示例#1
0
        public async Task<IActionResult> ChangePassword(string userName, string hashedPassword, string previousPassword) 
        {
            Console.WriteLine($"person {userName}" );

            var user = await _personRepository.GetPersonAsync(userName);
            if (user == null)
            {
                return Ok("User was not found");
            }

            var dbPreviousPassword = user.HashedPassword;

            if (user.ChangePassword.ToLower() == "true")
            {
                // Check Date
                if (!_tokenClass.CheckPasswordDate(user.PasswordExpiration))
                {
                    return Ok("Temporary Password has expired");
                }

                // Hash password sent in
                var usersHashedPassword = _tokenClass.HashString(previousPassword);
                //verify against hased password in database
                if (!usersHashedPassword.Equals(dbPreviousPassword))
                {
                    return Ok("Password is incorrect");
                }

            }
            else
            {
                if (!previousPassword.Equals(dbPreviousPassword))
                {
                    return Ok("Password is incorrect");
                }
            }

            // Remove password reset required restriction
            user.ChangePassword = "******";

            // Change password to user's new password
            user.HashedPassword = hashedPassword;

            var success = await _personRepository.UpdatePersonAsync(user);

            if (success)
            {
                // send email informing user of password change
                var resetPassordBody = _emailHelper.ChangePasswordBody(user);
                bool emailResponse = await _emailHelper.SendEmail(user.Name, user.Email, resetPassordBody, 
                    _emailHelper.ChangePasswordSubject());
            }

            Console.WriteLine($"success {success}" );
            return Ok(success);
        }