public ActionResult ModifyTradePassword(string oldPayPassword, string newPayPassword, string confirmPayPassword)
{
var result = FCJsonResult.CreateFailResult(this.Lang("Unable to update your trade password. Please try again."));
if (oldPayPassword.Length >= 6 && newPayPassword.Length >= 6 && confirmPayPassword == newPayPassword)
{
try
{
var cmd = new UserModifyTradePassword(this.CurrentUser.UserID, oldPayPassword, newPayPassword);
this.CommandBus.Send(cmd);
//如果资金密码之前没设置,现在填入一个随机串,可以判断已设置资金密码,且不会有泄露密码的风险
this.CurrentUser.TradePassword = Guid.NewGuid().Shrink();
result = FCJsonResult.CreateSuccessResult(this.Lang("Trade password updated successfully."));
}
catch (CommandExecutionException ex)
{
//if (ex.ErrorCode == (int)ErrorCode.GAPasswordError)
// result = FCJsonResult.CreateFailResult(this.Lang("Unable to update your trade password. Your Google Authenticator code error."));
//else if (ex.ErrorCode == (int)ErrorCode.SMSPasswordError)
// result = FCJsonResult.CreateFailResult(this.Lang("Unable to update your trade password. Your Sms Authenticator code error."));
//else
if (ex.ErrorCode == (int)ErrorCode.OldTradePasswordError)
result = FCJsonResult.CreateFailResult(this.Lang("Unable to update your trade password. Your old trade password error."));
else
Log.Error("Action ModifyTradePassword Error", ex);
}
}
return Json(result);
}
public void TestUserTradePassword()
{
var password = Guid.NewGuid().Shrink();
var userID = new Random().Next(4, 10);
var email = "email" + userID + "@11.com";
var user = IoC.Resolve<IUserRepository>().FindById<User>(userID);
var lastVerifyAt = user.Membership.LastTradePasswordVerifyAt;
var lastVerifyFailAt = user.Membership.LastTradePasswordFailureAt;
var modifyAt = user.Membership.TradePasswordChangeAt;
var newpassword = Guid.NewGuid().Shrink();
var ga_otp = user.GoogleAuthentication == null ? string.Empty : Utilities.GenerateGoogleAuthOTP(user.GoogleAuthentication.OTPSecret);
var sms_otp = user.SmsAuthentication == null ? string.Empty : Utilities.GenerateSmsOTP(user.SmsAuthentication.OTPSecret, user.SmsAuthentication.SmsCounter);
var modifyTradePassword = new UserModifyTradePassword(userID, user.ID.ToString(), newpassword /*, ga_otp, sms_otp*/);
Assert.DoesNotThrow(delegate
{
this.commandBus.Send(modifyTradePassword);
});
var verifyResult = user.VerifyTradePassword(PasswordHelper.EncryptMD5(newpassword));
Assert.True(verifyResult);
var exception = Assert.Throws<CommandExecutionException>(delegate
{
this.commandBus.Send(modifyTradePassword);
});
var userSaved = IoC.Resolve<IUserRepository>().FindById<User>(userID);
Assert.NotEqual(userSaved.Membership.TradePasswordChangeAt, modifyAt);
Assert.Equal(exception.ErrorCode, (int)ErrorCode.TradePasswordError);
Assert.NotEqual(userSaved.Membership.LastTradePasswordFailureAt, lastVerifyFailAt);
if (string.IsNullOrEmpty(user.Membership.TradePassword))
Assert.NotEqual(userSaved.Membership.LastTradePasswordVerifyAt, lastVerifyAt);
else
Assert.Equal(userSaved.Membership.LastTradePasswordVerifyAt, lastVerifyAt);
}
