public async Task <IHttpActionResult> PutPassword(string id, AppUserDTOPassword user)
{
if (!id.Equals(user.Id))
{
logger.Info("Id does not match, put Password, account controller");
return(BadRequest("Id not match"));
}
logger.Info("Accessing user service for password update, account controller, put password");
AppUserDTOOutPass appUserPassChanged = await service.UpdatePassword(id, user);
return(Ok(appUserPassChanged));
}
public async Task <AppUserDTOOutPass> UpdatePassword(string id, AppUserDTOPassword userPass)
{
logger.Info($"Accessing db over auth repo, find user by id {id}, user service, update password");
AppUser user = await db.AuthRepository.FindUserById(id);
if (user == null)
{
logger.Info("Throwing an user not found exception, no user found update password, user service");
throw new UserNotFoundException($"User with ID {id} does not exists.");
}
logger.Info($"User with username {user.UserName} trying to change password, hashing of new password");
string newPassHashed = Utilities.HashPass.HashedPassword(userPass.NewPassword);
if (Utilities.HashPass.VerifyHashedPassword(user.PasswordHash, userPass.OldPassword))
{
user.PasswordHash = newPassHashed;
}
else
{
logger.Info("Wrong old password, update password, user service");
throw new BadRequestException("Wrong password");
}
logger.Info($"Updating user {user.UserName} with new password, update password, user service");
var result = await db.AuthRepository.UpdateUser(user);
if (!result.Succeeded)
{
logger.Info("Update has failed, result not succeeded, user service");
return(null);
}
logger.Info("Getting updated user with auth repository");
var userUpdated = await db.AuthRepository.FindUserById(user.Id);
logger.Info("Converting user to AppUser dto");
AppUserDTOOutPass userDTO = Utilities.ConverterDTO.SimpleDTOConverter <AppUserDTOOutPass>(userUpdated);
return(userDTO);
}
