public async Task<IActionResult> ChangePassword(string userName, string hashedPassword, string previousPassword)
{
Console.WriteLine($"person {userName}" );
var user = await _personRepository.GetPersonAsync(userName);
if (user == null)
{
return Ok("User was not found");
}
var dbPreviousPassword = user.HashedPassword;
if (user.ChangePassword.ToLower() == "true")
{
// Check Date
if (!_tokenClass.CheckPasswordDate(user.PasswordExpiration))
{
return Ok("Temporary Password has expired");
}
// Hash password sent in
var usersHashedPassword = _tokenClass.HashString(previousPassword);
//verify against hased password in database
if (!usersHashedPassword.Equals(dbPreviousPassword))
{
return Ok("Password is incorrect");
}
}
else
{
if (!previousPassword.Equals(dbPreviousPassword))
{
return Ok("Password is incorrect");
}
}
// Remove password reset required restriction
user.ChangePassword = "******";
// Change password to user's new password
user.HashedPassword = hashedPassword;
var success = await _personRepository.UpdatePersonAsync(user);
if (success)
{
// send email informing user of password change
var resetPassordBody = _emailHelper.ChangePasswordBody(user);
bool emailResponse = await _emailHelper.SendEmail(user.Name, user.Email, resetPassordBody,
_emailHelper.ChangePasswordSubject());
}
Console.WriteLine($"success {success}" );
return Ok(success);
}