public async Task <IActionResult> ChangePassword(ChangePassword changePassword) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var basicToken = Request.Headers["Authorization"].ToString(); var token = basicToken.Replace("Basic ", ""); var existToken = _context.Credential.SingleOrDefault(a => a.AccessToken == token); if (existToken != null) { var existAccount = _context.Account.SingleOrDefault(i => i.Id == existToken.OwnerId); if (existAccount != null) { if (existAccount.Password == PasswordHandle.PasswordHandle.GetInstance().EncryptPassword(changePassword.Password, existAccount.Salt)) { var encryptNewPassword = PasswordHandle.PasswordHandle.GetInstance().EncryptPassword(changePassword.NewPassword, existAccount.Salt); existAccount.Password = encryptNewPassword; existAccount.UpdateAt = DateTime.Now; _context.Account.Update(existAccount); _context.SaveChanges(); return(new JsonResult(existAccount)); } return(new JsonResult(changePassword)); } } Response.StatusCode = (int)HttpStatusCode.Forbidden; return(new JsonResult("Not Found")); }
public async Task <IActionResult> Login([FromBody] LoginInformation loginInformation) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var existAccount = _context.Account.SingleOrDefault(a => a.Email == loginInformation.Email); if (existAccount != null) { if (existAccount.Role == Role.student) { if (existAccount.Password == PasswordHandle.PasswordHandle.GetInstance().EncryptPassword(loginInformation.Password, existAccount.Salt)) { var credential = new Credential(existAccount.Id); _context.Add(credential); _context.SaveChanges(); return(new JsonResult(credential)); } } Response.StatusCode = (int)HttpStatusCode.BadRequest; return(new JsonResult("Bad Request")); } Response.StatusCode = (int)HttpStatusCode.NotFound; return(new JsonResult("NotFound")); }