public async Task <IActionResult> ChangePassword( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)] HttpRequest req, [CosmosDB("ProjetWeb", "Users", ConnectionStringSetting = "CosmosDB")] DocumentClient users, ILogger log) { AuthenticationInfo auth = new AuthenticationInfo(req); if (!auth.IsValid) { return(new UnauthorizedResult()); } string requestBody = await new StreamReader(req.Body).ReadToEndAsync(); var data = JsonConvert.DeserializeObject <ChangePasswordDto>(requestBody); Models.User foundUser = UserUtils.GetUserFromEmail(users, auth.Email); if (foundUser == null) { return(new UnauthorizedResult()); } var isOldPasswordValid = _passwordProvider.IsValidPassword(data.OldPassword, foundUser.Salt, foundUser.Password); if (!isOldPasswordValid) { var notFoundResponse = new BaseResponse <object>(); notFoundResponse.Errors.Add("L'ancien mot de passe n'est pas valide!"); var notFoundResult = new OkObjectResult(notFoundResponse) { StatusCode = StatusCodes.Status401Unauthorized }; return(notFoundResult); } var newPasswordAndSalt = _passwordProvider.GenerateNewSaltedPassword(data.NewPassword); var collectionUri = UriFactory.CreateDocumentCollectionUri("ProjetWeb", "Users"); var query = users.CreateDocumentQuery <Models.User>(collectionUri); foundUser.Salt = newPasswordAndSalt.Salt; foundUser.Password = newPasswordAndSalt.PasswordHashed; await users.UpsertDocumentAsync(collectionUri, foundUser); return(new OkObjectResult(new BaseResponse <object>())); }
public async Task <IActionResult> RunAsync( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)] UserDto userReq, [CosmosDB("ProjetWeb", "Users", ConnectionStringSetting = "CosmosDB")] IAsyncCollector <Models.User> users, ILogger log) { try { var saltAndHash = _passwordProvider.GenerateNewSaltedPassword(userReq.Password); var userToRegister = new Models.User { Email = userReq.Email, FirstName = userReq.FirstName, LastName = userReq.LastName, Address = string.Empty, City = string.Empty, PostalCode = string.Empty, Salt = saltAndHash.Salt, Password = saltAndHash.PasswordHashed, }; await users.AddAsync(userToRegister); return(new OkObjectResult(new BaseResponse <UserDto>(_mapper.Map <UserDto>(userToRegister)))); } catch (Exception ex) { var conflictResponse = new BaseResponse <object>(); conflictResponse.Errors.Add( "Cet adresse email est déjà utilisée par un autre compte, veuillez en utiliser une autre."); var conflictResult = new OkObjectResult(conflictResponse) { StatusCode = StatusCodes.Status409Conflict }; return(conflictResult); } }