public static async Task ResetForAsync(string sessionToken, string email) { Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod()); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new LogicException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = sessionToken }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.Email.ToLower() == email.ToLower()) .FirstOrDefault(); if (identity == null) { throw new LogicException(ErrorType.InvalidAccount); } identity.AccessFailedCount = 0; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); }
public static async Task ChangePasswordForAsync(string sessionToken, string email, string newPassword) { await Authorization.CheckAuthorizationAsync(sessionToken, MethodBase.GetCurrentMethod(), AccessType.Update).ConfigureAwait(false); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new AuthorizationException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = sessionToken }; var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower()) .ConfigureAwait(false); if (identity == null) { throw new AuthorizationException(ErrorType.InvalidAccount); } identity.AccessFailedCount = 0; identity.Password = newPassword; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); if (login.Identity != null) { var(Hash, Salt) = CreatePasswordHash(newPassword); login.Identity.PasswordHash = Hash; login.Identity.PasswordSalt = Salt; } }
public static async Task ChangePasswordAsync(string sessionToken, string oldPassword, string newPassword) { Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod()); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new LogicException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken }; var identity = identityCtrl.ExecuteQueryById(login.IdentityId); if (identity != null) { if (ComparePasswords(identity.PasswordHash, CalculateHash(oldPassword)) == false) { throw new LogicException(ErrorType.InvalidPassword); } identity.Password = newPassword; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); if (login.Identity != null) { login.Identity.PasswordHash = CalculateHash(newPassword); } } }
public static async Task ChangePasswordAsync(string sessionToken, string oldPassword, string newPassword) { await Authorization.CheckAuthorizationAsync(sessionToken, MethodBase.GetCurrentMethod(), AccessType.Update).ConfigureAwait(false); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new AuthorizationException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken }; var identity = await identityCtrl.ExecuteFirstOrDefaultAsync(e => e.Id == login.IdentityId) .ConfigureAwait(false); if (identity != null) { if (VerifyPasswordHash(oldPassword, identity.PasswordHash, identity.PasswordSalt) == false) { throw new AuthorizationException(ErrorType.InvalidPassword); } identity.Password = newPassword; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); if (login.Identity != null) { var(Hash, Salt) = CreatePasswordHash(newPassword); login.Identity.PasswordHash = Hash; login.Identity.PasswordSalt = Salt; } } }