public ActionResult ChangeUserPassword(PasswordHistoryModel _model)
{
PasswordHistoryRequest request = new PasswordHistoryRequest
{
Data = new PasswordHistoryModel
{
UserID = _model.UserID,
UserName = _model.UserName,
Password = _model.Password,
NewPassword = _model.NewPassword
}
};
PasswordHistoryResponse response = new PasswordHistoryResponse();
response = new PasswordHistoryValidator(_unitOfWork, _context).Validate(request);
ViewBag.Response = $"{response.Status};{response.Message}";
return(View("ChangePassword"));
}
/// <summary>
/// Change password
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public PasswordHistoryResponse ChangePassword(PasswordHistoryRequest request)
{
PasswordHistoryResponse response = new PasswordHistoryResponse();
using (var transaction = _context.Database.BeginTransaction())
{
try
{
var toBeUpdate = _context.Users.SingleOrDefault(x => x.ID == request.Data.UserID);
if (toBeUpdate != null)
{
toBeUpdate.Password = CommonUtils.Encryptor(request.Data.NewPassword, CommonUtils.KeyEncryptor);
_context.SaveChanges();
}
var _passHistoryEntity = new PasswordHistory
{
OrganizationID = request.Data.OrganizationID,
UserName = request.Data.UserName,
Password = CommonUtils.Encryptor(request.Data.Password, CommonUtils.KeyEncryptor),
CreatedBy = request.Data.UserName,
CreatedDate = DateTime.Now
};
_context.PasswordHistories.Add(_passHistoryEntity);
_context.SaveChanges();
transaction.Commit();
response.Message = Messages.UserPasswordUpdated;
}
catch
{
transaction.Rollback();
response.Status = false;
response.Message = Messages.GeneralError;
}
}
return(response);
}
/// <summary>
/// Validate the request
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public PasswordHistoryResponse Validate(PasswordHistoryRequest request)
{
PasswordHistoryResponse response = new PasswordHistoryResponse();
if (String.IsNullOrEmpty(request.Data.UserName) || String.IsNullOrWhiteSpace(request.Data.UserName))
{
errorFields.Add("User Name");
}
if (String.IsNullOrEmpty(request.Data.Password) || String.IsNullOrWhiteSpace(request.Data.Password))
{
errorFields.Add("Password");
}
if (String.IsNullOrEmpty(request.Data.NewPassword) || String.IsNullOrWhiteSpace(request.Data.NewPassword))
{
errorFields.Add("New Password");
}
if (errorFields.Any())
{
response.Status = false;
response.Message = string.Format(Messages.RequiredFieldsMissing, String.Join(",", errorFields));
}
var cekIsExpired = _unitOfWork.UserRepository.GetFirstOrDefault(x => x.UserName == request.Data.UserName);
if (cekIsExpired == null)
{
response.Status = false;
response.Message = Messages.UserNotFound;
}
else
{
if (cekIsExpired.Status == false || cekIsExpired.ExpiredDate < DateTime.Now)
{
response.Status = false;
response.Message = Messages.CannotChangePasswordForInactiveUser;
}
}
var validateCurrentUser = _unitOfWork.UserRepository.GetFirstOrDefault(x => x.UserName == request.Data.UserName);
if (validateCurrentUser != null)
{
if (request.Data.Password != CommonUtils.Decryptor(validateCurrentUser.Password, CommonUtils.KeyEncryptor))
{
response.Status = false;
response.Message = Messages.UpdateFailedUsernamePasswordNotMatch;
}
}
var IsExistPassinHist = _unitOfWork.PasswordHistoryRepository.Get(x => x.OrganizationID == request.Data.OrganizationID && x.UserName == request.Data.UserName).Select(x => x.Password);
foreach (string p in IsExistPassinHist)
{
if (request.Data.NewPassword == CommonUtils.Decryptor(p, CommonUtils.KeyEncryptor))
{
response.Status = false;
response.Message = Messages.PasswordHasBeenUsedBefore;
break;
}
}
if (request.Data.Password.Equals(request.Data.NewPassword))
{
response.Status = false;
response.Message = Messages.PasswordHasBeenUsedBefore;
}
if (response.Status)
{
response = new PasswordHistoryHandler(_unitOfWork, _context).ChangePassword(request);
}
return(response);
}
