public async Task <IdentityResult> EditPassword(ClaimsPrincipal user, PasswordBindingModel model)
{
var dbUser = await this.userManager.GetUserAsync(user);
var result = await this.userManager.ChangePasswordAsync(dbUser, model.CurrentPassword, model.NewPassword);
return(result);
}
public void SaltsPasswordWithUsernameAndStoresToPasswordProperty()
{
var binder = new PasswordPropertyBinder();
var model = new PasswordBindingModel {Username = "******", Password = "******"};
var expectedHashedPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(model.Password + model.Username, "SHA1");
var context = new Mock<IBindingContext>();
var contextValues = new Mock<IContextValues>();
context.SetupGet(x => x.Object).Returns(model);
context.SetupGet(x => x.Data).Returns(contextValues.Object);
contextValues.Setup(x => x.ValueAs<string>("Username")).Returns(model.Username);
contextValues.Setup(x => x.ValueAs<string>("Password")).Returns(model.Password);
binder.Bind(typeof(PasswordBindingModel).GetProperty("Password"), context.Object);
model.Password.ShouldEqual(expectedHashedPassword);
}
public async Task <ActionResult> ChangePassword(PasswordBindingModel model)
{
if (!this.ModelState.IsValid)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
User user = this.GetUserNoAdditionalParameters();
var result = await this.UserManager
.ChangePasswordAsync(user.Id, model.Password, model.NewPassword);
if (!result.Succeeded)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
return(new HttpStatusCodeResult(HttpStatusCode.OK));
}
public async Task <IActionResult> EditPassword(PasswordBindingModel model)
{
if (ModelState.IsValid == false)
{
this.AddStatusMessage(ModelState);
}
else
{
var result = await this.userSecurityService.EditPassword(this.User, model);
if (result.Succeeded == false)
{
this.AddStatusMessage(result);
}
else
{
this.AddStatusMessage(ControllerConstats.MessagePasswordUpdated, ControllerConstats.MessageTypeSuccess);
}
}
return(RedirectToAction("Index"));
}
public ActionResult Settings(PasswordBindingModel model)
{
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
ViewBag.HasLocalPassword = hasLocalAccount;
ViewBag.ReturnUrl = Url.Action("settings");
if (hasLocalAccount)
{
if (ModelState.IsValid)
{
// ChangePassword will throw an exception rather than return false in certain failure scenarios.
bool changePasswordSucceeded;
try
{
changePasswordSucceeded = WebSecurity.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword);
}
catch (Exception)
{
changePasswordSucceeded = false;
}
if (changePasswordSucceeded)
{
return(RedirectToAction("settings", new RouteValueDictionary {
{ "message", AccountOperation.ChangePasswordSuccess }
}));
}
else
{
ModelState.AddModelError(string.Empty, IdentityAppResources.Account_PasswordError);
}
}
}
else
{
// User does not have a local password so remove any validation errors caused by a missing OldPassword field.
var state = ModelState["OldPassword"];
if (state != null)
{
state.Errors.Clear();
}
if (ModelState.IsValid)
{
try
{
WebSecurity.CreateAccount(User.Identity.Name, model.NewPassword);
return(RedirectToAction("settings", new RouteValueDictionary {
{ "message", AccountOperation.SetPasswordSuccess }
}));
}
catch (Exception e)
{
ModelState.AddModelError(string.Empty, e);
}
}
}
return(View(model));
}
