Exemplo n.º 1
0
        public IActionResult ChangePasswordPost(ChangePasswordViewModel viewModel)
        {
            ControllerHelper.ThrowIfAdminIsImpersonatingUser(User);
            ControllerHelper.ThrowIfUserAccountRetiredOrEmailNotVerified(User, dataRepository);

            // Check all values are provided and NewPassword is at least 8 characters long
            viewModel.ParseAndValidateParameters(Request, m => m.CurrentPassword);
            viewModel.ParseAndValidateParameters(Request, m => m.NewPassword);
            viewModel.ParseAndValidateParameters(Request, m => m.ConfirmNewPassword);

            // Get the current user
            User currentUser = ControllerHelper.GetGpgUserFromAspNetUser(User, dataRepository);

            // Check that passwords are valid
            ValidatePasswords(viewModel, currentUser);

            if (viewModel.HasAnyErrors())
            {
                return(View("ChangePassword", viewModel));
            }

            userRepository.UpdatePassword(currentUser, viewModel.NewPassword);

            // send password change notification
            emailSendingService.SendChangePasswordCompletedEmail(currentUser.EmailAddress);

            // Set up success notification on Manage Account page
            string nextPageUrl = Url.Action("ManageAccountGet", "ManageAccount");

            StatusMessageHelper.SetStatusMessage(Response, "Your password has been changed successfully", nextPageUrl);

            // Return user to the Manage Account page
            return(LocalRedirect(nextPageUrl));
        }
        public IActionResult ChangePasswordPost(ChangePasswordViewModel viewModel)
        {
            ControllerHelper.ThrowIfAdminIsImpersonatingUser(User);
            ControllerHelper.ThrowIfUserAccountRetiredOrEmailNotVerified(User, dataRepository);

            // Check all values are provided and NewPassword is at least 8 characters long
            viewModel.ParseAndValidateParameters(Request, m => m.CurrentPassword);
            viewModel.ParseAndValidateParameters(Request, m => m.NewPassword);
            viewModel.ParseAndValidateParameters(Request, m => m.ConfirmNewPassword);

            // Get the current user
            User currentUser = ControllerHelper.GetGpgUserFromAspNetUser(User, dataRepository);

            // Check that passwords are valid
            ValidatePasswords(viewModel, currentUser);
            if (currentUser.ResetAttempts == Global.MaxAuthAttempts)
            {
                currentUser.ResetAttempts = 0;
                dataRepository.SaveChanges();
                StatusMessageHelper.SetStatusMessage(Response, "You have been logged out for security reasons", Url.Action("LoggedOut", "Login"));
                return(LoginHelper.Logout(HttpContext, RedirectToAction("LoggedOut", "Login")));
            }

            if (viewModel.HasAnyErrors())
            {
                return(View("ChangePassword", viewModel));
            }

            userRepository.UpdatePassword(currentUser, viewModel.NewPassword);

            // send password change notification
            emailSendingService.SendChangePasswordCompletedEmail(currentUser.EmailAddress);

            // Set up success notification on Manage Account page
            string nextPageUrl = Url.Action("LoggedOut", "Login");

            StatusMessageHelper.SetStatusMessage(Response, "Your password has been changed successfully", nextPageUrl);

            return(LoginHelper.Logout(HttpContext, RedirectToAction("LoggedOut", "Login")));
        }