public void Put(String id, UserWithPassword value)
{
if (value.Password != value.PasswordNew || string.IsNullOrWhiteSpace(value.Password) || string.IsNullOrWhiteSpace(value.PasswordNew))
{
throw new Exception("Not matching passwords");
}
User current = _login.CurrentUser();
if (!current.IsAdmin && id != current.Id.ToString())
{
throw new Exception();
}
var user = _users.GetById(Guid.Parse(id));
_users.UpdatePassword(id, user.Password, value.PasswordNew);
_attempts.Delete(Guid.Parse(id));
}
public bool Login(string login, string password)
{
var user = _user.GetByLogin(login);
if (!_attempts.CanLogin(user.Id))
{
Logoff();
return(false);
}
if (_user.Login(login, password))
{
HttpContext.Current.Session["USER"] = user;
_attempts.Delete(user.Id);
return(true);
}
_attempts.Tentative(user.Id);
Logoff();
return(false);
}
