public void UpdateCustomerPassword(string username, string oldPassword, string newPassword) { Customer customer = AuthoriseRequest(); if (customer.CustomerUsername == username) { if (PasswordHash.Hash(oldPassword, customer.Salt) != customer.CustomerPassword) { throw new ApplicationException("The existing password did not match when attempting a password update."); } else { logger.Debug("Updating customer password for " + customer.CustomerUsername); //customer.CustomerPassword = newPassword; // Hash the password. string salt = PasswordHash.GenerateSalt(); customer.CustomerPassword = PasswordHash.Hash(newPassword, salt); customer.Salt = salt; CRMCustomerPersistor.Update(customer); } } else { throw new ApplicationException("You are not authorised to update customer password for username " + username + "."); } }
public void UpdateCustomer(Customer updatedCustomer) { Customer customer = AuthoriseRequest(); if (customer.CustomerUsername == updatedCustomer.CustomerUsername) { logger.Debug("Updating customer details for " + customer.CustomerUsername); customer.FirstName = updatedCustomer.FirstName; customer.LastName = updatedCustomer.LastName; customer.EmailAddress = updatedCustomer.EmailAddress; customer.SecurityQuestion = updatedCustomer.SecurityQuestion; customer.SecurityAnswer = updatedCustomer.SecurityAnswer; customer.City = updatedCustomer.City; customer.Country = updatedCustomer.Country; customer.WebSite = updatedCustomer.WebSite; customer.TimeZone = updatedCustomer.TimeZone; string validationError = Customer.ValidateAndClean(customer); if (validationError != null) { throw new ApplicationException(validationError); } CRMCustomerPersistor.Update(customer); } else { throw new ApplicationException("You are not authorised to update customer for username " + updatedCustomer.CustomerUsername + "."); } }