public async Task<ActionResult> Manage(ManageUserViewModel model)
{
ViewBag.ReturnUrl = Url.Action("Manage");
if (ModelState.IsValid)
{
var user = await _userManager.FindByIdAsync(User.Identity.GetUserId<int>());
if (_userManager.PasswordHasher.VerifyHashedPassword(user.PasswordHash, model.OldPassword) == PasswordVerificationResult.Failed)
{
TempData["UpdatePasswordSuccess"] = "Old password is not correct";
return RedirectToAction("Manage");
}
else
{
IdentityResult result = await _userManager.ChangePasswordAsync(User.Identity.GetUserId<int>(), model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
await SignInAsync(user, isPersistent: false);
TempData["UpdatePasswordSuccess"] = "Password Updated Successfully!";
return RedirectToAction("Manage");
}
else
{
AddErrors(result);
}
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
public async Task<IHttpActionResult> ChangePassword(ManageUserViewModel model)
{
if (model.Email != null)
{
model.Email = EncryptDecryptHelper.Decrypt(model.Email);
UserDto user = Services.Users.GetUserByEmail(model.Email);
if (user != null)
{
Regex regex = new Regex(RegularExpressions.Password);
model.OldPassword = EncryptDecryptHelper.Decrypt(model.OldPassword);
model.NewPassword = EncryptDecryptHelper.Decrypt(model.NewPassword);
model.ConfirmPassword = EncryptDecryptHelper.Decrypt(model.ConfirmPassword);
if (model.NewPassword.Length >= MIN_PASSWORD_LENGTH && model.NewPassword.Length <= MAX_PASSWORD_LENGTH)
{
if (regex.IsMatch(model.NewPassword))
{
if (model.NewPassword.Equals(model.ConfirmPassword))
{
bool hasPassword = HasPassword(user);
if (hasPassword)
{
if (_userManager.PasswordHasher.VerifyHashedPassword(user.Password, model.OldPassword) == PasswordVerificationResult.Failed)
{
return Json(new { Success = false, Error = "Old password is not correct." });
}
else
{
IdentityResult result = await _userManager.ChangePasswordAsync(user.Id, model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
return Json(new { Success = true });
}
else
{
return Json(new { Success = false, Error = result.Errors.First() });
}
}
}
else
{
IdentityResult result = await _userManager.AddPasswordAsync(user.Id, model.NewPassword);
if (result.Succeeded)
{
return Json(new { Success = true });
}
else
{
return Json(new { Success = false, Error = result.Errors });
}
}
}
else
{
return Json(new { Success = false, Error = "Passwords do not match" });
}
}
else
{
return Json(new { Success = false, Error = "New password must be at least 7 characters long and contain at least one capitalized letter (A-Z) and one digit (0-9)" });
}
}
else
{
return Json(new { Success = false, Error = "New password should be 6-20 characters in length." });
}
}
else
{
return Json(new { Success = false, Error = "Email does not exist" });
}
}
else
{
return Json(new { Success = false, Error = "Email is null" });
}
}
