/// <summary> /// /// </summary> /// <param name="passwordChangeHistry"></param> /// <param name="newpassword"></param> /// <returns></returns> private bool CheckDuplicatePassword(PasswordChangeHistory passwordChangeHistry, string newpassword) { try { return(PasswordHash.Parse(passwordChangeHistry.Password).CheckPassword(newpassword)); } catch (FormatException) { // HACK: Allow plain text during transition period. return(newpassword == passwordChangeHistry.Password); } }
/// <summary> /// /// </summary> /// <param name="userName"></param> /// <param name="pass"></param> /// <param name="newpassword"></param> /// <returns></returns> public bool updateExpirepassword(string userName, string pass, string newpassword) { Int64 addedDays = 0; Guid? user_level_Id = null; Guid? user_id = null; var connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["iMFASDataServices"].ConnectionString; var conn = new SqlConnection(connectionString); conn.Open(); var command1 = new SqlCommand("select password,isnull(user_level_Id,newId()) user_level_Id,id from user_info where user_id = '" + userName + "'", conn) { CommandTimeout = 600 }; SqlDataReader oReader1 = command1.ExecuteReader(); while (oReader1.Read()) { pass = oReader1["password"].ToString(); user_level_Id = Guid.Parse(oReader1["user_level_Id"].ToString()); user_id = Guid.Parse(oReader1["id"].ToString()); } oReader1.Close(); var enCrypNewpassword = PasswordHash.Create(newpassword).ToString(); var sqlString = "update user_info set password ='******',passWordCreateDate = '" + DateTime.Now + "',isReset = 0 where password = '******' and user_id ='" + userName + "'"; var command = new SqlCommand(sqlString, conn) { CommandTimeout = 600 }; SqlDataReader oReader = command.ExecuteReader(); oReader.Close(); conn.Close(); var PasswordChanges = new PasswordChangeHistory { Id = Guid.NewGuid(), User_Id = user_id, Branch_Id = user_level_Id, Password = enCrypNewpassword, PasswordChangeDate = DateTime.Now, PrevPassword = pass }; ErpContext.PasswordChangeHistorys.Add(PasswordChanges); ErpContext.SaveChanges(); return(true); }