public async Task <BaseResponse> UpdateUserPasswordAsync(UserPasswordViewModel req, int Id) { var userInfo = _user.Find(Id); string Password = EncryptData.EncryptPassword(req.OldPassword, userInfo.Salt); if (Password != userInfo.Password) { return(new BaseResponse { Success = false, Message = "旧密码不正确" }); } Password = EncryptData.EncryptPassword(req.Password, userInfo.Salt); userInfo.Password = Password; userInfo.Modify = userInfo.Account; userInfo.ModifyTime = DateTime.Now; try { await _user.SaveAsync(userInfo); _log.LogInformation("用户修改密码成功"); return(new BaseResponse { Success = true, Message = "修改数据成功" }); } catch (Exception ex) { _log.LogError($"用户修改密码失败:{ex.Message}->{ex.StackTrace}->{ex.InnerException}"); return(new BaseResponse { Success = false, Message = "用户修改密码失败,请联系管理员" }); } }
public async Task <IActionResult> UpdatePassword([FromRoute] int id, [FromBody] UserPasswordViewModel userPass) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (id <= 0) { return(BadRequest()); } try { await _userService.ChangePassword(id, userPass); } catch (DbUpdateConcurrencyException ex) { return(NotFound(ex)); } catch (DbUpdateException ex) { return(BadRequest(ex)); } catch (Exception ex) { return(BadRequest(ex)); } return(Ok()); }
public async Task <IActionResult> UpdatePassword([FromRoute] string id, [FromBody] UserPasswordViewModel viewModel) { User user = await repository.GetByIdAsync <User>(id, _includeProperties); if (user == null) { return(NotFound(new { message = "User does not exist!" })); } if (!HttpContext.User.IsInRole("admin")) { // only admin or current user can update current user's profile if (!HttpContext.User.HasClaim(c => c.Type == ClaimTypes.NameIdentifier && c.Value == user.Id)) { return(Forbid()); } } var result = await repository.GetUserManager().ChangePasswordAsync(user, viewModel.Password, viewModel.NewPassword); if (!result.Succeeded) { foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } return(BadRequest(ModelState)); } user.ModifiedAt = DateTime.UtcNow; await repository.GetUserManager().UpdateAsync(user); return(NoContent()); }
public async Task <string> ChangePassword(UserPasswordViewModel model) { User user = await _userManager.FindByNameAsync(model.Username); if (user == null) { return("Not found user"); } var isCorrectPassword = await _userManager.CheckPasswordAsync(user, model.CurrentPass); if (!isCorrectPassword) { if (model.CurrentPass.Equals("123456")) { string resetToken = await _userManager.GeneratePasswordResetTokenAsync(user); await _userManager.ResetPasswordAsync(user, resetToken, model.NewPass); } else { return(INCORRECT_PASS); } } else { await _userManager.ChangePasswordAsync(user, model.CurrentPass, model.NewPass); } //await _userManager.RemovePasswordAsync(user); //await _userManager.AddPasswordAsync(user, model.newPass); return(string.Empty); }
public async Task <IActionResult> ChangePassword(UserPasswordViewModel vm) { if (ModelState.IsValid) { var user = await _userManagerService.GetUserAsync(User); if (user != null) { var check = await _userManagerService.CheckPasswordAsync(user, vm.OldPassword); if (check == true) { var changePassword = await _userManagerService.ChangePasswordAsync(user, vm.OldPassword, vm.NewPassword); if (changePassword.Succeeded) { return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError("", "Your Current Password is incorrect"); return(View(vm)); } } } ModelState.AddModelError("", "unspecified error occured."); return(View(vm)); } return(View(vm)); }
public async Task <IActionResult> Password([Bind("Id,Password,PasswordConfirm")] UserPasswordViewModel m) { var user = _svc.GetUser(m.Id); if (!ModelState.IsValid || user == null) { return(View(m)); } // update the password user.Password = m.Password; // save changes var updated = _svc.UpdateUser(user); if (updated == null) { Alert("There was a problem Updating the password. Please try again", AlertType.warning); return(View(m)); } Alert("Successfully Updated Password", AlertType.info); // sign the user in with updated details) await SignIn(user); return(RedirectToAction("Index", "Home")); }
