/// <summary>
/// Validate input of change password post request
/// </summary>
/// <param name="password"></param>
/// <param name="outEmployee"></param>
public void ValidatePassword(PasswordPostRequest password, out Employee outEmployee)
{
if (string.IsNullOrEmpty(password.OldPassword))
{
ModelState.AddModelError("OldPassword", "Please type old password.");
}
if (string.IsNullOrEmpty(password.NewPassword))
{
ModelState.AddModelError("NewPassword", "Please type new password.");
}
if (string.IsNullOrEmpty(password.ReNewPassword))
{
ModelState.AddModelError("ReNewPassword", "Please retype new password.");
}
if (password.NewPassword != password.ReNewPassword)
{
ModelState.AddModelError("Error", "Retype new password not match.");
}
// Get old password & compare two hashed
string oldPasswordHashed = _passwordHasher.Hash(password.OldPassword);
outEmployee = CatalogBLL.GetEmployee(Convert.ToInt32(User.FindFirst("UserID").Value));
if (outEmployee.Password != oldPasswordHashed)
{
ModelState.AddModelError("Error", "Old password not correct.");
}
if (ModelState.ErrorCount > 0)
{
throw new Exception();
}
}
public IActionResult ChangePassword(PasswordPostRequest password)
{
try
{
Employee employee = null;
ValidatePassword(password, out employee);
// Update new password
employee.Password = _passwordHasher.Hash(password.NewPassword);
CatalogBLL.ChangePasswordEmployee(employee);
return(RedirectToAction("Index", "Dashboard"));
}
catch (System.Exception ex)
{
_logger.LogError(ex.Message + ":\n" + ex.StackTrace);
ViewData["OldPassword"] = password.OldPassword;
ViewData["NewPassword"] = password.NewPassword;
ViewData["ReNewPassword"] = password.ReNewPassword;
return(View());
}
}