public ActionResult ChangePassword(Guid userID) { User user = _userRepo.FindByID(userID); if (user != null && sv.isCorrectUser(User.Identity.Name, user)) { ChangePasswordModel cpm = new ChangePasswordModel(); cpm.UserID = user.ID; return View(cpm); } return HttpNotFound(); }
public ActionResult ChangePassword(ChangePasswordModel changePasswordModel) { User user = _userRepo.FindByID(changePasswordModel.UserID); if (user != null && sv.isCorrectUser(User.Identity.Name, user)) { if (ModelState.IsValid && sv.isOldPasswordCorrect(changePasswordModel.OldPassword, user)) { user.Password = DevOne.Security.Cryptography.BCrypt.BCryptHelper.HashPassword(changePasswordModel.NewPassword, user.Salt); _userRepo.Update(user); return RedirectToAction("Message", new { msg = "Tjoho! Du har byt lösenord. Ditt gamla lösenord gäller inte längre." }); }else if (sv.isOldPasswordCorrect(changePasswordModel.OldPassword, user) == false) { ViewBag.ErrorMessage = "Ditt gamla lösenord stämmer inte."; } } return View(changePasswordModel); }