public Result <bool> ChangePassword(int userId, UserPasswordViewModel password) { try { if (password.NewPassword != password.RepeatedNewPassword) { throw new Exception(EResultMessage.InvalidData.ToString()); } var user = Get(u => u.Id == userId); if (user == null) { throw new Exception(EResultMessage.NotFound.ToString()); } if (!Protected.Validate(password.OldPassword, user.HashPassword)) { throw new Exception(EResultMessage.WrongPassword.ToString()); } user.HashPassword = Protected.CreatePasswordHash(password.NewPassword); Update(user); if (!SaveChanges()) { throw new Exception(EResultMessage.DatabaseError.ToString()); } return(ResultHelper.Succeeded(true, message: EResultMessage.RegistrationDone.ToString())); } catch (Exception e) { return(ResultHelper.Failed <bool>(message: e.Message)); } }
public IActionResult Password() { var user = _svc.GetUser((this.Identity()).Value); var passwordViewModel = new UserPasswordViewModel { Id = user.Id, Password = user.Password, PasswordConfirm = user.Password, }; return(View(passwordViewModel)); }
public IActionResult UpdatePassword() { // use BaseClass helper method to retrieve Id of signed in user var user = _svc.GetUser(GetSignedInUserId()); var passwordViewModel = new UserPasswordViewModel { Id = user.Id, Password = user.Password, PasswordConfirm = user.Password, }; return(View(passwordViewModel)); }
public void Create_get_and_Delete() { UsersController controller = new UsersController(); controller.Request = new HttpRequestMessage(); controller.Configuration = new HttpConfiguration(); IPrincipal FakeUser = new GenericPrincipal(new GenericIdentity("admin", "Forms"), null); UserPasswordViewModel testUser = new UserPasswordViewModel() { password = "******", username = "******", IsADMIN = true, IsPAGE_1 = true, IsPAGE_2 = true, IsPAGE_3 = true }; //Act 1 HttpResponseMessage result = controller.Post(testUser, FakeUser); //Assert 1 Assert.AreEqual(result.StatusCode, System.Net.HttpStatusCode.OK); //Act 2 result = controller.Get("test", FakeUser); UserViewModel user = null; if (result != null) { result.TryGetContentValue(out user); } //Assert 2 Assert.IsNotNull(result); Assert.IsNotNull(user); Assert.AreEqual(user.IsADMIN, user.IsADMIN); Assert.AreEqual(user.IsPAGE_1, user.IsPAGE_1); Assert.AreEqual(user.IsPAGE_2, user.IsPAGE_2); Assert.AreEqual(user.IsPAGE_3, user.IsPAGE_2); //Act 3 result = controller.Delete("test", FakeUser); //Assert 3 Assert.AreEqual(result.StatusCode, System.Net.HttpStatusCode.OK); result = controller.Get("test", FakeUser); user = null; if (result != null) { result.TryGetContentValue(out user); } Assert.IsNull(user); Assert.IsNotNull(result); Assert.AreEqual(result.StatusCode, System.Net.HttpStatusCode.NotFound); }
public void UpdatePassword(UserPasswordViewModel model) { var mapper = CustomMapperConfiguration.ConfigCreateMapper <UserPasswordViewModel, User>(); //var config = new MapperConfiguration(c => //{ // c.CreateMap<UserPasswordViewModel, User>(); // c.IgnoreUnmapped(); //}); //var mapper = config.CreateMapper(); var user = mapper.Map <UserPasswordViewModel, User>(model); user.Password = Sha256HashGenerator.GenerateHash(model.Password); _usersRepository.UpdatePassword(user); }
