/// <summary> /// Change account password. /// </summary> /// <param name="accountId"></param> /// <param name="model"></param> /// <returns></returns> public async Task ChangePasswordAsync(string accountId, ChangedPassword model) { Data.Account account = await _store.LoadByGuid(accountId); if (account == null) { throw new AuthenticationFailureException(); } if (account.Status == AccountStatus.Disabled) { throw new AccountDisabledException(); } if (!IsPasswordComplex(model.Value)) { throw new PasswordComplexityException(); } if (account.HasHistoricalPassword(model.Value, _options.Password.History)) { throw new PasswordHistoryException(); } if (account.Tokens.Any(t => t.Type == AccountTokenType.Password) && !account.VerifyPassword(model.CurrentPassword)) { throw new AuthenticationFailureException(); } await UpdatePasswordAsync(account, model.Value); }
public async Task <IActionResult> ChangePassword([FromBody] ChangedPassword model) { await _svc.ChangePasswordAsync(User.GetSubjectId(), model); Audit(AuditId.ResetPassword); return(Ok()); }
private void addButton_Click(object sender, EventArgs e) { ChangedPassword aPass = new ChangedPassword(); aPass.UserName = nameTextBox.Text; aPass.OldPassword = oldPasswordTextBox.Text; aPass.NewPassword = newPasswordTextBox.Text; ChangedPasswordBL changPassBLobj = new ChangedPasswordBL(); bool result = changPassBLobj.ChangePasswordToDB(aPass); if (result) { MessageBox.Show("Successfully Updated Password!", "DONE"); nameTextBox.Clear(); oldPasswordTextBox.Clear(); newPasswordTextBox.Clear(); } else { DialogResult dialog = MessageBox.Show("Please enter valid Username and Password.", "ERROR", MessageBoxButtons.OKCancel, MessageBoxIcon.Error); if (dialog == DialogResult.Cancel) { this.Close(); } } }
public bool ChangePasswordToDB(ChangedPassword aPass) { if (aPass.UserName == "" || aPass.OldPassword == "" || aPass.NewPassword == "") { return(false); } else { ChangedPasswordDA changePassDAOBj = new ChangedPasswordDA(); bool result = changePassDAOBj.ChangePasswordToDB(aPass); return(result); } }
public IActionResult ChangePassword([FromBody] ChangedPassword changedpassword) { // (1) Get User by his Credentials [UserId - OldPassword] var user = _service.GetOne <User>(u => u.Email == changedpassword.Email && UserHelpers.ValidateHash(changedpassword.OldPassword, u.PasswordSalt, u.PasswordHash)); // (2) if user not found then return [BadRequest] if (user == null) { return(BadRequest(new Error() { Message = "Invalid User." })); } return(_DoChangePassword(user, changedpassword.NewPassword)); }
public bool ChangePasswordToDB(ChangedPassword aPass) { SqlConnection connection = DataBaseConnection.OpenAnSqlConnection(); string query = "UPDATE AdminTable SET Password ='******' WHERE UserName = '******' AND Password = '******'"; SqlCommand command = new SqlCommand(query, connection); int rowsAffected = command.ExecuteNonQuery(); if (rowsAffected == 1) { return(true); } else { return(false); } }
public async Task <IActionResult> Password(PasswordModel model) { try { if (ModelState.IsValid) { ChangedPassword changed = new ChangedPassword { CurrentPassword = model.CurrentPassword, Value = model.Password }; await _accountSvc.ChangePasswordAsync(User.GetSubjectId(), changed); Audit(AuditId.ResetPassword); return(Redirect("~/")); } } catch (AuthenticationFailureException) { ModelState.AddModelError("", "Incorrect password"); } catch (AccountDisabledException) { ModelState.AddModelError("", "Account is disabled"); } catch (PasswordComplexityException) { ModelState.AddModelError("", "Password does not meet complexity requirements"); } catch (PasswordHistoryException) { ModelState.AddModelError("", "Old passwords cannot be reused"); } catch (Exception ex) { Logger.LogError(ex, "Error during change password"); ModelState.AddModelError("", "Invalid request"); } return(View(await _viewSvc.GetPasswordView(model))); }
public bool ChangePassword(ChangedPassword newPassword) { bool result = false; try { if (newPassword.NewPassword == newPassword.ConfirmPassword) { PasswordLogin passwordLogin = _authenticationRepository.GetLoginPassword(newPassword.UserName); if (Hasher.ValidateHash(newPassword.CurrentPassword, passwordLogin.PasswordSalt, passwordLogin.PasswordHash, out _)) { PasswordLogin newPasswordLogin = Hasher.HashPassword(newPassword.NewPassword); newPasswordLogin.UserId = passwordLogin.UserId; newPasswordLogin.ChangeDate = DateTime.Now; passwordLogin = newPasswordLogin; _authenticationRepository.UpdatePasswordLogin(newPasswordLogin); result = true; } //TODO: this should be a async operation and can be made more cross-cutting design feature rather than calling inside the actual feature. _logger.PasswordChangeLog(passwordLogin); } } catch (Exception ex) { _logger.LogException(new ExceptionLog { ExceptionDate = DateTime.Now, ExceptionMsg = ex.Message, ExceptionSource = ex.Source, ExceptionType = "UserService", FullException = ex.StackTrace }); return(result); } return(result); }