public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var email = User.Identity.GetUserId();
if (_authRepository.Validate(email, model.OldPassword))
{
var result = _authRepository.ResetPassword(email, model.NewPassword);
if (result.Success)
{
return(RedirectToAction("PasswordChangeSuccess"));
}
ModelState.AddModelError("", result.Message);
}
else
{
// 'Old Password' was incorrect
var user = _authRepository.GetUserAccount(email);
if (user.LockoutEnabled)
{
if (user.AccessFailedCount == 4)
{
// Lock the account for 5 minutes
_authRepository.LockAccount(user.Email);
HttpContext.GetOwinContext().Authentication.SignOut();
return(RedirectToAction("Index", "Home"));
}
else
{
// Increment the failed attempt count
_authRepository.FailedPasswordAttempt(user.Email, user.AccessFailedCount + 1);
ModelState.AddModelError("", "Password change failed!");
}
}
}
return(View(model));
}
