//Metodo que se llama una vez se valide todo, y se realiza el cambio de contraseña
public void modificarPassword(ValidarPassword np)
{
string encriptedPassword = GetSha256(np.newpassword);
string StrConn = ConfigurationManager.ConnectionStrings["BDLocal"].ToString();
using (SqlConnection conn = new SqlConnection(StrConn))
{
conn.Open();
SqlCommand comm = new SqlCommand("modificarPassword", conn);
comm.CommandType = System.Data.CommandType.StoredProcedure;
comm.Parameters.Add(new SqlParameter("@password", encriptedPassword));
comm.Parameters.Add(new SqlParameter("@email", np.email));
SqlDataReader dr = comm.ExecuteReader();
}
}
//Metodo para validar el token ingresado en el formulario de cambio de contraseña con el token que esta en la BD
public bool validarTokenEmail(ValidarPassword np)
{
string strConn = ConfigurationManager.ConnectionStrings["BDLocal"].ToString();
bool result = false;
using (SqlConnection conn = new SqlConnection(strConn))
{
conn.Open();
SqlCommand comm = new SqlCommand("validarTokenEmail", conn);
comm.CommandType = System.Data.CommandType.StoredProcedure;
comm.Parameters.Add(new SqlParameter("@email", np.email));
comm.Parameters.Add(new SqlParameter("@token", np.token));
SqlDataReader reader = comm.ExecuteReader();
if (reader.HasRows)
{
result = true;
}
}
return(result);
}
public IHttpActionResult newPassword(ValidarPassword np)
{
if (np == null)
{
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
GestorValidarPassword gVPassword = new GestorValidarPassword();
bool isCredentialValid = gVPassword.validarTokenEmail(np);
if (isCredentialValid)
{
//Modificar contraseña y resetear el token
gVPassword.modificarPassword(np);
string exito = "Password modificado con exito.";
return(Ok(exito));
}
else
{
return(Unauthorized());
}
}
