public PasswordChangeResponse ChangeOwnPassword(PasswordChangeRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
using (var tran = transactionCreator.GetTransaction())
{
var user = userReader.RequireCurrentUser();
if (!IsExistingPasswordCorrect(request.ExistingPassword, user))
{
return new PasswordChangeResponse {
ExistingPasswordIncorrect = true
}
}
;
if (request.ConfirmNewPassword != request.NewPassword)
{
return new PasswordChangeResponse {
NewPasswordDoesNotMatchConfirmation = true
}
}
;
if (!policy.IsPasswordOk(request.NewPassword, user))
{
return new PasswordChangeResponse {
NewPasswordDoesNotSatisfyPolicy = true
}
}
;
updater.ChangePassword(user, request.NewPassword);
tran.Commit();
}
return(new PasswordChangeResponse());
}
bool IsExistingPasswordCorrect(string password, User user)
{
var credentials = new LoginCredentials
{
Password = password,
Username = user.Username,
};
return(authService.Authenticate(credentials).Success);
}
