public async Task <IAccountResponse> ResetPassword(ResetPassword view)
{
try
{
logger.Info($"{ GetType().Name} { ExtensionUtility.GetCurrentMethod() } input : {view.ToJsonString()} UserIPAddress: { _userIPAddress.GetUserIP().Result }");
var userInfo = await _appDbContext.UserInfos.FirstOrDefaultAsync(x => x.UserId == view.UserId);
if (userInfo == null)
{
return(new AccountResponse(new ViewModels.UserRegistration
{
Id = view.UserId,
Success = false,
CustomStatusCode = CustomStatusCode.UserNotExist,
Message = ClientMessageConstant.UserNotFound
}));
}
var passresult = _hashing.ValidatePassword(view.OldPassword, userInfo.Password);
if (!passresult)
{
return(new AccountResponse(new ViewModels.UserRegistration
{
Id = userInfo.UserId,
Success = false,
CustomStatusCode = CustomStatusCode.PasswordIsWrong,
Message = ClientMessageConstant.PasswordIsWrong
}));
}
userInfo.Password = _hashing.CreateHash(view.NewPassword);
await _appDbContext.SaveChangesAsync();
return(new AccountResponse(new ViewModels.UserRegistration
{
Id = userInfo.UserId,
Success = true,
CustomStatusCode = CustomStatusCode.Success,
Message = ClientMessageConstant.PasswordUpdatedSuccessfully
}));
}
catch (System.Exception ex)
{
return(new AccountResponse(new ViewModels.UserRegistration
{
Success = false,
CustomStatusCode = CustomStatusCode.FunctionalError,
Message = ClientMessageConstant.WeAreUnableToProcessYourRequest
}, ex));
}
}
public void TestPasswordHashing()
{
var hashing = new PasswordHashing();
var hashedPassword = hashing.CreateHash("test");
var result = hashing.ValidatePassword("test", hashedPassword);
Assert.IsTrue(result);
}
private void btnChangePass_Click(object sender, EventArgs e)
{
try
{
var passDb = DBC.ExecuteQuery("SELECT \"password\" FROM \"APPUSER\" WHERE " +
$"username = '******';").Rows[0][0].ToString();
if (PasswordHashing.CheckPassword(txtActual.Text, passDb))
{
if (!txtNewPass.Text.Equals(txtNewPass2.Text))
{
MessageBox.Show(@"Las contraseñas nuevas no coinciden",
@"Error", MessageBoxButtons.OK,
MessageBoxIcon.Error, MessageBoxDefaultButton.Button1,
MessageBoxOptions.DefaultDesktopOnly);
}
else
{
var hashedNew = PasswordHashing.CreateHash(txtNewPass.Text);
var command = $"UPDATE \"APPUSER\" SET \"password\" = '{hashedNew}'" +
$" WHERE username = '******';";
DBC.ExecuteNonQuery(command);
MessageBox.Show(@"Contraseña actualizada", @"Completado",
MessageBoxButtons.OK,
MessageBoxIcon.Information, MessageBoxDefaultButton.Button1,
MessageBoxOptions.DefaultDesktopOnly);
}
}
else
{
MessageBox.Show(@"Su contraseña actual no es correcta", @"Error",
MessageBoxButtons.OK,
MessageBoxIcon.Error, MessageBoxDefaultButton.Button1,
MessageBoxOptions.DefaultDesktopOnly);
}
}
catch (Exception exception)
{
MessageBox.Show(exception.Message, @"Error",
MessageBoxButtons.OK,
MessageBoxIcon.Error, MessageBoxDefaultButton.Button1,
MessageBoxOptions.DefaultDesktopOnly);
}
finally
{
txtActual.Text = "";
txtActual_Leave(null, EventArgs.Empty);
txtNewPass.Text = "";
txtNewPass_Leave(null, EventArgs.Empty);
txtNewPass2.Text = "";
txtNewPass2_Leave(null, EventArgs.Empty);
}
}
public UserDTO Create(UserDTO obj, string password, bool transactionEndpoint = true)
{
if (transactionEndpoint)
{
_context.Database.BeginTransaction(IsolationLevel.Serializable);
}
var(hash, salt) = PasswordHashing.CreateHash(password);
//Validate
if (User.Validate(obj))
{
var person = obj.AccountType switch
{
UserRoles.Customer => new CustomerRepository(_context).CreateCustomer(obj.Customer).Entity.Person,
UserRoles.Employee => new EmployeeRepository(_context).CreateEmployee(obj.Employee).Entity.Person,
_ => null,
};
if (person != null)
{
var toAddUser = new User()
{
Username = obj.Username,
Person = person,
PasswordHash = hash,
Salt = salt
};
_context.Add(toAddUser);
_context.SaveChanges();
_context.Entry(toAddUser).GetDatabaseValues();
if (transactionEndpoint)
{
_context.Database.CommitTransaction();
}
return(GetById(toAddUser.Id));
}
}
if (transactionEndpoint)
{
_context.Database.RollbackTransaction();
}
return(null);
}