public async Task <IActionResult> SetUserPassword([FromRoute] string userId,
[FromBody] SetUserPasswordRequest request)
{
var response = await _adminService.SetUserPasswordAsync(userId, request);
return(SendResponse(response));
}
/**
* Set user password.
*/
internal async Task <APIGatewayProxyResponse> SetUserPassword(IDataStores dataStores,
IDictionary <string, string> requestHeaders,
JObject requestBody)
{
Debug.Untested();
Debug.AssertValid(dataStores);
Debug.AssertValid(requestHeaders);
Debug.AssertValidOrNull(requestBody);
try {
// Log call
LoggingHelper.LogMessage($"UserIdentityService::SetUserPassword()");
// Get the NoSQL DB client
AmazonDynamoDBClient dbClient = (AmazonDynamoDBClient)dataStores.GetNoSQLDataStore().GetDBClient();
Debug.AssertValid(dbClient);
// Check inputs
SetUserPasswordRequest setUserPasswordRequest = UserIdentityService_SetUserPassword_LogicLayer.CheckValidSetUserPasswordRequest(requestBody);
Debug.AssertValid(setUserPasswordRequest);
// Check authenticated endpoint security
string loggedInUserId = await APIHelper.CheckLoggedIn(dbClient, requestHeaders);
Debug.AssertID(loggedInUserId);
// Perform logic
await UserIdentityService_SetUserPassword_LogicLayer.SetUserPassword(dbClient, loggedInUserId, setUserPasswordRequest);
// Respond
return(new APIGatewayProxyResponse {
StatusCode = APIHelper.STATUS_CODE_NO_CONTENT
});
} catch (Exception exception) {
Debug.Tested();
if (exception.Message == IdentityServiceLogicLayer.ERROR_INCORRECT_PASSWORD)
{
Debug.Untested();
return(new APIGatewayProxyResponse {
StatusCode = APIHelper.STATUS_CODE_UNAUTHORIZED,
Body = $"{{ body = \"{IdentityServiceLogicLayer.INCORRECT_PASSWORD}\"}}"
});
}
else
{
Debug.Tested();
return(APIHelper.ResponseFromException(exception));
}
}
}
public async Task <ServiceResponse> SetUserPasswordAsync(string userId, SetUserPasswordRequest request)
{
var user = await GetEntityByIdAsync <ApplicationUser>(userId);
var resetPasswordToken = await UserManager.GeneratePasswordResetTokenAsync(user);
var resetPasswordResult = await UserManager.ResetPasswordAsync(user, resetPasswordToken, request.NewPassword);
if (!resetPasswordResult.Succeeded)
{
throw new RestException(HttpStatusCode.BadRequest, new ErrorResult(Errors.AccountErrors.ErrorOccuredWhileSettingPassword, resetPasswordResult.Errors.Select(e => e.Description)));
}
return(new ServiceResponse(HttpStatusCode.OK));
}
static bool SetUserPassword(string url, Credentials c, string userId, string password)
{
Console.WriteLine("Set user password...");
ArticulateOnline ao = new ArticulateOnline {
Url = url
};
SetUserPasswordRequest request = new SetUserPasswordRequest
{
Credentials = c,
UserID = userId,
Password = password
};
return(ao.SetUserPassword(request).Success);
}
/**
* Set user password.
*/
public static async Task SetUserPassword(AmazonDynamoDBClient dbClient, string loggedInUserId, SetUserPasswordRequest setUserPasswordRequest)
{
Debug.Untested();
Debug.AssertValid(dbClient);
Debug.AssertID(loggedInUserId);
Debug.AssertValid(setUserPasswordRequest);
Debug.AssertString(setUserPasswordRequest.oldPassword);
Debug.AssertString(setUserPasswordRequest.newPassword);
// Load the user
User user = await IdentityServiceLogicLayer.FindUserByID(dbClient, loggedInUserId);
Debug.AssertValid(user);
// Check password
if (user.PasswordHash == Helper.Hash(setUserPasswordRequest.oldPassword))
{
// Make changes (if necessary)
string newPasswordHash = Helper.Hash(setUserPasswordRequest.newPassword);
if (user.PasswordHash != newPasswordHash)
{
user.PasswordHash = newPasswordHash;
// Save the user
await IdentityServiceDataLayer.SaveUser(dbClient, user);
}
}
else
{
throw new Exception(IdentityServiceLogicLayer.ERROR_INCORRECT_PASSWORD);
}
}
