCharacters))
{
_ = _loggingManager.LogAsync(DateTime.UtcNow.ToString(Constants.LoggingFormatString),
Constants.UpdatePasswordOperation, username, ipAddress,
Constants.InvalidPasswordLengthLogMessage).ConfigureAwait(false);
return(SystemUtilityService.CreateResult(Constants.InvalidPasswordLengthUserMessage,
updateSuccess, false));
}
updateSuccess = true;
await _userManagementService.ChangePasswordAsync(username, hashedPassword, salt).ConfigureAwait(false);
_ = _loggingManager.LogAsync(DateTime.UtcNow.ToString(Constants.LoggingFormatString),
Constants.UpdatePasswordOperation, username, ipAddress).ConfigureAwait(false);
return(SystemUtilityService.CreateResult(Constants.UpdatePasswordSuccessUserMessage, updateSuccess, false));
}
catch (Exception e)
{
Console.WriteLine("UpdatePassword:"******"UpdatePassword:"******"{Constants.UpdatePasswordOperation} failed a maximum number of times for {username}.", Constants.SystemAdminEmailAddress).ConfigureAwait(false);
}
return(SystemUtilityService.CreateResult(Constants.SystemErrorUserMessage, false, true));
}
}
public async Task ChangePasswordAsync_UserExists_ChangesPassword()
{
using (var dbContext = TestHelpers.CreateDbContext())
using (var userManager = TestHelpers.CreateUserManager(dbContext))
using (var roleManager = TestHelpers.CreateRoleManager(dbContext))
{
// Arrange
var userManagementService = new UserManagementService(dbContext, userManager, roleManager);
var testUsers = TestHelpers.GetTestUsers();
ApplicationUser user1 = testUsers[0];
await userManager.CreateAsync(user1, ACCEPTABLE_PASSWORD);
const string ACCEPTABLE_PASSWORD2 = "accEPTable123!@#Pass2";
// Act
await userManagementService.ChangePasswordAsync(user1, ACCEPTABLE_PASSWORD2);
// Assert
Assert.True(await userManager.CheckPasswordAsync(user1, ACCEPTABLE_PASSWORD2));
}
}
public async Task UserManagementService_ChangePasswordAsync_ChangePasswordOfExistingUserSuccess(bool isTemp, string username, string name, string email,
string phoneNumber, string password, int disabled, string userType, string salt)
{
// Arrange: Create the user.
// Arrange: Create user
UserRecord user = new UserRecord(username, name, email, phoneNumber, password, Constants.EnabledStatus, Constants.CustomerUserType,
salt, Constants.NoValueLong, Constants.NoValueString, Constants.NoValueLong, Constants.NoValueInt, Constants.NoValueLong, Constants.NoValueInt, Constants.NoValueInt);
bool createResult = await _userManagementService.CreateUserAsync(isTemp, user).ConfigureAwait(false);
Assert.IsTrue(createResult);
// Act: Change the user password digest.
bool passwordResult = await _userManagementService.ChangePasswordAsync(username, password, salt).ConfigureAwait(false);
Assert.IsTrue(passwordResult);
// Assert: Read the user and make sure his password now matches the change.
UserObject userObj = await _userManagementService.GetUserInfoAsync(username).ConfigureAwait(false);
bool readResult;
if (userObj.TempTimestamp == 0 && userObj.Username == username && userObj.Name == name && userObj.Email == email &&
userObj.PhoneNumber == phoneNumber && userObj.Password == password && userObj.Disabled == disabled && userObj.UserType == userType && userObj.Salt == salt)
{
readResult = true;
}
else
{
readResult = false;
}
Assert.IsTrue(readResult);
// Cleanup: Delete that user.
bool deleteResult = await _userManagementService.DeleteUserAsync(username).ConfigureAwait(false);
Assert.IsTrue(deleteResult);
}