public async Task <IActionResult> ChangePassword(ChangePasswordViewModel changePassword) { try { var sequenceData = await sequenceLogic.GetSequenceDataAsync <LoginUpSequenceData>(remove : false); CheckUpParty(sequenceData); var loginUpParty = await tenantRepository.GetAsync <LoginUpParty>(sequenceData.UpPartyId); Func <IActionResult> viewError = () => { changePassword.SequenceString = SequenceString; changePassword.CssStyle = loginUpParty.CssStyle; changePassword.EnableCancelLogin = loginUpParty.EnableCancelLogin; return(View(nameof(ChangePassword), changePassword)); }; if (!ModelState.IsValid) { return(viewError()); } logger.ScopeTrace("Change password post."); try { var user = await userAccountLogic.ChangePasswordUser(changePassword.Email, changePassword.CurrentPassword, changePassword.NewPassword); if (user.ConfirmAccount && !user.EmailVerified) { await accountActionLogic.SendConfirmationEmailAsync(user); } var session = await sessionLogic.GetSessionAsync(loginUpParty); if (session != null && user.UserId != session.UserId) { logger.ScopeTrace("Authenticated user and session user do not match."); // TODO invalid user login throw new NotImplementedException("Authenticated user and session user do not match."); } if (!sequenceData.UserId.IsNullOrEmpty() && user.UserId != sequenceData.UserId) { logger.ScopeTrace("Authenticated user and requested user do not match."); // TODO invalid user login throw new NotImplementedException("Authenticated user and requested user do not match."); } return(await LoginResponseAsync(loginUpParty, GetDownPartyLink(loginUpParty, sequenceData), user, session)); } catch (UserObservationPeriodException uoex) { logger.ScopeTrace(uoex.Message, triggerEvent: true); ModelState.AddModelError(string.Empty, localizer["Your account is temporarily locked because of too many login attempts. Please wait for a while and try again."]); } catch (InvalidPasswordException ipex) { logger.ScopeTrace(ipex.Message, triggerEvent: true); ModelState.AddModelError(nameof(changePassword.CurrentPassword), localizer["Wrong password"]); } catch (NewPasswordEqualsCurrentException npeex) { logger.ScopeTrace(npeex.Message); ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["Please use a new password."]); } catch (PasswordLengthException plex) { logger.ScopeTrace(plex.Message); ModelState.AddModelError(nameof(changePassword.NewPassword), RouteBinding.CheckPasswordComplexity ? localizer["Please use {0} characters or more with a mix of letters, numbers and symbols.", RouteBinding.PasswordLength] : localizer["Please use {0} characters or more.", RouteBinding.PasswordLength]); } catch (PasswordComplexityException pcex) { logger.ScopeTrace(pcex.Message); ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["Please use a mix of letters, numbers and symbols"]); } catch (PasswordEmailTextComplexityException pecex) { logger.ScopeTrace(pecex.Message); ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["Please do not use the email or parts of it."]); } catch (PasswordUrlTextComplexityException pucex) { logger.ScopeTrace(pucex.Message); ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["Please do not use parts of the URL."]); } catch (PasswordRiskException prex) { logger.ScopeTrace(prex.Message); ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["The password has previously appeared in a data breach. Please choose a more secure alternative."]); } return(viewError()); } catch (Exception ex) { throw new EndpointException($"Change password failed, Name '{RouteBinding.UpParty.Name}'.", ex) { RouteBinding = RouteBinding }; } }