Exemplo n.º 1
0
        /// <summary>
        /// User update password
        /// </summary>
        /// <param name="websiteId"></param>
        /// <param name="userId"></param>
        /// <param name="userUpdatePasswordModel"></param>
        /// <returns></returns>
        public async Task UpdatePassword(int websiteId, int userId, UserUpdatePasswordModel userUpdatePasswordModel)
        {
            if (userUpdatePasswordModel.NewPassword == null ||
                userUpdatePasswordModel.NewPassword.Length < Constants.Utility.PasswordMinLength)
            {
                throw new ValidationException(Constants.MessageResponse.NewPasswordNotMeetExpected);
            }

            var userRepository = unitOfWork.GetRepository <User>();
            var user           = await userRepository.FindByAsync(x => x.Id == userId &&
                                                                  x.WebsiteId == websiteId);

            if (user == null)
            {
                throw new NotFoundException(string.Format(
                                                Constants.MessageResponse.NotFoundError, nameof(User), nameof(userUpdatePasswordModel.Id)));
            }

            var isValid = Security.ValidatePassword(user.Email, userUpdatePasswordModel.OldPassword, user.Password);

            if (!isValid)
            {
                throw new ValidationException(string.Format(Constants.MessageResponse.OldPasswordIncorrect));
            }

            user.Password    = Security.CreateHashPassword(user.Email, userUpdatePasswordModel.NewPassword);
            user.UpdatedDate = DateTime.UtcNow;
            userRepository.Update(user);
            await unitOfWork.CommitAsync();
        }
Exemplo n.º 2
0
        public async Task <bool> ChangePassword(int id, UserUpdatePasswordModel model, UserIdentity <int> issuer)
        {
            var user = await _userRepository.FindByUserIdAsync(id);

            if (user == null)
            {
                return(false);
            }

            var result = await _userManagement.ChangePasswordAsync(user, model.OldPassword, model.NewPassword);

            if (!result.Succeeded)
            {
                return(false);
            }

            user.UpdateBy(issuer);
            _userRepository.Update(user);
            await _uow.SaveChangesAsync();

            EmailTemplate emailTemplate = _emailTemplateRepository.GetEmailTemplateByName("ChangeUserPasswordEmail");

            emailTemplate.EmailContent = emailTemplate.EmailContent.Replace("#email", user.Email);
            emailTemplate.EmailContent = emailTemplate.EmailContent.Replace("#username", user.UserName);
            await _emailSender.SendEmailAsync(user.Email, emailTemplate.EmailSubject, emailTemplate.EmailContent, true);

            return(true);
        }
Exemplo n.º 3
0
        public ActionResult Manage(UserUpdatePasswordModel model)
        {
            if (ModelState.IsValid)
            {
                var userProfile = base.db.Users.FirstOrDefault(u => u.Name == User.Identity.Name);

                if (userProfile != null)
                {
                    var hash = General.HashString(model.CurrentPassword + userProfile.Salt.ToString());

                    if (hash == userProfile.Password)
                    {
                        hash = General.HashString(model.NewPassword + userProfile.Salt.ToString());
                        userProfile.Password = hash;

                        db.Entry(userProfile).State = EntityState.Modified;
                        db.SaveChanges();

                        return(RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess }));
                    }
                }
                ModelState.AddModelError("", Resources.Global.Account_Login_LoginFailed);
            }
            return(View(model));
        }
        public async Task <IActionResult> UpdatePassword([FromBody] UserUpdatePasswordModel model)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest());
            }

            return(Json(await _managerUserControl.UpdatePassword(model)));
        }
        public async Task <bool> UpdatePassword(UserUpdatePasswordModel model)
        {
            var currentUser = await _repositoryUser.Get(_userId);

            if (!await _managerUser.CheckPasswordAsync(currentUser, model.Password))
            {
                _eAccessDenied("Incorrect password");
            }

            var result = await _managerUser.ChangePasswordAsync(currentUser, model.Password, model.NewPassword);

            return(result.Succeeded);
        }
Exemplo n.º 6
0
        public ActionResult UpdatePassword()
        {
            var user = _session.Load <User>(_executionContext.UserId);

