public async Task Given_PersonalInformationUsedInPassword_When_ChangePassword_Then_PasswordChangeRejected(
string wordReused)
{
// Arrange
var userId = 1;
var oldPassword = "******";
var newPassword = $"{wordReused}345";
var decryptedSecurityAnswer = "blah";
_encryption.Expect(a => a.Decrypt(Arg <string> .Is.Anything, Arg <string> .Is.Anything, Arg <int> .Is.Anything,
Arg <string> .Is.Anything, out Arg <string> .Out(decryptedSecurityAnswer).Dummy)).Return(true);
_userStore.Expect(a => a.FindByIdAsync(userId)).Return(Task.FromResult(new User
{
FirstName = "Bob",
LastName = "Joseph",
SecurityAnswer = "encryptedblah"
}));
// Act
var result = await _sut.ChangePasswordAsync(userId, oldPassword, newPassword);
// Assert
Assert.IsFalse(result.Succeeded);
_userStore.AssertWasNotCalled(a => a.ChangePasswordAsync(userId, oldPassword, newPassword));
}
public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
if (user != null)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
}
return(RedirectToAction("Index", new { Message = ManageMessageId.ChangePasswordSuccess }));
}
AddErrors(result);
return(View(model));
}
public async Task <HttpResponseMessage> ChangePassword(HttpRequestMessage request, string id, string password, string newPassword)
{
if (User != null && MemoryCacheHelper.RemoveUserEditByAdmin(User.Identity.Name))
{
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, CommonConstants.Error_Edit_By_Admin));
}
if (!string.IsNullOrEmpty(id))
{
var appUser = await AppUserManager.FindByIdAsync(id);
if (appUser != null)
{
bool passwordCheck = await AppUserManager.CheckPasswordAsync(appUser, password);
if (passwordCheck)
{
var result = await AppUserManager.ChangePasswordAsync(appUser.Id, password, newPassword);
return(request.CreateResponse(HttpStatusCode.OK, Common.Constants.MessageSystem.ChangePasswordSuccess));
}
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.ErrorOldPassword));
}
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.UserNotFound));
}
return(request.CreateErrorResponse(HttpStatusCode.BadRequest, Common.Constants.MessageSystem.ErrorIdNull));
}
public async Task <IActionResult> OnPostAsync()
{
if (!ModelState.IsValid)
{
return(Page());
}
var user = await _userManager.GetUserAsync(User);
if (user == null)
{
return(NotFound($"Unable to load user with ID '{_userManager.GetUserId(User)}'."));
}
var changePasswordResult = await _userManager.ChangePasswordAsync(user, Input.OldPassword, Input.NewPassword);
if (!changePasswordResult.Succeeded)
{
foreach (var error in changePasswordResult.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
return(Page());
}
await _signInManager.RefreshSignInAsync(user);
_logger.LogInformation("User changed their password successfully.");
StatusMessage = "Your password has been changed.";
return(RedirectToPage());
}
public async Task Given_ValidDetails_When_ChangePassword_Then_PasswordChanged()
{
// Arrange
var userId = 1;
var oldPassword = "******";
var newPassword = "******";
_userStore.Expect(a => a.ChangePasswordAsync(userId, oldPassword, newPassword)).Return(Task.FromResult(0));
_userStore.Expect(a => a.FindByIdAsync(userId)).Return(Task.FromResult(new User()
{
FirstName = "Bob", LastName = "Joseph", SecurityAnswer = "blah"
}));
// Act
var result = await _sut.ChangePasswordAsync(userId, oldPassword, newPassword);
// Assert
Assert.IsTrue(result.Succeeded);
}
public async Task <IHttpActionResult> ChangePassword(ChangePasswordBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var result = await AppUserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
return(result.Succeeded ? Ok() : GetErrorResult(result));
}
public async Task Given_ValidDetails_When_ChangePassword_Then_PasswordChanged()
{
// Arrange
var userId = 1;
var oldPassword = "******";
var newPassword = "******";
_userStore.Expect(a => a.ChangePasswordAsync(userId, oldPassword, newPassword)).Return(Task.FromResult(1));
string decryptedSecurityAnswer = "blah";
_encryption.Expect(a => a.Decrypt(Arg <string> .Is.Anything, Arg <string> .Is.Anything, Arg <int> .Is.Anything, Arg <string> .Is.Anything, out Arg <string> .Out(decryptedSecurityAnswer).Dummy)).Return(true);
_userStore.Expect(a => a.FindByIdAsync(userId)).Return(Task.FromResult(new User {
FirstName = "Bob", LastName = "Joseph", SecurityAnswer = "encryptedblah"
}));
// Act
var result = await _sut.ChangePasswordAsync(userId, oldPassword, newPassword);
// Assert
Assert.IsTrue(result.Succeeded, "Expected to Succeed but result was failure");
}
public async Task <IHttpActionResult> ChangePassword(ChangePasswordData data)
{
var result = await AppUserManager.ChangePasswordAsync(Guid.Parse(User.Identity.GetUserId()), data.OldPassword, data.NewPassword);
if (result.Succeeded)
{
Logger.ServiceLog.Info("Пользователь успешно изменил пароль к аккаунту.");
return(Ok());
}
Logger.ServiceLog.Warn("Пользователь не сменил пароль.");
return(GetErrorResult(result));
}
public async Task <ActionResult> Manage(ManageUserViewModel model)
{
bool hasPassword = HasPassword();
ViewBag.HasLocalPassword = hasPassword;
ViewBag.ReturnUrl = Url.Action("Manage");
if (hasPassword)
{
if (ModelState.IsValid)
{
IdentityResult result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
