public async Task <IActionResult> ChangePassword(changePasswordViewModel model)
{
if (ModelState.IsValid)
{
var account = await adminsService.GetAdminById(sessionService.User.Id);
if (account != null)
{
var password = hasherService.ComputeSha256Hash(model.CurrentPassword);
if (password == account.Password)
{
account.Password = hasherService.ComputeSha256Hash(model.NewPassword);
await adminsService.Update(account);
TempData[Constants.ChangePasswordSuccessMessage] = Messages.EditSuccess;
return(View());
}
else
{
TempData[Constants.ChangePasswordErrorMessage] = Messages.InCorrectPassword;
return(View(model));
}
}
else
{
return(RedirectToAction(nameof(AccessDenied)));
}
}
return(View(model));
}
public JsonResult ChangePassword(changePasswordViewModel changePasswordViewModel)
{
LoginResponse response = new LoginResponse();
// Getting user data from DB.
Admin user = _UnitOfWork.IAdminRepository.RetrieveAll().Where(u => u.AdminID == changePasswordViewModel.UserID).FirstOrDefault();
// Validation of passwords.
if (string.IsNullOrEmpty(changePasswordViewModel.OldPassword))
{
response.Errors.Add(new LAMPError(LAMPConstants.MSG_CURRENT_PASSWORD.ToString(), ResourceHelper.GetStringResource(LAMPConstants.MSG_CURRENT_PASSWORD)));
}
else if (user != null)
{
string currentPassword = CryptoUtil.DecryptStringWithKey(user.Password);
if (!currentPassword.Equals(changePasswordViewModel.OldPassword.Trim()))
{
response.Errors.Add(new LAMPError(LAMPConstants.MSG_WRONG_OLD_PASSWORD.ToString(), ResourceHelper.GetStringResource(LAMPConstants.MSG_WRONG_OLD_PASSWORD)));
}
}
else if (user == null)
{
response.Errors.Add(new LAMPError(LAMPConstants.MSG_INVALID_USER.ToString(), ResourceHelper.GetStringResource(LAMPConstants.MSG_INVALID_USER)));
}
if (string.IsNullOrEmpty(changePasswordViewModel.NewPassword))
{
response.Errors.Add(new LAMPError(ResourceHelper.GetStringResource(LAMPConstants.MSG_NEW_PASSWORD), ResourceHelper.GetStringResource(LAMPConstants.MSG_SPECIFY_NEW_PASSWORD)));
}
else if (changePasswordViewModel.OldPassword != null && changePasswordViewModel.OldPassword.CompareTo(changePasswordViewModel.NewPassword) == 0)
{
response.Errors.Add(new LAMPError(ResourceHelper.GetStringResource(LAMPConstants.MSG_NEW_PASSWORD), ResourceHelper.GetStringResource(LAMPConstants.MSG_SPECIFY_DIFFERENT_PASSWORDS)));
}
if (string.IsNullOrEmpty(changePasswordViewModel.ConfirmPassword))
{
response.Errors.Add(new LAMPError(ResourceHelper.GetStringResource(LAMPConstants.MSG_CONFIRM_PASSWORD), ResourceHelper.GetStringResource(LAMPConstants.MSG_SPECIFY_CONFIRM_PASSWORD)));
}
if (changePasswordViewModel.NewPassword != null && changePasswordViewModel.ConfirmPassword != null)
{
if (changePasswordViewModel.NewPassword != changePasswordViewModel.ConfirmPassword)
{
response.Errors.Add(new LAMPError(ResourceHelper.GetStringResource(LAMPConstants.MSG_CONFIRM_PASSWORD), ResourceHelper.GetStringResource(LAMPConstants.MSG_SPECIFY_SAME_PASSWORDS)));
}
}
ResetPasswordViewModel resetPasswordViewModel = new ResetPasswordViewModel();
resetPasswordViewModel.AdminID = user.AdminID.ToString();
resetPasswordViewModel.Email = user.Email;
resetPasswordViewModel.Password = changePasswordViewModel.NewPassword;
resetPasswordViewModel.ConfirmPassword = changePasswordViewModel.ConfirmPassword;
// Updating newly changed login password.
if (response.Errors.Count == 0)
{
response = _adminService.ResetPassword(resetPasswordViewModel);
}
return(Json(response));
}
public async Task <IActionResult> changePassword(changePasswordViewModel model)
{
try
{
if (ModelState.IsValid)
{
var user = await _userManager.FindByIdAsync(model.id);
if (user == null)
{
return(BadRequest("user id is not assigned"));
}
var result = await _userManager.ChangePasswordAsync(user, model.currentPassword, model.newPassword);
if (!result.Succeeded)
{
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
return(Ok());
}
await _singInManager.RefreshSignInAsync(user);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim("UserID", user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature)
};
var tokenHandler = new JwtSecurityTokenHandler();
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(securityToken);
var response = new { token };
var json = JsonConvert.SerializeObject(response);
return(new OkObjectResult(json));
}
else
{
return(BadRequest(ModelState));
}
}
catch (Exception ex)
{
logger.Error(ex.ToString());
logger.Warning(ex.StackTrace);
DTO dto = new DTO()
{
success = false,
message = "change Password process has failed"
};
return(BadRequest(dto));
}
}