            if (user != null)
            {
                UserUpdatePasswordModel model = new UserUpdatePasswordModel()
                {
                    Username = user.Username
                };
                return(View(model));
            }
            return(RedirectToAction("Index", "Home"));
        }
Exemplo n.º 7
0
        public void TestUpdatePasswordAsync_OldPasswordNotEqual_ShouldThrowValidationException()
        {
            var websiteId = 1;
            var userId    = 1;
            var userUpdatePasswordModel = new UserUpdatePasswordModel()
            {
                OldPassword = "******",
                NewPassword = "******",
                WebsiteId   = 1
            };
            ValidationException ex = Assert.Throws <ValidationException>(() => userService.UpdatePassword(websiteId, userId, userUpdatePasswordModel).GetAwaiter().GetResult());

            Assert.AreEqual(
                Constants.MessageResponse.OldPasswordIncorrect,
                ex.Message);
        }
        public IActionResult UpdatePassword([FromBody] UserUpdatePasswordModel model)
        {
            int.TryParse(HttpContext.User.Identity.Name, out var id);
            int.TryParse(_config["security:pwdsize"], out var size);
            var salt    = PasswordService.GenerateSalt(size);
            var user    = _dataService.GetUserById(id);
            var pwd     = PasswordService.HashPassword(model.Password, salt, size);
            var updated = _dataService.UpdatePassword(id, pwd, salt);

            if (updated == false)
            {
                return(BadRequest());
            }

            return(Ok());
        }
Exemplo n.º 9
0
        public void TestUpdatePasswordAsync_ValidInput_ShouldNewPasswordChanged()
        {
            var websiteId = 1;
            var userId    = 1;
            var userUpdatePasswordModel = new UserUpdatePasswordModel()
            {
                OldPassword = "******",
                NewPassword = "******",
                WebsiteId   = 1
            };

            Assert.DoesNotThrowAsync(() => userService.UpdatePassword(websiteId, userId, userUpdatePasswordModel));
            var userUpdated = users.SingleOrDefault(x => x.Id == userId && x.WebsiteId == websiteId);
            var isValid     = Security.ValidatePassword(userUpdated.Email, userUpdatePasswordModel.NewPassword, userUpdated.Password);

            Assert.IsTrue(isValid);
        }
Exemplo n.º 10
0
        public void TestUpdatePasswordAsync_UserIdNotExisted_ShouldThrowNotFoundException()
        {
            var websiteId = 1;
            var userId    = 10;
            var userUpdatePasswordModel = new UserUpdatePasswordModel()
            {
                OldPassword = "******",
                NewPassword = "******",
                WebsiteId   = 1
            };
            NotFoundException ex = Assert.Throws <NotFoundException>(() => userService.UpdatePassword(websiteId, userId, userUpdatePasswordModel).GetAwaiter().GetResult());

            Assert.AreEqual(
                string.Format(
                    Constants.MessageResponse.NotFoundError, nameof(User), nameof(userUpdatePasswordModel.Id)),
                ex.Message);
        }
Exemplo n.º 11
0
        public ActionResult UpdatePassword(UserUpdatePasswordModel model)
        {
            var user = _session.Load <User>(_executionContext.UserId);

            if (!Encryption.Verify(model.OldPassword, user.Password))
            {
                ModelState.AddModelError("OldPassword", "Incorrect original password");
                return(View("UpdatePassword", model));
            }

            if (model.NewPassword != model.ConfirmNewPassword)
            {
                ModelState.AddModelError("ConfirmNewPassword", "New password confirmation incorrect");
                return(View("UpdatePassword", model));
            }

            user.ChangePassword(Encryption.HashPassword(model.NewPassword));
            return(RedirectToAction("Index", "Home"));
        }
Exemplo n.º 12
0
        public async Task <IActionResult> UpdatePassword(UserUpdatePasswordModel userUpdatePasswordModel)
        {
            await userService.UpdatePassword(this.WebsiteId, this.UserId, userUpdatePasswordModel);

            return(Ok(new ApiResponse <UserUpdatePasswordModel>()));
        }