/// <summary> /// Business logic for resetting PartialAccount or Account object passwords. /// </summary> /// <param name="resetPasswordDto"></param> /// <returns></returns> public HttpResponseMessage ResetPassword(SsoResetPasswordRequestDTO resetPasswordDto) { // Partial Account will be null or Account will be null. var partialAccount = _partialAccountLogic.GetPartialAccount(resetPasswordDto.Username); var account = _accountLogic.GetSingle(resetPasswordDto.Username); // Validate if (partialAccount == null && account == null) { return(new HttpResponseMessage(HttpStatusCode.Unauthorized)); } if (partialAccount != null && account != null) { return(new HttpResponseMessage(HttpStatusCode.InternalServerError)); } if (partialAccount != null) { return(PartialAccountResetPasswordHelper(resetPasswordDto, partialAccount)); } if (account != null) { return(AccountResetPasswordHelper(resetPasswordDto, account)); } // Login Failure return(new HttpResponseMessage(HttpStatusCode.InternalServerError)); }
private HttpResponseMessage AccountResetPasswordHelper(SsoResetPasswordRequestDTO resetPasswordDto, Account account) { // Update password for account account.Password = resetPasswordDto.HashedNewPassword; _accountLogic.Update(account); // Update salt table related to account var accountSalt = _saltLogic.GetSalt(resetPasswordDto.Username); accountSalt.PasswordSalt = resetPasswordDto.PasswordSalt; _saltLogic.Update(accountSalt); return(new HttpResponseMessage(HttpStatusCode.OK)); }