public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model) { if (!ModelState.IsValid) { return(GetErrorResult(model)); } bool errorMsg = CheckPasswordValidation(ApplicationSetting, model.NewPassword); if (errorMsg == true) { ModelState.AddModelError("a", "Password must be " + ApplicationSetting.aps_security_password_length_value + " to 16 characters and contain:"); ModelState.AddModelError("b", "1 Capital Letter"); ModelState.AddModelError("c", "1 Lower Case Letter"); ModelState.AddModelError("d", "1 Number"); ModelState.AddModelError("e", "1 Special Character(!,@,#,$,%,^,*,_,+,=)"); return(GetErrorResult(model, true)); } var userForPassUpdate = await UserManager.FindByIdAsync(User.Identity.GetUserId()); var hashOldPassword = userForPassUpdate.PasswordHash; var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword); if (result.Errors.Count() > 0 && ((string[])result.Errors)[0] == "Incorrect password.") { ModelState.AddModelError("Password", ((string[])result.Errors)[0]); return(GetErrorResult(model)); } else { var user = await UserManager.FindByIdAsync(User.Identity.GetUserId()); var hashNewPassword = user.PasswordHash; if (user != null) { // This is for password Age if (ApplicationSetting.aps_security_password_age_value > 0) { user.PasswordExpirationDate = DateTime.UtcNow.ToEST().AddDays(ApplicationSetting.aps_security_password_age_value); } else { user.PasswordExpirationDate = null; } // This is for password history if (ApplicationSetting.aps_security_password_history_value.HasValue) { var userPasswordLog = _userLogService.GetUserLog(user.Id, (int)ApplicationSetting.aps_security_password_history_value); foreach (var item in userPasswordLog) { var passResult = UserManager.PasswordHasher.VerifyHashedPassword(item.PasswordHash_New, model.NewPassword); switch (passResult) { case PasswordVerificationResult.Success: ModelState.AddModelError("Password", "You cannot use your previous " + ApplicationSetting.aps_security_password_history_value + " passwords."); return(GetErrorResult(model)); } } } var objUserLog = new AspNetUsers_Log { PasswordHash_Old = hashOldPassword, SecurityStamp_Old = user.SecurityStamp, PasswordHash_New = hashNewPassword, CreatedBy = User.Identity.GetUserId(), CreatedDate = DateTime.Now.ToEST(), CreatedByName = loggedInUser.FullName, ModifiedBy = User.Identity.GetUserId(), ModifiedDate = DateTime.Now.ToEST(), ModifiedByName = loggedInUser.FullName, AspNetUsersId = loggedInUser.Id }; _userLogService.Create(objUserLog); user.PasswordHash = hashNewPassword; //After change the password the user must need to reset the password if it is set to true from security user.RequirePasswordReset = true; user.ModifiedBy = user.Id; user.ModifiedByName = user.FullName; user.ModifiedDate = DateTime.Now.ToEST(); if (string.IsNullOrEmpty(user.SecurityStamp)) { user.SecurityStamp = Guid.NewGuid().ToString(); } var resultUser = await UserManager.UpdateAsync(user); if (!resultUser.Succeeded) { ModelState.AddModelError("", resultUser.Errors.First()); return(View(model)); } LogAuditRecord(user.UserName, AuditRecordLogStatus.PasswordChange.ToDescription()); await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false); } return(GetSuccessResult(Url.Action("Index", "Home"))); } }
