public void Put(String id, UserWithPassword value) { if (value.Password != value.PasswordNew || string.IsNullOrWhiteSpace(value.Password) || string.IsNullOrWhiteSpace(value.PasswordNew)) { throw new Exception("Not matching passwords"); } User current = _login.CurrentUser(); if (!current.IsAdmin && id != current.Id.ToString()) { throw new Exception(); } var user = _users.GetById(Guid.Parse(id)); _users.UpdatePassword(id, user.Password, value.PasswordNew); _attempts.Delete(Guid.Parse(id)); }
public bool Login(string login, string password) { var user = _user.GetByLogin(login); if (!_attempts.CanLogin(user.Id)) { Logoff(); return(false); } if (_user.Login(login, password)) { HttpContext.Current.Session["USER"] = user; _attempts.Delete(user.Id); return(true); } _attempts.Tentative(user.Id); Logoff(); return(false); }