public AuthResult Authenticate(string phoneNumber, string password)
{
AuthResult result = AuthResult.WrongCreadentials;
User user = _usersRepository.GetUserByPhone(phoneNumber);
if (user != null)
{
bool isPasswordValid = _passwordValidator.IsPasswordValid(password, user);
bool hasRights = _passwordValidator.HasRights(user);
if (isPasswordValid && hasRights)
{
FormsAuthentication.SetAuthCookie(phoneNumber, false);
CurrentUser.Instance.Name = user.Username;
result = AuthResult.Success;
}
else
{
if (isPasswordValid)
{
result = AuthResult.NoRights;
}
}
}
return(result);
}
public ActionResult PasswordChange(ChangePasswordModel model)
{
User authentacatedUser = _userRepository.GetUserByPhone(User.Identity.Name);
if (authentacatedUser != null)
{
string error;
if (_passwordValidator.IsPasswordValid(model.OldPassword, authentacatedUser))
{
if (model.IsValid(out error))
{
authentacatedUser.Password = _passwordEncryptor.EncryptPassword(model.Password);
_userRepository.SaveChanges();
TempData["message"] = Translation.Translation.UserDataSavedMessage;
}
else
{
ModelState.AddModelError("", error);
}
}
else
{
error = Translation.Translation.ProfileOldPasswordIsNotCorrectMessage;
ModelState.AddModelError("", error);
}
return(View(model));
}
else
{
throw new Exception(Translation.Translation.AccessIsDeniedMessage);
}
}