public async Task <IActionResult> ResetPassword(int id, [FromBody] PasswordPayload payload)
{
if (ValidateToken(payload.Token) is BadRequestResult)
{
return(BadRequest());
}
var user = _userService.FindById(id);
user.Salt = _helperService.CreateSalt();
user.Password = _helperService.Hash(payload.Password, user.Salt);
await _unitOfWork.SaveChangesAsync();
return(Ok());
}
public async Task <IActionResult> ChangePassword([FromBody] PasswordPayload payload)
{
if (string.IsNullOrEmpty(payload.NewPassword))
{
return(BadRequest());
}
var user = _userService.FindById(CurrentUserId);
if (user == null || user.Password != _helperService.Hash(payload.Password, user.Salt))
{
return(StatusCode(StatusCodes.Status401Unauthorized, "Invalid email or password!"));
}
user.Salt = _helperService.CreateSalt();
user.Password = _helperService.Hash(payload.NewPassword, user.Salt);
await _unitOfWork.SaveChangesAsync();
return(Ok());
}