public IActionResult UpdateUserPassword([FromBody] UpdatePasswordRequestModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var result = GetUserMasterDetails(); if (result == null) { return(StatusCode(500)); } var userOldPassword = _passwordHashingHelper.HashValues(model.OldPassword, _passwordHashingHelper.GetSaltFromString(result.Salt)); if (!string.Equals(result.UserPassword, userOldPassword)) { return(BadRequest("Update failed")); } var(salt, userNewPassword) = _passwordHashingHelper.GetHashedPassword(model.NewPassword); result.UserPassword = userNewPassword; result.Salt = salt; Repo.UpdateMasterInformation(result); var saveResult = Repo.SaveData(); if (saveResult == 3) { return(BadRequest()); } return(Ok("Password Updated!")); }
public async Task <IActionResult> UpdatePassword([FromBody] UpdatePasswordRequestModel updatePasswordRequestModel) { try { var user = await _userManager.FindByNameAsync(updatePasswordRequestModel.UserName); if (user == null) { return(BadRequest(new ApiResponseBadRequestResult() { ErrorMessage = $"User { updatePasswordRequestModel.UserName } does not exists" })); } var codeDecodedBytes = WebEncoders.Base64UrlDecode(updatePasswordRequestModel.Token); var codeDecoded = Encoding.UTF8.GetString(codeDecodedBytes); var result = await _userManager.ResetPasswordAsync(user, codeDecoded, updatePasswordRequestModel.Password); return(Ok(new ApiResponseOKResult() { Data = result.Succeeded })); } catch (Exception ex) { _logger.LogError(ex, "Failed to update password"); return(StatusCode((int)HttpStatusCode.InternalServerError, new ApiResponseFailure() { ErrorMessage = "Failed to update password. Reset Link may have expired." })); } }
public async Task <IActionResult> UpdatePassword([FromBody] UpdatePasswordRequestModel request) { if (request.CurrentPasssword.Equals(request.NewPasswordHash)) { return(BadRequest( ErrorResponse.Create("Your new password must be different from your previous password."))); } string email = this.GetUserEmail(); ValidateResultModel validationResult; try { validationResult = await _payAuthClient.ValidatePasswordAsync(email, request.CurrentPasssword); } catch (ErrorResponseException e) { var apiException = e.InnerException as ApiException; if (apiException?.StatusCode == HttpStatusCode.BadRequest) { return(BadRequest(apiException.GetContentAs <ErrorResponse>())); } throw; } if (!validationResult.Success) { return(BadRequest(ErrorResponse.Create("Invalid password"))); } await _payAuthClient.UpdatePasswordHashAsync(new UpdatePasswordHashModel { Email = email, PasswordHash = request.NewPasswordHash }); return(Ok()); }