Exemplo n.º 1
0
        public async Task ChangePassword(UserPasswordChangeResource userEntry)
        {
            var user = await _userRepository.GetByUsernameAsync(userEntry.Username);

            if (!AuthBusinessLogic.CheckWaitPeriod(user, _configuration))
            {
                // TODO: Implement timeout time
                throw new UserLoginTimeoutException("{0} seconds.");
            }

            if (user == null)
            {
                throw new WrongUserCredentialsException("Invalid username or password.");
            }

            if (!AuthBusinessLogic.CheckIfValidPassword(user, userEntry.Password, _configuration))
            {
                _userRepository.MarkFailedLogin(user);
                await _userRepository.SaveChanges();

                throw new WrongUserCredentialsException("Invalid username or password.");
            }

            user.PasswordHash = AuthBusinessLogic.GetHash(userEntry.Username, userEntry.NewPassword, _configuration);

            await _userRepository.Update(user);

            _userRepository.MarkSuccessfulLogin(user);
            await _userRepository.SaveChanges();
        }
Exemplo n.º 2
0
        public async Task <IActionResult> ChangePassword([Required, FromBody] UserPasswordChangeResource user)
        {
            if (user.Username == null || user.Password == null || user.NewPassword == null)
            {
                throw new WrongUserCredentialsException("The supplied username or password is null.");
            }

            await _service.ChangePassword(user);

            return(new NoContentResult());
        }