public async Task <IActionResult> Profile_ChangePassword([Bind("CurrentPassword, Password, ConfirmPassword")] PasswordInAppResetDTO model) { if (!ModelState.IsValid) { // If we got this far, something failed, redisplay form return(RedirectToAction(nameof(UserController.MyProfile))); } if (model.password != model.confirmpassword) { this.AddNotification("The new password and confirmation password do not match.", NotificationType.ERROR); // Activity Logging format _logger.LogError("The new password and confirmation password do not match."); return(RedirectToAction(nameof(UserController.MyProfile))); } else { var user = await _userManager.FindByIdAsync(_authUser.UserId); //var Oldpassword = _passwordService.GetUserOldPasswords(model.UserId).Select(x => x.PwdEncrypt); //var oldPass = _passwordService.GetUserOldPasswords(model.UserId).Where(x => x.PwdEncrypt == model.CurrentPassword); //if (Oldpassword.Contains(_userManager.PasswordHasher.HashPassword(user, model.Password))) //{ // this.AddNotification("Your new password already exists in your history of old password please choose another password combination!", NotificationType.WARNING); // return RedirectToAction(nameof(UserController.MyProfile)); //} //Update the Identity Password var passwordchange = await _userManager.ChangePasswordAsync(user, model.currentpassword, model.password); if (passwordchange.Succeeded) { this.AddNotification($"New Password was successfully set. Please Re-login", NotificationType.SUCCESS); await _signInManager.SignOutAsync(); _logger.LogInformation("User logged out."); return(RedirectToAction(nameof(AccountController.Login), "Account")); } AddErrors(passwordchange); } return(View("Error")); }
public async Task <string> InAppPasswordReset(PasswordInAppResetDTO inAppResetDTO) { try { return(string.Empty); ////Get the Logged in User //var userAuthname = _authUser.Name; ////Check if the password meet the Policy //var passpolicy = _userManager.Options.Password; ////Get Details of Logged in User //var getUser = await _userManager.FindByNameAsync(userAuthname); ////Check if the new password equates the current password //var verifywithoriginal = _userManager.PasswordHasher.VerifyHashedPassword(getUser, getUser?.PasswordHash, inAppResetDTO.password); ////Second Level Validation //var npass = _userManager.PasswordHasher.VerifyHashedPassword(getUser, getUser?.PasswordHash, inAppResetDTO.currentpassword); //if (npass == PasswordVerificationResult.Failed) //{ // _logger.LogWarning($"Your current password is not valid. Please enter valid password"); //} ////3rd Level Validation ////Check the history table for password relatin to the new password ////var oldPassword = _context.TGnsysUsersPasswordHist.Include(x => x.Emp).Where(x => x.Emp.GnsysUserid == getUser.Id); ////if (oldPassword.Any(x => _userManager.PasswordHasher.VerifyHashedPassword(getUser, x.PwdEncrypt, inAppResetDTO.password) == PasswordVerificationResult.Success)) ////{ //// _logger.LogWarning($"{getUser.UserName} new password already exists in the history of old password. please choose another password combination!"); //// await Bus.RaiseEvent(new DomainNotification("Error", $"{getUser.UserName} new password already exists in the history of old password. please choose another password combination!")); //// return await Task.FromResult(false); ////} ////4th Level Validation //var result = AuthenticatedUsernewpasswordPolicyValidator.ValidatePasswordPolicy(inAppResetDTO.currentpassword, passpolicy, userAuthname, verifywithoriginal, getUser.Email); //if (result.Count() > 0) //{ // foreach (var item in result) // { // _logger.LogWarning(item); // //await Bus.RaiseEvent(new DomainNotification(request.MessageType, item)); // } // //return await Task.FromResult(false); //} ////var fetchempid = await _context.TGnsysEmployee.FirstOrDefaultAsync(x => x.GnsysUserid == getUser.Id); ////var passcount = (oldPassword.Count() > 0) ? oldPassword.Select(x => x.PwdCount).Max() + 1 : 1; ////Before Change save the previos password to history //BTUsersPasswordHist hist = new BTUsersPasswordHist //{ // HistryId = Guid.NewGuid().ToString(), // EmpId = fetchempid.EmpId, // PwdEncrypt = getUser?.PasswordHash, // CreatedBy = getUser?.UserName, // CreatedDate = DateTime.Now, // LastModified = null, // ModifiedBy = null, // PwdCount = passcount //}; //_dbcontext.TGnsysUsersPasswordHist.Add(hist); //await _dbcontext.SaveChangesAsync(); ////Update the Identity Password //var passwordchange = await _userManager.ChangePasswordAsync(getUser, request.CurrentPassword, request.Password); //if (passwordchange.Succeeded) //{ // return await Task.FromResult(true); //} //else //{ // await Bus.RaiseEvent(new DomainNotification(request.MessageType, "Sorry! Password could not be change. Try again Later")); // return await Task.FromResult(false); //} } catch (Exception ex) { _logger.LogError(ex.Message); throw; } }