public async Task <UserDTO> UpdatePasswordAsync(UserPasswordPutRequest model, UserManager <ApplicationUser> userManager, ClaimsPrincipal currentUser) { try { var appUser = await userManager.FindByIdAsync(model.Id.ToString()); if (appUser == null) { throw new Exception($"No existe el usuario con id {model.Id}"); } ApplicationUser user = await userManager.GetUserAsync(currentUser); if ((!await userManager.IsInRoleAsync(user, "SuperUser") && await userManager.IsInRoleAsync(appUser, "SuperUser")) || (!model.IsProfile && !await userManager.IsInRoleAsync(user, "SuperUser") && await userManager.IsInRoleAsync(appUser, "Admin"))) { throw new Exception($"No tienes permisos para editar el usuario {appUser.UserName}"); } var passwordResult = await userManager.ChangePasswordAsync(appUser, model.OldPassword, model.Password); if (!passwordResult.Succeeded) { throw new Exception($"ERROR actualizando la contraseña - {passwordResult.Errors}"); } return(await ModelToDTOAsync(appUser, userManager)); } catch (Exception e) { throw new Exception(e.Message); } }
public async Task <IActionResult> UpdatePassword(UserPasswordPutRequest model) { try { if (!ModelState.IsValid) { throw new Exception("Petición de actualización inválida"); } ClaimsPrincipal currentUser = User; return(Ok(await _userService.UpdatePasswordAsync(model, _userManager, currentUser))); } catch (Exception e) { return(StatusCode(500, e.Message)); } }
public async Task <UserModel> PasswordPut([FromBody] UserPasswordPutRequest request) { return(await Store.PasswordSetAsync(request.Identifier, request.Password)); }