public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordDto dto) { ChangePasswordDtoValidator validator = new ChangePasswordDtoValidator(); ValidationResult result = await validator.ValidateAsync(dto); if (result.IsValid) { var userId = User.Claims .Single(p => p.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier").Value; var user = await _userManager.FindByIdAsync(userId); #region 驗證密碼 if (!await _userManager.CheckPasswordAsync(user, dto.CurrentPassword)) { result.Errors.Add(new ValidationFailure("currentPassword", "目前密碼錯誤")); return(BadRequest(result.Errors)); } #endregion await using (var transaction = await _dbContext.Database.BeginTransactionAsync()) { try { var oldSecurityStamp = user.SecurityStamp; if (await _userManager.ChangePasswordAsync(user, dto.CurrentPassword, dto.NewPassword) != IdentityResult.Success) { throw new DbUpdateException(); } if (await _userManager.ReplaceClaimAsync(user, new Claim(ClaimTypes.Sid, oldSecurityStamp), new Claim(ClaimTypes.Sid, user.SecurityStamp)) != IdentityResult.Success) { throw new DbUpdateException(); } await transaction.CommitAsync(); } catch (DbUpdateException) { await transaction.RollbackAsync(); throw; } } return(NoContent()); } return(BadRequest(result.Errors)); }
public void Setup() { _validator = new ChangePasswordDtoValidator(); }