/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
throw new ArgumentNullException("request");
var result = new ChangePasswordResult();
if (String.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return result;
}
if (String.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return result;
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return result;
}
var requestIsValid = false;
if (request.ValidateRequest)
{
//password
string oldPwd = "";
switch (customer.PasswordFormat)
{
case PasswordFormat.Encrypted:
oldPwd = _encryptionService.EncryptText(request.OldPassword);
break;
case PasswordFormat.Hashed:
oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, customer.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
default:
oldPwd = request.OldPassword;
break;
}
bool oldPasswordIsValid = oldPwd == customer.Password;
if (!oldPasswordIsValid)
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
if (oldPasswordIsValid)
requestIsValid = true;
}
else
requestIsValid = true;
//at this point request is valid
if (requestIsValid)
{
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
{
customer.Password = request.NewPassword;
}
break;
case PasswordFormat.Encrypted:
{
customer.Password = _encryptionService.EncryptText(request.NewPassword);
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
customer.PasswordSalt = saltKey;
customer.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
default:
break;
}
customer.PasswordFormat = request.NewPasswordFormat;
_customerService.UpdateCustomer(customer);
}
return result;
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var result = new ChangePasswordResult();
if (string.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return(result);
}
if (string.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return(result);
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return(result);
}
if (request.ValidateRequest)
{
//request isn't valid
if (!PasswordsMatch(customer.Password, request.OldPassword, customer.Code, customer.PasswordSalt))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
return(result);
}
}
//check for duplicates
if (_customerSettings.UnduplicatedPasswordsNumber > 0)
{
//get some of previous passwords
//var previousPasswords = _customerService.GetCustomerPasswords(customer.CustomerId, passwordsToReturn: _customerSettings.UnduplicatedPasswordsNumber);
//var newPasswordMatchesWithPrevious = previousPasswords.Any(password => PasswordsMatch(password.Password, request.NewPassword, customer.Code, customer.PasswordSalt));
//if (newPasswordMatchesWithPrevious)
//{
// result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordMatchesWithPrevious"));
// return result;
//}
}
var saltKey = _encryptionService.CreateSaltKey(SALT_KEY_SIZE);
// customerPassword.PasswordSalt = saltKey;
//customerPassword.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
//publish event
// _eventPublisher.Publish(new CustomerPasswordChangedEvent(customerPassword));
return(result);
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
{
throw new ArgumentNullException(nameof(request));
}
var result = new ChangePasswordResult();
if (string.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return(result);
}
if (string.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return(result);
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return(result);
}
//request isn't valid
if (request.ValidateRequest && !PasswordsMatch(_customerService.GetCurrentPassword(customer.Id), request.OldPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
return(result);
}
//check for duplicates
if (_customerSettings.UnduplicatedPasswordsNumber > 0)
{
//get some of previous passwords
var previousPasswords = _customerService.GetCustomerPasswords(customer.Id, passwordsToReturn: _customerSettings.UnduplicatedPasswordsNumber);
var newPasswordMatchesWithPrevious = previousPasswords.Any(password => PasswordsMatch(password, request.NewPassword));
if (newPasswordMatchesWithPrevious)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordMatchesWithPrevious"));
return(result);
}
}
//at this point request is valid
var customerPassword = new CustomerPassword
{
CustomerId = customer.Id,
PasswordFormat = request.NewPasswordFormat,
CreatedOnUtc = DateTime.UtcNow
};
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
customerPassword.Password = request.NewPassword;
break;
case PasswordFormat.Encrypted:
customerPassword.Password = _encryptionService.EncryptText(request.NewPassword);
break;
case PasswordFormat.Hashed:
var saltKey = _encryptionService.CreateSaltKey(NopCustomerServicesDefaults.PasswordSaltKeySize);
customerPassword.PasswordSalt = saltKey;
customerPassword.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey,
request.HashedPasswordFormat ?? _customerSettings.HashedPasswordFormat);
break;
}
_customerService.InsertCustomerPassword(customerPassword);
//publish event
_eventPublisher.Publish(new CustomerPasswordChangedEvent(customerPassword));
return(result);
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request">Request</param>
/// <returns>Result</returns>
public virtual ChangePasswordResult ChangePassword(ChangePasswordRequest request)
{
if (request == null)
{
throw new ArgumentNullException("request");
}
var result = new ChangePasswordResult();
if (String.IsNullOrWhiteSpace(request.Email))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
return(result);
}
if (String.IsNullOrWhiteSpace(request.NewPassword))
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
return(result);
}
var customer = _customerService.GetCustomerByEmail(request.Email);
if (customer == null)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
return(result);
}
var requestIsValid = false;
if (request.ValidateRequest)
{
//password
string oldPwd;
switch (customer.PasswordFormat)
{
case PasswordFormat.Encrypted:
oldPwd = _encryptionService.EncryptText(request.OldPassword);
break;
case PasswordFormat.Hashed:
oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, customer.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
default:
oldPwd = request.OldPassword;
break;
}
bool oldPasswordIsValid = oldPwd == customer.Password;
if (!oldPasswordIsValid)
{
result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));
}
if (oldPasswordIsValid)
{
requestIsValid = true;
}
}
else
{
requestIsValid = true;
}
//at this point request is valid
if (requestIsValid)
{
switch (request.NewPasswordFormat)
{
case PasswordFormat.Clear:
{
customer.Password = request.NewPassword;
}
break;
case PasswordFormat.Encrypted:
{
customer.Password = _encryptionService.EncryptText(request.NewPassword);
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
customer.PasswordSalt = saltKey;
customer.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _customerSettings.HashedPasswordFormat);
}
break;
default:
break;
}
customer.PasswordFormat = request.NewPasswordFormat;
_customerService.UpdateCustomer(customer);
}
return(result);
}
