public async Task <IActionResult> ChangePasswordAsync([FromBody] ChangePasswordBindingModel collection)
{
Log.Debug($"ChangePassword => {JsonConvert.SerializeObject(collection)}");
try {
if (string.IsNullOrEmpty(collection?.Password) || string.IsNullOrEmpty(collection.NewPassword) || string.IsNullOrEmpty(collection.ConfirmPassword))
{
return(BadRequest(_localizer[DataTransferer.DefectivePassword().Message]));
}
if (collection.NewPassword != collection.ConfirmPassword)
{
return(BadRequest(_localizer[DataTransferer.PasswordsMissmatch().Message]));
}
var account = await _accountService.FirstAsync(new AccountGetFirstSchema {
Id = CurrentAccount.Id
}).ConfigureAwait(true);
if (account == null)
{
return(BadRequest(_localizer[DataTransferer.UserNotFound().Message]));
}
if (_cryptograph.IsEqual(collection.Password, account.Password))
{
await _accountService.UpdateAsync(new AccountUpdateSchema {
Id = account.Id.Value,
Password = _cryptograph.RNG(collection.NewPassword)
}).ConfigureAwait(false);
return(Ok(_localizer[DataTransferer.PasswordChanged().Message]));
}
else
{
return(Unauthorized(_localizer[DataTransferer.WrongPassword().Message]));
}
}
catch (Exception ex) {
Log.Error(ex, ex.Source);
return(Problem(_localizer[DataTransferer.SomethingWentWrong().Message]));
}
}
public async Task <IServiceResult> SigninAsync(SigninBindingModel signinModel)
{
var now = DateTime.UtcNow;
using (var transaction = new TransactionScope(TransactionScopeAsyncFlowOption.Enabled)) {
try {
var query = new AccountProfileGetFirstSchema {
LinkedId = signinModel.Username
//StatusId = Status.Active
};
if (signinModel.Username.IsPhoneNumber())
{
query.TypeId = AccountProfileType.Phone.ToInt();
}
else if (new EmailAddressAttribute().IsValid(signinModel.Username))
{
query.TypeId = AccountProfileType.Email.ToInt();
}
else
{
return(DataTransferer.InvalidEmailOrCellPhone());
}
var accountProfile = await _accountProfileService.FirstAsync(query).ConfigureAwait(true);
if (accountProfile == null)
{
if (query.TypeId == AccountProfileType.Phone.ToInt())
{
return(DataTransferer.PhoneNotFound());
}
else
{
return(DataTransferer.EmailNotFound());
}
}
var account = await FirstAsync(new AccountGetFirstSchema {
Id = accountProfile.AccountId,
StatusId = Status.Active.ToInt()
}).ConfigureAwait(true);
if (account == null)
{
return(DataTransferer.UserIsNotActive());
}
var deviceId = 0;
// check password
if (_cryptograph.IsEqual(signinModel.Password, account.Password))
{
var accountDeviceQuery = new AccountDeviceGetFirstSchema {
AccountId = account.Id,
DeviceId = signinModel.DeviceId
};
var accountDevice = await _accountDeviceService.FirstAsync(accountDeviceQuery);
// todo: check the accountDevice
if (accountDevice != null)
{
deviceId = accountDevice.Id.Value;
// set new token
await _accountDeviceService.UpdateAsync(new AccountDeviceUpdateSchema {
Id = accountDevice.Id.Value,
});
}
else
{
// create new device for account
deviceId = await _accountDeviceService.AddAsync(new AccountDeviceAddSchema {
AccountId = account.Id,
DeviceId = signinModel.DeviceId,
DeviceName = signinModel.DeviceName,
DeviceType = signinModel.DeviceType,
CreatedAt = now,
StatusId = Status.Active.ToInt()
});
}
}
else
{
return(DataTransferer.WrongPassword());
}
// clean forgot password tokens
await _accountProfileService.CleanForgotPasswordTokensAsync(account.Id.Value);
//if(accountProfilesQuery.StatusCode != 200) {
// Log.Error($"Can't update 'ForgotPasswordTokens' to NULL for AccountId={account.Id}");
// return DataTransferer.SomethingWentWrong();
//}
// set last signed in at
var changedAccount = UpdateAsync(new AccountUpdateSchema {
LastSignedinAt = now
});
transaction.Complete();
var token = _jwtHandler.Bearer(new Account(account.Id.Value, deviceId, signinModel.Username, now).ToClaimsIdentity());
return(DataTransferer.Ok(token));
}
catch (Exception ex) {
Log.Error(ex, ex.Source);
return(DataTransferer.InternalServerError());
}
}
}
