public async Task ChangePassword(string lastPassword, string newPassword) { short userId = Convert.ToInt16(_httpContext.HttpContext.User.FindFirst(ClaimTypes.NameIdentifier).Value); Member member = await _memberRepository.GetMember(userId); if (member == null) { throw new UnauthorizedAccessException("User not found"); } if (!member.Password.DecryptTextWithBCrypt(lastPassword)) { throw new ArgumentException("Last password isn't correct"); } member.Password = newPassword.EncryptWithBCrypt(); await _memberRepository.Update(userId, member); await _memberRepository.CommitAsync(); }