/// <summary>
/// Business logic for resetting PartialAccount or Account object passwords.
/// </summary>
/// <param name="resetPasswordDto"></param>
/// <returns></returns>
public HttpResponseMessage ResetPassword(SsoResetPasswordRequestDTO resetPasswordDto)
{
// Partial Account will be null or Account will be null.
var partialAccount = _partialAccountLogic.GetPartialAccount(resetPasswordDto.Username);
var account = _accountLogic.GetSingle(resetPasswordDto.Username);
// Validate
if (partialAccount == null && account == null)
{
return(new HttpResponseMessage(HttpStatusCode.Unauthorized));
}
if (partialAccount != null && account != null)
{
return(new HttpResponseMessage(HttpStatusCode.InternalServerError));
}
if (partialAccount != null)
{
return(PartialAccountResetPasswordHelper(resetPasswordDto, partialAccount));
}
if (account != null)
{
return(AccountResetPasswordHelper(resetPasswordDto, account));
}
// Login Failure
return(new HttpResponseMessage(HttpStatusCode.InternalServerError));
}
private HttpResponseMessage AccountResetPasswordHelper(SsoResetPasswordRequestDTO resetPasswordDto,
Account account)
{
// Update password for account
account.Password = resetPasswordDto.HashedNewPassword;
_accountLogic.Update(account);
// Update salt table related to account
var accountSalt = _saltLogic.GetSalt(resetPasswordDto.Username);
accountSalt.PasswordSalt = resetPasswordDto.PasswordSalt;
_saltLogic.Update(accountSalt);
return(new HttpResponseMessage(HttpStatusCode.OK));
}
