public ActionResult ChangePassword() { Stream stream = Request.Body; ChangePasswordVM changeable = this.ReadRequestBody <ChangePasswordVM>(stream); User user = _UserRepo.GetUserByUsername(changeable.Username); bool isSame = PasswordOperator.ValidateMe(user.Password, changeable.NewPassword); bool isValid = PasswordOperator.ValidateMe(user.Password, changeable.OldPassword); if (isSame || !isValid) { return(StatusCode(417)); } else { string hashedPassword = PasswordOperator.HashMe(changeable.NewPassword); user.Password = hashedPassword; _UserRepo.UpdateEntityById(user); return(Ok()); } }
public UserProfileVM Register() { Stream stream = Request.Body; RegisterVM regVM = this.ReadRequestBody <RegisterVM>(stream); User?existing = _UserRepo.GetUserByUsername(regVM.UserName); UserProfileVM newProfile; if (existing != null) { newProfile = new UserProfileVM(); } else { string hashedPassword = PasswordOperator.HashMe(regVM.Password); string id = IdGenerator.GenerateId(); User newUser = new User { UserId = id, UserName = regVM.UserName, Email = regVM.Email, Password = hashedPassword }; newProfile = this.GetProfile(newUser); _UserRepo.CreateEntity(newUser); HttpContext.Session.SetString("sessionId", IdGenerator.GenerateId()); } return(newProfile); }