public async Task <ActionResult> ChangePassword(UpdateUserViewModel userviewmodel) { try { if (ModelState.IsValid) { var dbuser = await UserManager.FindByIdAsync(userviewmodel.Id); var hashOldPassword = dbuser.PasswordHash; var hashNewPassword = UserManager.PasswordHasher.HashPassword(userviewmodel.Password); var IsApiUser = UserManager.GetRoles(dbuser.Id).Contains(UserRoles.TeleCareApi.ToDescription()); if (IsApiUser) { if (string.IsNullOrEmpty(userviewmodel.APISecretKey)) { ModelState.AddModelError("APISecretKey", "API Secret Key field is required"); } if (string.IsNullOrEmpty(userviewmodel.APIPassword)) { ModelState.AddModelError("APIPassword", "API Password field is required"); } if (ModelState.IsValid) { dbuser.APISecretKey = userviewmodel.APISecretKey; dbuser.APIPassword = Functions.EncodeTo64UTF8($"{userviewmodel.Username}:{userviewmodel.Password}:{userviewmodel.APISecretKey}"); } } bool errorMsg = CheckPasswordValidation(ApplicationSetting, userviewmodel.Password); if (errorMsg == true) { ModelState.AddModelError("a", "Password must be " + ApplicationSetting.aps_security_password_length_value + " to 16 characters and contain:"); ModelState.AddModelError("b", "1 Capital Letter"); ModelState.AddModelError("c", "1 Lower Case Letter"); ModelState.AddModelError("d", "1 Number"); ModelState.AddModelError("e", "1 Special Character(!,@,#,$,%,^,&,*,_,+,=)"); return(GetErrorResult(userviewmodel, true)); } //bool err = CheckPasswordErrors(settings, userviewmodel.Password); //if (err) // return GetErrorResult(userviewmodel, true); if (ModelState.IsValid) { // This is for password Age if (ApplicationSetting.aps_security_password_age_value > 0) { dbuser.PasswordExpirationDate = DateTime.UtcNow.ToEST().AddDays(ApplicationSetting.aps_security_password_age_value); } else { dbuser.PasswordExpirationDate = null; } // This is for password history if (ApplicationSetting.aps_security_password_history_value.HasValue) { var userPasswordLog = _userLogService.GetUserLog(dbuser.Id, (int)ApplicationSetting.aps_security_password_history_value); foreach (var item in userPasswordLog) { var passResult = UserManager.PasswordHasher.VerifyHashedPassword(item.PasswordHash_New, userviewmodel.Password); switch (passResult) { case PasswordVerificationResult.Success: ModelState.AddModelError("Password", "You cannot use your previous " + ApplicationSetting.aps_security_password_history_value + " passwords."); return(GetErrorResult(userviewmodel)); } } } //Saving user log : Start var objUserLog = new AspNetUsers_Log { PasswordHash_Old = hashOldPassword, SecurityStamp_Old = dbuser.SecurityStamp, PasswordHash_New = hashNewPassword, CreatedBy = User.Identity.GetUserId(), CreatedDate = DateTime.Now.ToEST(), CreatedByName = loggedInUser.FullName, ModifiedBy = User.Identity.GetUserId(), ModifiedDate = DateTime.Now.ToEST(), ModifiedByName = loggedInUser.FullName, AspNetUsersId = dbuser.Id }; _userLogService.Create(objUserLog); //Saving user log : End dbuser.PasswordHash = hashNewPassword; //After change the password the user must need to reset the password if it is set to true from security dbuser.RequirePasswordReset = false; dbuser.ModifiedBy = dbuser.Id; dbuser.ModifiedByName = dbuser.FullName; dbuser.ModifiedDate = DateTime.Now.ToEST(); if (string.IsNullOrEmpty(dbuser.SecurityStamp)) { dbuser.SecurityStamp = Guid.NewGuid().ToString(); } var result = await UserManager.UpdateAsync(dbuser); if (!result.Succeeded) { ModelState.AddModelError("", result.Errors.First()); return(GetErrorResult(userviewmodel)); } var action = string.Format("{0} for {1}", AuditRecordLogStatus.PasswordChange.ToDescription(), dbuser.UserName); LogAuditRecord(loggedInUser.UserName, action); return(GetSuccessResult(Url.Action("Users"), "Password has been updated!")); } } return(GetErrorResult(userviewmodel)); } catch (Exception ex) { Elmah.ErrorSignal.FromCurrentContext().Raise(ex); ModelState.AddModelError("", "Error! Please try again."); } return(GetSuccessResult(Url.Action("Users"))); }