public async Task <IActionResult> ChangePassword(ChangePasswordViewModel changePassword)
{
try
{
var sequenceData = await sequenceLogic.GetSequenceDataAsync <LoginUpSequenceData>(remove : false);
CheckUpParty(sequenceData);
var loginUpParty = await tenantRepository.GetAsync <LoginUpParty>(sequenceData.UpPartyId);
Func <IActionResult> viewError = () =>
{
changePassword.SequenceString = SequenceString;
changePassword.CssStyle = loginUpParty.CssStyle;
changePassword.EnableCancelLogin = loginUpParty.EnableCancelLogin;
return(View(nameof(ChangePassword), changePassword));
};
if (!ModelState.IsValid)
{
return(viewError());
}
logger.ScopeTrace("Change password post.");
try
{
var user = await userAccountLogic.ChangePasswordUser(changePassword.Email, changePassword.CurrentPassword, changePassword.NewPassword);
if (user.ConfirmAccount && !user.EmailVerified)
{
await accountActionLogic.SendConfirmationEmailAsync(user);
}
var session = await sessionLogic.GetSessionAsync(loginUpParty);
if (session != null && user.UserId != session.UserId)
{
logger.ScopeTrace("Authenticated user and session user do not match.");
// TODO invalid user login
throw new NotImplementedException("Authenticated user and session user do not match.");
}
if (!sequenceData.UserId.IsNullOrEmpty() && user.UserId != sequenceData.UserId)
{
logger.ScopeTrace("Authenticated user and requested user do not match.");
// TODO invalid user login
throw new NotImplementedException("Authenticated user and requested user do not match.");
}
return(await LoginResponseAsync(loginUpParty, GetDownPartyLink(loginUpParty, sequenceData), user, session));
}
catch (UserObservationPeriodException uoex)
{
logger.ScopeTrace(uoex.Message, triggerEvent: true);
ModelState.AddModelError(string.Empty, localizer["Your account is temporarily locked because of too many login attempts. Please wait for a while and try again."]);
}
catch (InvalidPasswordException ipex)
{
logger.ScopeTrace(ipex.Message, triggerEvent: true);
ModelState.AddModelError(nameof(changePassword.CurrentPassword), localizer["Wrong password"]);
}
catch (NewPasswordEqualsCurrentException npeex)
{
logger.ScopeTrace(npeex.Message);
ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["Please use a new password."]);
}
catch (PasswordLengthException plex)
{
logger.ScopeTrace(plex.Message);
ModelState.AddModelError(nameof(changePassword.NewPassword), RouteBinding.CheckPasswordComplexity ?
localizer["Please use {0} characters or more with a mix of letters, numbers and symbols.", RouteBinding.PasswordLength] :
localizer["Please use {0} characters or more.", RouteBinding.PasswordLength]);
}
catch (PasswordComplexityException pcex)
{
logger.ScopeTrace(pcex.Message);
ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["Please use a mix of letters, numbers and symbols"]);
}
catch (PasswordEmailTextComplexityException pecex)
{
logger.ScopeTrace(pecex.Message);
ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["Please do not use the email or parts of it."]);
}
catch (PasswordUrlTextComplexityException pucex)
{
logger.ScopeTrace(pucex.Message);
ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["Please do not use parts of the URL."]);
}
catch (PasswordRiskException prex)
{
logger.ScopeTrace(prex.Message);
ModelState.AddModelError(nameof(changePassword.NewPassword), localizer["The password has previously appeared in a data breach. Please choose a more secure alternative."]);
}
return(viewError());
}
catch (Exception ex)
{
throw new EndpointException($"Change password failed, Name '{RouteBinding.UpParty.Name}'.", ex)
{
RouteBinding = RouteBinding
};
}
}
