public ActionResult ChangeUserPassword(PasswordHistoryModel _model) { PasswordHistoryRequest request = new PasswordHistoryRequest { Data = new PasswordHistoryModel { UserID = _model.UserID, UserName = _model.UserName, Password = _model.Password, NewPassword = _model.NewPassword } }; PasswordHistoryResponse response = new PasswordHistoryResponse(); response = new PasswordHistoryValidator(_unitOfWork, _context).Validate(request); ViewBag.Response = $"{response.Status};{response.Message}"; return(View("ChangePassword")); }
/// <summary> /// Change password /// </summary> /// <param name="request"></param> /// <returns></returns> public PasswordHistoryResponse ChangePassword(PasswordHistoryRequest request) { PasswordHistoryResponse response = new PasswordHistoryResponse(); using (var transaction = _context.Database.BeginTransaction()) { try { var toBeUpdate = _context.Users.SingleOrDefault(x => x.ID == request.Data.UserID); if (toBeUpdate != null) { toBeUpdate.Password = CommonUtils.Encryptor(request.Data.NewPassword, CommonUtils.KeyEncryptor); _context.SaveChanges(); } var _passHistoryEntity = new PasswordHistory { OrganizationID = request.Data.OrganizationID, UserName = request.Data.UserName, Password = CommonUtils.Encryptor(request.Data.Password, CommonUtils.KeyEncryptor), CreatedBy = request.Data.UserName, CreatedDate = DateTime.Now }; _context.PasswordHistories.Add(_passHistoryEntity); _context.SaveChanges(); transaction.Commit(); response.Message = Messages.UserPasswordUpdated; } catch { transaction.Rollback(); response.Status = false; response.Message = Messages.GeneralError; } } return(response); }
/// <summary> /// Validate the request /// </summary> /// <param name="request"></param> /// <returns></returns> public PasswordHistoryResponse Validate(PasswordHistoryRequest request) { PasswordHistoryResponse response = new PasswordHistoryResponse(); if (String.IsNullOrEmpty(request.Data.UserName) || String.IsNullOrWhiteSpace(request.Data.UserName)) { errorFields.Add("User Name"); } if (String.IsNullOrEmpty(request.Data.Password) || String.IsNullOrWhiteSpace(request.Data.Password)) { errorFields.Add("Password"); } if (String.IsNullOrEmpty(request.Data.NewPassword) || String.IsNullOrWhiteSpace(request.Data.NewPassword)) { errorFields.Add("New Password"); } if (errorFields.Any()) { response.Status = false; response.Message = string.Format(Messages.RequiredFieldsMissing, String.Join(",", errorFields)); } var cekIsExpired = _unitOfWork.UserRepository.GetFirstOrDefault(x => x.UserName == request.Data.UserName); if (cekIsExpired == null) { response.Status = false; response.Message = Messages.UserNotFound; } else { if (cekIsExpired.Status == false || cekIsExpired.ExpiredDate < DateTime.Now) { response.Status = false; response.Message = Messages.CannotChangePasswordForInactiveUser; } } var validateCurrentUser = _unitOfWork.UserRepository.GetFirstOrDefault(x => x.UserName == request.Data.UserName); if (validateCurrentUser != null) { if (request.Data.Password != CommonUtils.Decryptor(validateCurrentUser.Password, CommonUtils.KeyEncryptor)) { response.Status = false; response.Message = Messages.UpdateFailedUsernamePasswordNotMatch; } } var IsExistPassinHist = _unitOfWork.PasswordHistoryRepository.Get(x => x.OrganizationID == request.Data.OrganizationID && x.UserName == request.Data.UserName).Select(x => x.Password); foreach (string p in IsExistPassinHist) { if (request.Data.NewPassword == CommonUtils.Decryptor(p, CommonUtils.KeyEncryptor)) { response.Status = false; response.Message = Messages.PasswordHasBeenUsedBefore; break; } } if (request.Data.Password.Equals(request.Data.NewPassword)) { response.Status = false; response.Message = Messages.PasswordHasBeenUsedBefore; } if (response.Status) { response = new PasswordHistoryHandler(_unitOfWork, _context).ChangePassword(request); } return(response); }