public ActionResult ChangePassword(ChangePasswordViewModel cpvm)
{
if (Session["User"] == null)
{
return RedirectToAction("LoginPage", "Application");
}
else if (cpvm.id != Convert.ToInt32(Session["User"]))
{
return RedirectToAction("LoggedInProfile");
}
else if (!this.ModelState.IsValid)
{
return View(cpvm);
}
else
{
if (!cpvm.new_password.Equals(cpvm.confirm_password))
{
this.ModelState.AddModelError("new_password", "Mismatch.");
this.ModelState.AddModelError("confirm_password", "Mismatch.");
}
Account a = db.Accounts.Find(Session["User"]);
if (a == null)
{
this.ModelState.AddModelError("password", "Error");
}
if (!BCrypt.Net.BCrypt.Verify(cpvm.old_password, Encoding.UTF8.GetString(a.password)))
{
this.ModelState.AddModelError("old_password", "Error");
}
if (this.ModelState.IsValid)
{
a.password = Encoding.UTF8.GetBytes(BCrypt.Net.BCrypt.HashPassword(cpvm.new_password, BCrypt.Net.BCrypt.GenerateSalt(10)));
db.SaveChanges();
return RedirectToAction("LoggedInProfile", "Application");
}
else
{
return View(cpvm);
}
}
}
private ChangePasswordViewModel GenerateChangePasswordViewModel()
{
ChangePasswordViewModel cpvm = new ChangePasswordViewModel();
cpvm.id = Convert.ToInt32(Session["User"]);
return cpvm;
}