public IHttpActionResult PutUser(string userName, UserPasswordViewModel user_view_model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (string.IsNullOrWhiteSpace(user_view_model.Password)) { return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.NotModified, "取消變更"))); } if (userName != user_view_model.UserName) { return(BadRequest()); } //把資料庫中的那筆資料讀出來 var user_db = db.Users.Find(userName); if (user_db == null) { return(ResponseMessage(Request.CreateErrorResponse(HttpStatusCode.NotFound, "這筆資料已被刪除!"))); } else { try { user_db.Password = user_view_model.Password; //db.Entry(user_db).OriginalValues["Timestamp"] = Convert.FromBase64String(user_view_model.TimestampString); db.SaveChanges(); //寫入AccessLog MPAccessLog.WriteEntry(User.Identity.Name, AccessAction.PasswordChanged, "User", user_db.UserName); } catch (DbUpdateConcurrencyException) { if (!UserExists(userName)) { throw new HttpResponseException(Request.CreateResponse(HttpStatusCode.NotFound, "這筆資料已被刪除!")); } else { throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.Conflict, "這筆資料已被其他人修改!"));// "" } } } return(Ok(ToUserViewModel(user_db))); }
public async Task ChangePassword(int id, UserPasswordViewModel userPass) { var user = await _context.Users.FindAsync(id); if (!(CheckPassword(userPass.OldPassword, user.PasswordHash, user.PasswordSalt))) { throw new Exception("Password Denied"); } CreatePassword(userPass.NewPassword, out byte[] passwordHash, out byte[] passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; await _context.SaveChangesAsync(); }
public async Task <ActionResult> ChangePassword(UserPasswordViewModel model) { if (!ModelState.IsValid) { return(BadRequest("Invalid Request")); } var result = await _userService.ChangePassword(model); if (!string.IsNullOrEmpty(result)) { return(StatusCode((int)HttpStatusCode.NotAcceptable, result)); } return(Ok()); }
public async Task <ActionResult <BaseResponse> > Password(UserPasswordViewModel req) { BaseResponse br = new BaseResponse(); if (req.Password != req.PasswordAgain) { br.Success = false; br.Message = "两次输入的密码不一致"; return(br); } var Id = Convert.ToInt32(User.Claims.FirstOrDefault(a => a.Type == "Id").Value); br = await _us.UpdateUserPasswordAsync(req, Id); return(br); }
public ActionResult _PasswordEdit(UserPasswordViewModel model) { if (model == null) { throw new ArgumentException("bad request"); } UserManager.RemovePassword(model.UserId); var result = UserManager.AddPassword(model.UserId, model.Password); if (result.Succeeded) { return(RedirectToAction("list")); } AddErrors(result); return(RedirectToAction("EditCredentials", new { @id = model.UserId })); }
public HttpResponseMessage Post(UserPasswordViewModel userViewModel, System.Security.Principal.IPrincipal user) { var db = new ApplicationDbContext(); db.Configuration.ProxyCreationEnabled = false; if (IsNotAuthorized(db, user.Identity.Name)) { return(new HttpResponseMessage(HttpStatusCode.Unauthorized)); } UserManager <ApplicationUser> userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(db)); if (!db.Users.Any(u => u.UserName == userViewModel.username)) { var appUser = new ApplicationUser { UserName = userViewModel.username }; IdentityResult result = userManager.Create(appUser, userViewModel.password); if (!result.Succeeded) { return(Request.CreateResponse(GetErrorResult(result))); } if (userViewModel.IsADMIN) { userManager.AddToRole(appUser.Id, "ADMIN"); } if (userViewModel.IsPAGE_1) { userManager.AddToRole(appUser.Id, "PAGE_1"); } if (userViewModel.IsPAGE_2) { userManager.AddToRole(appUser.Id, "PAGE_2"); } if (userViewModel.IsPAGE_3) { userManager.AddToRole(appUser.Id, "PAGE_3"); } } return(Request.CreateResponse(HttpStatusCode.OK)); }
