public async Task<ActionResult> ChangePasswordAsync(ChangePasswordInfo model)
{
var user = await AppUsers.GetCurrentAsync(this.Tenant).ConfigureAwait(true);
if (!user.IsAdministrator)
{
return this.AccessDenied();
}
if (!this.ModelState.IsValid)
{
return this.InvalidModelState(this.ModelState);
}
if (model.Password != model.ConfirmPassword)
{
return this.Failed("Confirm password does not match with the supplied password", HttpStatusCode.BadRequest);
}
try
{
await Users.ChangePasswordAsync(this.Tenant, user.UserId, model).ConfigureAwait(true);
return this.Ok("OK");
}
catch (Exception ex)
{
return this.Failed(ex.Message, HttpStatusCode.InternalServerError);
}
}
public static async Task ChangePasswordAsync(string tenant, int userId, ChangePasswordInfo model)
{
using (var db = DbProvider.Get(FrapidDbServer.GetSuperUserConnectionString(tenant), tenant).GetDatabase())
{
string encryptedPassword = EncryptPassword(model.Password);
await db.NonQueryAsync("UPDATE account.users SET password = @0 WHERE user_id=@1;", encryptedPassword, model.UserId, encryptedPassword).ConfigureAwait(false);
}
}