Пример #1
0
        public async Task AddPasswordHistoryAsync(UserPasswordDomainModel model)
        {
            var addPasswordHistoryDomainModel = Mapper.Map <AddPasswordHistoryDomainModel>(model);

            addPasswordHistoryDomainModel.PasswordHash = await HashPasswordAsync(model.UserId, model.Password);

            await _passwordHistoryDomainService.AddPasswordHistoryAsync(addPasswordHistoryDomainModel);
        }
Пример #2
0
        public async Task <IActionResult> ResetPassword(ResetPasswordRequestModel model)
        {
            string userId;

            try
            {
                userId = _dataProtectorTokenProvider.Validate(model.Code);
            }
            catch (InvalidOperationException exception)
            {
                return(BadRequest(new ErrorResponseModel(ErrorCode.ActivationCodeExpired, exception.Message)));
            }
            var user = await _userManager.FindByIdAsync(userId);

            if (user == null)
            {
                return(NotFound(new ErrorResponseModel(ErrorCode.UserNotFound, UserNotFoundException)));
            }

            if (_userStatusErrors.ContainsKey(user.StatusId))
            {
                return(Conflict(_userStatusErrors[user.StatusId]));
            }

            var userPasswordDomainModel = new UserPasswordDomainModel
            {
                Password = model.Password,
                UserId   = userId
            };

            await _passwordHistoryService.CheckAndAddPasswordHistoryAsync(userPasswordDomainModel);

            var result = await _userManager.ResetPasswordAsync(user, model.Code, model.Password);

            if (!result.Succeeded)
            {
                return(GetErrorResult(result));
            }

            await _userManager.SetLockoutEndDateAsync(user, null);

            await _userService.UpdateLastPasswordChangedDateAsync(userId);

            await _userService.UpdateLastPasswordExpiresEmailSentDateAsync(userId);

            await _tokenService.RevokeTokensAsync(user.Id, "client");

            return(Ok());
        }
Пример #3
0
        public async Task CheckAndAddPasswordHistoryAsync(UserPasswordDomainModel model)
        {
            var user = await _userDomainService.GetUserByIdAsync(model.UserId);

            var getLastPasswordHashesDomainModel      = Mapper.Map <GetLastPasswordHashesDomainModel>(model);
            var removeUnusedPasswordHashesDomainModel = Mapper.Map <RemoveUnusedPasswordHashesDomainModel>(model);

            getLastPasswordHashesDomainModel.PasswordUniqueCount = removeUnusedPasswordHashesDomainModel.PasswordUniqueCount = _passwordConfiguration.UniqueCount;
            await _passwordHistoryDomainService.RemoveUnusedPasswordHistoriesAsync(removeUnusedPasswordHashesDomainModel);

            var lastUserPasswordHashes = await _passwordHistoryDomainService.GetLastUniquePasswordHashesAsync(getLastPasswordHashesDomainModel);

            if (lastUserPasswordHashes.Any(passwordHash => VerifyHashedPassword(user, passwordHash, model.Password)))
            {
                throw new NetKitAuthInputValidationException(ErrorCode.PasswordHashIsNotUnique, PasswordHashIsNotUniqueMessage);
            }
            var addPasswordHistoryDomainModel = Mapper.Map <AddPasswordHistoryDomainModel>(model);

            addPasswordHistoryDomainModel.PasswordHash = _passwordHasher.HashPassword(user, model.Password);
            await _passwordHistoryDomainService.AddPasswordHistoryAsync(addPasswordHistoryDomainModel);
        }