public async Task <IHttpActionResult> Login(OAuthPasswordCredentialsBindingModel model)
{
if (model == null)
{
return(OAuthBadRequest(OAuthAccessTokenError.InvalidRequest));
}
if (model.grant_type != "password")
{
return(OAuthBadRequest(OAuthAccessTokenError.UnsupportedGrantType));
}
if (!await IdentityStore.ValidateLocalLogin(model.username, model.password))
{
return(OAuthBadRequest(OAuthAccessTokenError.InvalidRequest,
"The user name or password provided is incorrect."));
}
string userId = await IdentityStore.GetUserIdForLocalLogin(model.username);
ClaimsIdentity identity = await GetIdentityAsync(userId);
string token = CreateAccessToken(identity);
IUser user = await IdentityStore.Context.Users.Find(userId);
return(OAuthAccessToken(token, "bearer", user.UserName));
}
public async Task <IHttpActionResult> ChangePassword(ChangePasswordBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!await IdentityStore.ValidateLocalLogin(User.Identity.GetUserName(), model.OldPassword))
{
return(BadRequest("The current password is incorrect."));
}
if (!await IdentityStore.Context.Secrets.Update(User.Identity.GetUserName(), model.NewPassword))
{
return(BadRequest("The new password is invalid."));
}
await IdentityStore.Context.SaveChanges();
return(OK());
}