/// <summary> /// Change password /// </summary> /// <param name="request">Request</param> /// <returns>Result</returns> public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request) { if (request == null) throw new ArgumentNullException("request"); var result = new ChangePasswordResult(); if (String.IsNullOrWhiteSpace(request.Email)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided")); return result; } if (String.IsNullOrWhiteSpace(request.NewPassword)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided")); return result; } var customer = _customerService.GetCustomerByEmail(request.Email); if (customer == null) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound")); return result; } var requestIsValid = false; if (request.ValidateRequest) { //password string oldPwd = ""; switch (customer.PasswordFormat) { case PasswordFormat.Encrypted: oldPwd = _encryptionService.EncryptText(request.OldPassword); break; case PasswordFormat.Hashed: oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, customer.PasswordSalt, _customerSettings.HashedPasswordFormat); break; default: oldPwd = request.OldPassword; break; } bool oldPasswordIsValid = oldPwd == customer.Password; if (!oldPasswordIsValid) result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch")); if (oldPasswordIsValid) requestIsValid = true; } else requestIsValid = true; //at this point request is valid if (requestIsValid) { switch (request.NewPasswordFormat) { case PasswordFormat.Clear: { customer.Password = request.NewPassword; } break; case PasswordFormat.Encrypted: { customer.Password = _encryptionService.EncryptText(request.NewPassword); } break; case PasswordFormat.Hashed: { string saltKey = _encryptionService.CreateSaltKey(5); customer.PasswordSalt = saltKey; customer.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat); } break; default: break; } customer.PasswordFormat = request.NewPasswordFormat; _customerService.UpdateCustomer(customer); } return result; }
/// <summary> /// Change password /// </summary> /// <param name="request">Request</param> /// <returns>Result</returns> public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request) { if (request == null) { throw new ArgumentNullException("request"); } var result = new ChangePasswordResult(); if (String.IsNullOrWhiteSpace(request.Email)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided")); return(result); } if (String.IsNullOrWhiteSpace(request.NewPassword)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided")); return(result); } var customer = _customerService.GetCustomerByEmail(request.Email); if (customer == null) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound")); return(result); } if (request.ValidateRequest) { //request isn't valid if (!PasswordsMatch(_customerService.GetCurrentPassword(customer.Id), request.OldPassword)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch")); return(result); } } //check for duplicates if (_customerSettings.UnduplicatedPasswordsNumber > 0) { //get some of previous passwords var previousPasswords = _customerService.GetCustomerPasswords(customer.Id, passwordsToReturn: _customerSettings.UnduplicatedPasswordsNumber); var newPasswordMatchesWithPrevious = previousPasswords.Any(password => PasswordsMatch(password, request.NewPassword)); if (newPasswordMatchesWithPrevious) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordMatchesWithPrevious")); return(result); } } //at this point request is valid var customerPassword = new CustomerPassword { Customer = customer, PasswordFormat = request.NewPasswordFormat, CreatedOnUtc = DateTime.UtcNow }; switch (request.NewPasswordFormat) { case PasswordFormat.Clear: customerPassword.Password = request.NewPassword; break; case PasswordFormat.Encrypted: customerPassword.Password = _encryptionService.EncryptText(request.NewPassword); break; case PasswordFormat.Hashed: { var saltKey = _encryptionService.CreateSaltKey(5); customerPassword.PasswordSalt = saltKey; customerPassword.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat); } break; } _customerService.InsertCustomerPassword(customerPassword); //publish event _eventPublisher.Publish(new CustomerPasswordChangedEvent(customerPassword)); return(result); }
/// <summary> /// Change password /// </summary> /// <param name="request">Request</param> /// <returns>Result</returns> public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request) { if (request == null) { throw new ArgumentNullException("request"); } var result = new ChangePasswordResult(); if (String.IsNullOrWhiteSpace(request.Email)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided")); return(result); } if (String.IsNullOrWhiteSpace(request.NewPassword)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided")); return(result); } var customer = _customerService.GetCustomerByEmail(request.Email); if (customer == null) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound")); return(result); } var requestIsValid = false; if (request.ValidateRequest) { //password string oldPwd; switch (customer.PasswordFormat) { case PasswordFormat.Encrypted: oldPwd = _encryptionService.EncryptText(request.OldPassword); break; case PasswordFormat.Hashed: oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, customer.PasswordSalt, _customerSettings.HashedPasswordFormat); break; default: oldPwd = request.OldPassword; break; } bool oldPasswordIsValid = oldPwd == customer.Password; if (!oldPasswordIsValid) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch")); } if (oldPasswordIsValid) { requestIsValid = true; } } else { requestIsValid = true; } //at this point request is valid if (requestIsValid) { switch (request.NewPasswordFormat) { case PasswordFormat.Clear: { customer.Password = request.NewPassword; } break; case PasswordFormat.Encrypted: { customer.Password = _encryptionService.EncryptText(request.NewPassword); } break; case PasswordFormat.Hashed: { string saltKey = _encryptionService.CreateSaltKey(5); customer.PasswordSalt = saltKey; customer.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat); } break; default: break; } customer.PasswordFormat = request.NewPasswordFormat; _customerService.UpdateCustomer(customer); } return(result); }
/// <summary> /// Change password /// </summary> /// <param name="request">Request</param> /// <returns>Result</returns> public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request) { if (request == null) { throw new ArgumentNullException(nameof(request)); } var result = new ChangePasswordResult(); if (string.IsNullOrWhiteSpace(request.Email)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided")); return(result); } if (string.IsNullOrWhiteSpace(request.NewPassword)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided")); return(result); } var customer = _customerService.GetCustomerByEmail(request.Email); if (customer == null) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound")); return(result); } if (request.ValidateRequest) { //request isn't valid if (!PasswordsMatch(customer.Password, request.OldPassword, customer.Code, customer.PasswordSalt)) { result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch")); return(result); } } //check for duplicates if (_customerSettings.UnduplicatedPasswordsNumber > 0) { //get some of previous passwords //var previousPasswords = _customerService.GetCustomerPasswords(customer.CustomerId, passwordsToReturn: _customerSettings.UnduplicatedPasswordsNumber); //var newPasswordMatchesWithPrevious = previousPasswords.Any(password => PasswordsMatch(password.Password, request.NewPassword, customer.Code, customer.PasswordSalt)); //if (newPasswordMatchesWithPrevious) //{ // result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordMatchesWithPrevious")); // return result; //} } var saltKey = _encryptionService.CreateSaltKey(SALT_KEY_SIZE); // customerPassword.PasswordSalt = saltKey; //customerPassword.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat); //publish event // _eventPublisher.Publish(new CustomerPasswordChangedEvent(customerPassword)); return(result); }