internal static void login(
long idUser_in,
Guid sessionGuid_in,
string login_forLogPurposes_in,
string ip_forLogPurposes_in,
bool andCheckPassword_in,
string password_in,
out long idUser_out,
out string login_out,
out long[] idPermissions_out,
ref List <int> errorlist_ref
)
{
login(
DO_CRD_User.getObject(
idUser_in
),
sessionGuid_in,
login_forLogPurposes_in,
ip_forLogPurposes_in,
andCheckPassword_in,
password_in,
out idUser_out,
out login_out,
out idPermissions_out,
ref errorlist_ref
);
}
public static void ChangePassword(
string sessionGuid_in,
string ip_forLogPurposes_in,
string password_old_in,
string password_new_in,
out int[] errors_out
)
{
List <int> _errorlist;
Guid _sessionguid;
Sessionuser _sessionuser;
#region check...
if (!SBO_CRD_Authentication.isSessionGuid_valid(
sessionGuid_in,
ip_forLogPurposes_in,
out _sessionguid,
out _sessionuser,
out _errorlist,
out errors_out
))
{
//// no need!
//errors_out = _errors.ToArray();
return;
}
SO_CRD_User _user = DO_CRD_User.getObject(_sessionuser.IDUser);
if (_user == null)
{
_errorlist.Add(ErrorType.authentication__no_such_user);
UserSession.Remove(_sessionguid);
errors_out = _errorlist.ToArray();
return;
}
#endregion
bool _constraint;
if (
!SimpleHash.VerifyHash(
password_old_in,
SimpleHash.HashAlgotithm.SHA256,
_user.Password
)
)
{
_errorlist.Add(ErrorType.authentication__change_password__wrong_password);
}
else if (string.IsNullOrEmpty(password_new_in))
{
_errorlist.Add(ErrorType.authentication__change_password__invalid_password);
}
else
{
_user.Password
= SimpleHash.ComputeHash(
password_new_in,
SimpleHash.HashAlgotithm.SHA256,
null
);
DO_CRD_User.updObject(
_user,
true,
out _constraint
);
}
errors_out = _errorlist.ToArray();
}