return(RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess }));
}
else
{
AddErrors(result);
}
}
}
else
{
// User does not have a password so remove any validation errors caused by a missing OldPassword field
ModelState state = ModelState["OldPassword"];
if (state != null)
{
state.Errors.Clear();
}
if (ModelState.IsValid)
{
IdentityResult result = await UserManager.AddPasswordAsync(User.Identity.GetUserId(), model.NewPassword);
if (result.Succeeded)
{
return(RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess }));
}
else
{
AddErrors(result);
}
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public async Task <IHttpActionResult> ChangePasswordAsync(ChangePassword changePassword)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var result = await AppUserManager.ChangePasswordAsync(User.Identity.GetUserId(), changePassword.CurrentPassword, changePassword.NewPassword);
if (!result.Succeeded)
{
ModelState.AddModelErrorRange(result.Errors);
return(BadRequest(ModelState));
}
return(Ok("Hasło zostało zmienione"));
}
public async Task <IHttpActionResult> ChangePassword(ChangePasswordDto dto)
{
if (dto.CurrentPassword == dto.NewPassword)
{
return(BadRequest("新密码不能与旧密码相等"));
}
var userId = int.Parse(User.Identity.GetUserId());
var result = await _userManager.ChangePasswordAsync(userId, dto.CurrentPassword, dto.NewPassword);
if (!result.Succeeded)
{
return(BadRequest(string.Join(",", result.Errors)));
}
return(StatusCode(HttpStatusCode.Accepted));
}
public async Task <IHttpActionResult> ChangePassword([FromBody] ChangePassword model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
IdentityResult result = await AppUserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
return(Ok());
}
public async Task HandleUpdateUserPassword(UpdateUserPasswordCommand command)
{
if (string.IsNullOrEmpty(command.CurrentPassword))
{
command.Result = await userManager.AddPasswordAsync(command.UserId, command.NewPassword);
}
else
{
command.Result = await userManager.ChangePasswordAsync(command.UserId, command.CurrentPassword, command.NewPassword);
}
if (!command.Result.Succeeded)
{
throw new IdentityException(command.Result);
}
}
//[Authorize]
public async Task <IHttpActionResult> ChangePassword(ChangePasswordBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await AppUserManager.FindByNameAsync(model.Username);
IdentityResult result = await AppUserManager.ChangePasswordAsync(user.Id, model.OldPassword, model.NewPassword);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
return(Ok());
}
public async Task <IHttpActionResult> UpdatePassword(PasswordUpdateRequest model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await AppUserManager.FindByNameAsync(User.Identity.Name);
if (user == null)
{
return(BadRequest("Auth db corrupted"));
}
IdentityResult result = await AppUserManager.ChangePasswordAsync(user.Id, model.OldPassword, model.Password);
return(result.Succeeded ? Ok() : GetErrorResult(result));
}
public async Task ChangePasswordAsync(int userId, string newPassword)
{
var user = await _userRepository.GetByIdAsync(userId);
var passwordResult = await _userManager.ChangePasswordAsync(user, newPassword);
if (passwordResult.Succeeded)
{
await _emailService.SendEmailAsync(
user.Email,
"Ваш пароль был изменён",
GetChangePasswordEmailBody(user, newPassword));
}
else
{
ThrowIdentityError(passwordResult.Errors);
}
}
public async Task <IActionResult> UpdatePassword([FromBody] ChangePasswordModel model)
{
var userId = User.FindFirstValue(JwtRegisteredClaimNames.Sub);
var user = await _userManager.FindByIdAsync(userId);
if (user is null)
{
return(BadRequest());
}
var result = await _userManager.ChangePasswordAsync(user, model.CurrentPassword, model.NewPassword);
if (!result.Succeeded)
{
return(BadRequest(result.Errors));
}
return(Ok());
}
public async Task <IHttpActionResult> ChangePassword(ChangePasswordBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var userId = User.Identity.GetUserId();
IdentityResult result = await AppUserManager.ChangePasswordAsync(userId, model.OldPassword, model.NewPassword);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
await AppUserManager.SendEmailAsync(userId, "Password Change", "Your password has been changed");
return(Ok());
}
public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
if (user != null)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
}
return(Content("<script language'javascript' type = 'text/javascript'> alert('Confrimation: Changed password succsesful'); window.location='../Customer/Home';</script>"));
}
AddErrors(result);
return(View(model));
}
public async Task <ActionResult> PasswordChange(AccountPasswordChangeViewModel model)
{
if (ModelState.IsValid)
{
var result = await _appUserManager.ChangePasswordAsync(
User.Id,
model.Password,
model.NewPassword
);
if (result.Succeeded)
{
Feedback.AddMessage(FeedbackMessageType.Success, GetLocalizedString <AreaResources>("DefaultSuccessMessage"));
return(RedirectToAction("Index", "Home", new { area = AppAreas.GetAreaName(Area.Root) }));
}
ModelState.AddModelError("Password", GetLocalizedString <AreaResources>("InvalidPasswordMessage"));
}
return(View(model));
}
