public static async Task ResetForAsync(string sessionToken, string email)
{
Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod());
var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false)
?? throw new LogicException(ErrorType.InvalidToken);
using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext())
{
SessionToken = sessionToken
};
var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active &&
e.Email.ToLower() == email.ToLower())
.FirstOrDefault();
if (identity == null)
{
throw new LogicException(ErrorType.InvalidAccount);
}
identity.AccessFailedCount = 0;
await identityCtrl.UpdateAsync(identity).ConfigureAwait(false);
await identityCtrl.SaveChangesAsync().ConfigureAwait(false);
}
public static async Task ChangePasswordForAsync(string sessionToken, string email, string newPassword)
{
await Authorization.CheckAuthorizationAsync(sessionToken, MethodBase.GetCurrentMethod(), AccessType.Update).ConfigureAwait(false);
var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false)
?? throw new AuthorizationException(ErrorType.InvalidToken);
using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext())
{
SessionToken = sessionToken
};
var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.State == Contracts.Modules.Common.State.Active &&
e.AccessFailedCount < 4 &&
e.Email.ToLower() == email.ToLower())
.ConfigureAwait(false);
if (identity == null)
{
throw new AuthorizationException(ErrorType.InvalidAccount);
}
identity.AccessFailedCount = 0;
identity.Password = newPassword;
await identityCtrl.UpdateAsync(identity).ConfigureAwait(false);
await identityCtrl.SaveChangesAsync().ConfigureAwait(false);
if (login.Identity != null)
{
var(Hash, Salt) = CreatePasswordHash(newPassword);
login.Identity.PasswordHash = Hash;
login.Identity.PasswordSalt = Salt;
}
}
public static async Task ChangePasswordAsync(string sessionToken, string oldPassword, string newPassword)
{
Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod());
var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false)
?? throw new LogicException(ErrorType.InvalidToken);
using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext())
{
SessionToken = Authorization.SystemAuthorizationToken
};
var identity = identityCtrl.ExecuteQueryById(login.IdentityId);
if (identity != null)
{
if (ComparePasswords(identity.PasswordHash, CalculateHash(oldPassword)) == false)
{
throw new LogicException(ErrorType.InvalidPassword);
}
identity.Password = newPassword;
await identityCtrl.UpdateAsync(identity).ConfigureAwait(false);
await identityCtrl.SaveChangesAsync().ConfigureAwait(false);
if (login.Identity != null)
{
login.Identity.PasswordHash = CalculateHash(newPassword);
}
}
}
public static async Task ChangePasswordAsync(string sessionToken, string oldPassword, string newPassword)
{
await Authorization.CheckAuthorizationAsync(sessionToken, MethodBase.GetCurrentMethod(), AccessType.Update).ConfigureAwait(false);
var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false)
?? throw new AuthorizationException(ErrorType.InvalidToken);
using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext())
{
SessionToken = Authorization.SystemAuthorizationToken
};
var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.Id == login.IdentityId)
.ConfigureAwait(false);
if (identity != null)
{
if (VerifyPasswordHash(oldPassword, identity.PasswordHash, identity.PasswordSalt) == false)
{
throw new AuthorizationException(ErrorType.InvalidPassword);
}
identity.Password = newPassword;
await identityCtrl.UpdateAsync(identity).ConfigureAwait(false);
await identityCtrl.SaveChangesAsync().ConfigureAwait(false);
if (login.Identity != null)
{
var(Hash, Salt) = CreatePasswordHash(newPassword);
login.Identity.PasswordHash = Hash;
login.Identity.PasswordSalt = Salt;
}
}
}