Exemplo n.º 1
0
        public async Task <IActionResult> ChangePassword(SettingsViewModel model)
        {
            User user = await Authorize();

            if (user == null)
            {
                return(Unauthorized());
            }

            if (ModelState.IsValid)
            {
                model.ChangeName = new ChangeNameViewModel
                {
                    FirstName  = user.FirstName,
                    SecondName = user.SecondName,
                    ThirdName  = user.ThirdName
                };

                if (!await AuthenticationProvider.IsLoginPasswordCorrect(user.Username, model.ChangePassword.OldPassword))
                {
                    ModelState.AddModelError("", "Неверный пароль");
                    return(View("Index", model));
                }

                if (model.ChangePassword.NewPassword != model.ChangePassword.RepPassword)
                {
                    ModelState.AddModelError("", "Пароли не совпадают");
                    return(View("Index", model));
                }

                user = await UserRepository.Get(user.Id);

                string token = HttpContext.Request.Cookies["auth_token"];
                await AuthenticationProvider.LogoutFromAllSessionsAsync(token);

                user.PasswordHash = HashingProvider.Hash(model.ChangePassword.NewPassword);
                await UserRepository.Update(user);

                token = await AuthenticationProvider.LoginAsync(user.Username, model.ChangePassword.NewPassword, TimeSpan.FromMinutes(30));

                HttpContext.Response.Cookies.Append("auth_token", token);

                return(RedirectToAction(nameof(Index)));
            }
            else
            {
                return(View("Index", model));
            }
        }