public ActionResult ModifyTradePassword(string oldPayPassword, string newPayPassword, string confirmPayPassword) { var result = FCJsonResult.CreateFailResult(this.Lang("Unable to update your trade password. Please try again.")); if (oldPayPassword.Length >= 6 && newPayPassword.Length >= 6 && confirmPayPassword == newPayPassword) { try { var cmd = new UserModifyTradePassword(this.CurrentUser.UserID, oldPayPassword, newPayPassword); this.CommandBus.Send(cmd); //如果资金密码之前没设置,现在填入一个随机串,可以判断已设置资金密码,且不会有泄露密码的风险 this.CurrentUser.TradePassword = Guid.NewGuid().Shrink(); result = FCJsonResult.CreateSuccessResult(this.Lang("Trade password updated successfully.")); } catch (CommandExecutionException ex) { //if (ex.ErrorCode == (int)ErrorCode.GAPasswordError) // result = FCJsonResult.CreateFailResult(this.Lang("Unable to update your trade password. Your Google Authenticator code error.")); //else if (ex.ErrorCode == (int)ErrorCode.SMSPasswordError) // result = FCJsonResult.CreateFailResult(this.Lang("Unable to update your trade password. Your Sms Authenticator code error.")); //else if (ex.ErrorCode == (int)ErrorCode.OldTradePasswordError) result = FCJsonResult.CreateFailResult(this.Lang("Unable to update your trade password. Your old trade password error.")); else Log.Error("Action ModifyTradePassword Error", ex); } } return Json(result); }
public void TestUserTradePassword() { var password = Guid.NewGuid().Shrink(); var userID = new Random().Next(4, 10); var email = "email" + userID + "@11.com"; var user = IoC.Resolve<IUserRepository>().FindById<User>(userID); var lastVerifyAt = user.Membership.LastTradePasswordVerifyAt; var lastVerifyFailAt = user.Membership.LastTradePasswordFailureAt; var modifyAt = user.Membership.TradePasswordChangeAt; var newpassword = Guid.NewGuid().Shrink(); var ga_otp = user.GoogleAuthentication == null ? string.Empty : Utilities.GenerateGoogleAuthOTP(user.GoogleAuthentication.OTPSecret); var sms_otp = user.SmsAuthentication == null ? string.Empty : Utilities.GenerateSmsOTP(user.SmsAuthentication.OTPSecret, user.SmsAuthentication.SmsCounter); var modifyTradePassword = new UserModifyTradePassword(userID, user.ID.ToString(), newpassword /*, ga_otp, sms_otp*/); Assert.DoesNotThrow(delegate { this.commandBus.Send(modifyTradePassword); }); var verifyResult = user.VerifyTradePassword(PasswordHelper.EncryptMD5(newpassword)); Assert.True(verifyResult); var exception = Assert.Throws<CommandExecutionException>(delegate { this.commandBus.Send(modifyTradePassword); }); var userSaved = IoC.Resolve<IUserRepository>().FindById<User>(userID); Assert.NotEqual(userSaved.Membership.TradePasswordChangeAt, modifyAt); Assert.Equal(exception.ErrorCode, (int)ErrorCode.TradePasswordError); Assert.NotEqual(userSaved.Membership.LastTradePasswordFailureAt, lastVerifyFailAt); if (string.IsNullOrEmpty(user.Membership.TradePassword)) Assert.NotEqual(userSaved.Membership.LastTradePasswordVerifyAt, lastVerifyAt); else Assert.Equal(userSaved.Membership.LastTradePasswordVerifyAt, lastVerifyAt); }