public async Task <IActionResult> UserPassword(UserPasswordViewModel userPasswordViewModel) { if (!ModelState.IsValid) { return(View(userPasswordViewModel)); } // ------- get user object from the storage var applicationUser = await _userManager.GetUserAsync(User); if (applicationUser?.Email == userPasswordViewModel.Email) { var result = await _userManager.CheckPasswordAsync(applicationUser, userPasswordViewModel.Password); if (result) { var changePasswordResult = await _userManager.ChangePasswordAsync(applicationUser, userPasswordViewModel.Password, userPasswordViewModel.NewPassword); if (changePasswordResult.Succeeded) { return(RedirectToAction(nameof(UserPasswordConfirm))); } else { return(BadRequest()); } } else { ModelState.TryAddModelError("", "your credentials are incorrect"); return(View(userPasswordViewModel)); } } ModelState.TryAddModelError("", "your credentials are incorrect"); return(View(userPasswordViewModel)); }
public ActionResult LogOn(UserPasswordViewModel model) { if (!ModelState.IsValid) { ViewBag.Message = Resources.Resource.ERROR_WrongPassword; return(View("ErrorView")); } var userRepo = new UsersRepository(); var user = userRepo.ValidateUser(model.Login, model.Password); if (user == null) { ViewBag.Message = Resources.Resource.ERROR_WrongPassword; return(View("ErrorView")); } FormsAuthentication.SetAuthCookie(user.Login, true); return(RedirectToAction("Rating", "User")); }
public HttpResponseMessage Put(string id, [FromBody] UserPasswordViewModel user) { return(Put(id, user, User)); }
public HttpResponseMessage Put(string id, UserPasswordViewModel userViewModel, System.Security.Principal.IPrincipal user) { var db = new ApplicationDbContext(); db.Configuration.ProxyCreationEnabled = false; if (IsNotAuthorized(db, user.Identity.Name)) { return(new HttpResponseMessage(HttpStatusCode.Unauthorized)); } UserStore <ApplicationUser> store = new UserStore <ApplicationUser>(db); UserManager <ApplicationUser> userManager = new UserManager <ApplicationUser>(store); var appUser = db.Users.Include("Roles").SingleOrDefault(u => u.UserName == id); if (appUser != null) { if (appUser.UserName != userViewModel.username) { appUser.UserName = userViewModel.username; } if (userViewModel.password == null || userViewModel.password.Length < 6) { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid password format")); } PasswordVerificationResult verificationResult = userManager.PasswordHasher.VerifyHashedPassword(appUser.PasswordHash, userViewModel.password); if (verificationResult == PasswordVerificationResult.Failed) { string hashedNewPassword = userManager.PasswordHasher.HashPassword(userViewModel.password); store.SetPasswordHashAsync(appUser, hashedNewPassword); } if (userViewModel.IsADMIN && !appUser.Roles.Any(r => r.RoleId == AspNetRolesEnum.ADMIN)) { userManager.AddToRole(appUser.Id, "ADMIN"); } else if (!userViewModel.IsADMIN && appUser.Roles.Any(r => r.RoleId == AspNetRolesEnum.ADMIN)) { userManager.RemoveFromRole(appUser.Id, "ADMIN"); } if (userViewModel.IsPAGE_1 && !appUser.Roles.Any(r => r.RoleId == AspNetRolesEnum.PAGE_1)) { userManager.AddToRole(appUser.Id, "PAGE_1"); } else if (!userViewModel.IsPAGE_1 && appUser.Roles.Any(r => r.RoleId == AspNetRolesEnum.PAGE_1)) { userManager.RemoveFromRole(appUser.Id, "PAGE_1"); } if (userViewModel.IsPAGE_2 && !appUser.Roles.Any(r => r.RoleId == AspNetRolesEnum.PAGE_2)) { userManager.AddToRole(appUser.Id, "PAGE_2"); } else if (!userViewModel.IsPAGE_2 && appUser.Roles.Any(r => r.RoleId == AspNetRolesEnum.PAGE_2)) { userManager.RemoveFromRole(appUser.Id, "PAGE_2"); } if (userViewModel.IsPAGE_3 && !appUser.Roles.Any(r => r.RoleId == AspNetRolesEnum.PAGE_3)) { userManager.AddToRole(appUser.Id, "PAGE_3"); } else if (!userViewModel.IsPAGE_3 && appUser.Roles.Any(r => r.RoleId == AspNetRolesEnum.PAGE_3)) { userManager.RemoveFromRole(appUser.Id, "PAGE_3"); } store.UpdateAsync(appUser); } return(Request.CreateResponse(HttpStatusCode.OK)); }
public Result <bool> ChangePassword([FromBody] UserPasswordViewModel password) { return(_manager.ChangePassword(_requestAttributes.Id, password)); }
public HttpResponseMessage Post([FromBody] UserPasswordViewModel userViewModel) { return(Post(userViewModel, User)); }