public async Task <ExSaveDataResult> UserUpdatePassword([FromBody] ExPostUserChangePasswortData password) { ClaimsIdentity identity = null; try { identity = HttpContext.User.Identity as ClaimsIdentity; } catch (Exception e) { Logging.Log.LogError("No Claims identity"); } if (identity != null) { var claims = identity.Claims; if (!identity.HasClaim(c => c.Type == "UserID")) { HttpContext.Response.StatusCode = Unauthorized().StatusCode; return(null); } var userId = identity.HasClaim(c => c.Type == "UserID") ? identity.FindFirst("UserID").Value : "a"; //BENUTZER ID if (password.UserId.ToString() != userId) { HttpContext.Response.StatusCode = Unauthorized().StatusCode; return(null); } } else { HttpContext.Response.StatusCode = Unauthorized().StatusCode; return(null); } Logging.Log.LogInfo($"UserUpdatePassword {password.UserId}"); using (var db = new Db()) { var data = await db.TblUsers.FirstOrDefaultAsync(u => u.Id == password.UserId); if (data == null) { return new ExSaveDataResult { Result = EnumSaveDataResult.Error, Description = "Account ungültig!", Caption = "Fehler" } } ; if (data.Password != password.OldPasswordHash) { return new ExSaveDataResult { Result = EnumSaveDataResult.Warning, Description = "Aktuelles Passwort falsch!", Caption = "Nicht möglich" } } ; data.Password = password.NewPasswordHash; try { db.SaveChanges(); } catch (Exception e) { Logging.Log.LogWarning($"UserDeviceUpdate Save: {e}"); return(ExSaveDataResult.GetDefaultSaveError()); } return(ExSaveDataResult.GetDefaultSuccess()); } }
/// <summary> /// Passwort ändern /// </summary> /// <param name="password">Altes und neues Passwort</param> /// <returns></returns> public async Task <ResultData <ExSaveDataResult> > UserUpdatePassword(ExPostUserChangePasswortData password) { return(await _wap.Post <ExSaveDataResult>("UserUpdatePassword", password)); }