public bool ChangePassword(PasswordChangeUserModel model)
{
var user = _userRepository.GetById(model.Id);
if (user == null)
{
return(false);
}
if (!CheckCredentials(user.Username, model.OldPassword))
{
return(false);
}
byte[] salt;
new RNGCryptoServiceProvider().GetBytes(salt = new byte[16]);
var hashedPassword = HashThePassword(model.NewPassword, salt);
user.Password = hashedPassword;
_userRepository.Save(user);
return(true);
}
public ActionResult ChangePassword(PasswordChangeUserModel model)
{
try
{
if (ModelState.IsValid)
{
if (_accountBl.ChangePassword(model))
{
logger.Info("Password changed id = " + model.Id);
return(RedirectToAction("Index", "Users"));
}
logger.Info("Password invalid, id = " + model.Id);
ModelState.AddModelError("OldPassword", "Password is invalid.");
return(View());
}
logger.Info("Model state invalid.");
return(View());
}
catch (Exception e)
{
logger.Error("Exception occured, redirecting to password change page. " + e.Message);
return(View());
}
}
