public int ChangePass(string old, string pass, string otp)
{
try
{
var accountId = AccountSession.AccountID;
var accountInfo = AccountDAO.GetAccountInfo(accountId);
var infoApp = OtpDAO.GetCurrentCounter(accountId);
string token = infoApp?.AppT;
if (!string.IsNullOrEmpty(infoApp?.AppT))
{
if (OTPApp.ValidateOTP($"{Security.MD5Encrypt($"{accountId}_{token}")}_{token}", otp))
{
goto doneOTP;
}
}
if (string.IsNullOrEmpty(otp) || (!OTP.OTP.ValidateOTP(accountId, otp, accountInfo.Tel)))
{
return(-60);
}
doneOTP:
Regex rPassword = new Regex("^[a-zA-Z0-9_.-]{6,18}$");
if (!rPassword.IsMatch(old))
{
return(-30);
}
if (!rPassword.IsMatch(pass))
{
return(-30);
}
var account = SecurityDAO.GetByIdPass(accountId, Security.MD5Encrypt(old));
if (account == null)
{
return(-31);
}
SecurityDAO.ChangePassword(AccountSession.AccountID, Security.MD5Encrypt(old), Security.MD5Encrypt(pass));
return(1);
}
catch (Exception ex)
{
NLogManager.PublishException(ex);
}
return(-99);
}