示例#1
0
        public async Task <IActionResult> ChangePassword(changePasswordViewModel model)
        {
            if (ModelState.IsValid)
            {
                var account = await adminsService.GetAdminById(sessionService.User.Id);

                if (account != null)
                {
                    var password = hasherService.ComputeSha256Hash(model.CurrentPassword);
                    if (password == account.Password)
                    {
                        account.Password = hasherService.ComputeSha256Hash(model.NewPassword);

                        await adminsService.Update(account);

                        TempData[Constants.ChangePasswordSuccessMessage] = Messages.EditSuccess;
                        return(View());
                    }
                    else
                    {
                        TempData[Constants.ChangePasswordErrorMessage] = Messages.InCorrectPassword;
                        return(View(model));
                    }
                }
                else
                {
                    return(RedirectToAction(nameof(AccessDenied)));
                }
            }
            return(View(model));
        }
        public JsonResult ChangePassword(changePasswordViewModel changePasswordViewModel)
        {
            LoginResponse response = new LoginResponse();
            // Getting user data from DB.
            Admin user = _UnitOfWork.IAdminRepository.RetrieveAll().Where(u => u.AdminID == changePasswordViewModel.UserID).FirstOrDefault();

            // Validation of passwords.
            if (string.IsNullOrEmpty(changePasswordViewModel.OldPassword))
            {
                response.Errors.Add(new LAMPError(LAMPConstants.MSG_CURRENT_PASSWORD.ToString(), ResourceHelper.GetStringResource(LAMPConstants.MSG_CURRENT_PASSWORD)));
            }
            else if (user != null)
            {
                string currentPassword = CryptoUtil.DecryptStringWithKey(user.Password);
                if (!currentPassword.Equals(changePasswordViewModel.OldPassword.Trim()))
                {
                    response.Errors.Add(new LAMPError(LAMPConstants.MSG_WRONG_OLD_PASSWORD.ToString(), ResourceHelper.GetStringResource(LAMPConstants.MSG_WRONG_OLD_PASSWORD)));
                }
            }
            else if (user == null)
            {
                response.Errors.Add(new LAMPError(LAMPConstants.MSG_INVALID_USER.ToString(), ResourceHelper.GetStringResource(LAMPConstants.MSG_INVALID_USER)));
            }

            if (string.IsNullOrEmpty(changePasswordViewModel.NewPassword))
            {
                response.Errors.Add(new LAMPError(ResourceHelper.GetStringResource(LAMPConstants.MSG_NEW_PASSWORD), ResourceHelper.GetStringResource(LAMPConstants.MSG_SPECIFY_NEW_PASSWORD)));
            }
            else if (changePasswordViewModel.OldPassword != null && changePasswordViewModel.OldPassword.CompareTo(changePasswordViewModel.NewPassword) == 0)
            {
                response.Errors.Add(new LAMPError(ResourceHelper.GetStringResource(LAMPConstants.MSG_NEW_PASSWORD), ResourceHelper.GetStringResource(LAMPConstants.MSG_SPECIFY_DIFFERENT_PASSWORDS)));
            }

            if (string.IsNullOrEmpty(changePasswordViewModel.ConfirmPassword))
            {
                response.Errors.Add(new LAMPError(ResourceHelper.GetStringResource(LAMPConstants.MSG_CONFIRM_PASSWORD), ResourceHelper.GetStringResource(LAMPConstants.MSG_SPECIFY_CONFIRM_PASSWORD)));
            }
            if (changePasswordViewModel.NewPassword != null && changePasswordViewModel.ConfirmPassword != null)
            {
                if (changePasswordViewModel.NewPassword != changePasswordViewModel.ConfirmPassword)
                {
                    response.Errors.Add(new LAMPError(ResourceHelper.GetStringResource(LAMPConstants.MSG_CONFIRM_PASSWORD), ResourceHelper.GetStringResource(LAMPConstants.MSG_SPECIFY_SAME_PASSWORDS)));
                }
            }

            ResetPasswordViewModel resetPasswordViewModel = new ResetPasswordViewModel();

            resetPasswordViewModel.AdminID         = user.AdminID.ToString();
            resetPasswordViewModel.Email           = user.Email;
            resetPasswordViewModel.Password        = changePasswordViewModel.NewPassword;
            resetPasswordViewModel.ConfirmPassword = changePasswordViewModel.ConfirmPassword;
            // Updating newly changed login password.
            if (response.Errors.Count == 0)
            {
                response = _adminService.ResetPassword(resetPasswordViewModel);
            }
            return(Json(response));
        }
        public async Task <IActionResult> changePassword(changePasswordViewModel model)
        {
            try
            {
                if (ModelState.IsValid)
                {
                    var user = await _userManager.FindByIdAsync(model.id);

                    if (user == null)
                    {
                        return(BadRequest("user id is not assigned"));
                    }
                    var result = await _userManager.ChangePasswordAsync(user, model.currentPassword, model.newPassword);

                    if (!result.Succeeded)
                    {
                        foreach (var error in result.Errors)
                        {
                            ModelState.AddModelError(string.Empty, error.Description);
                        }
                        return(Ok());
                    }
                    await _singInManager.RefreshSignInAsync(user);

                    var tokenDescriptor = new SecurityTokenDescriptor
                    {
                        Subject = new ClaimsIdentity(new Claim[]
                        {
                            new Claim("UserID", user.Id.ToString())
                        }),
                        Expires            = DateTime.UtcNow.AddDays(1),
                        SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSettings.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature)
                    };
                    var tokenHandler  = new JwtSecurityTokenHandler();
                    var securityToken = tokenHandler.CreateToken(tokenDescriptor);
                    var token         = tokenHandler.WriteToken(securityToken);
                    var response      = new { token };
                    var json          = JsonConvert.SerializeObject(response);
                    return(new OkObjectResult(json));
                }
                else
                {
                    return(BadRequest(ModelState));
                }
            }
            catch (Exception ex)
            {
                logger.Error(ex.ToString());
                logger.Warning(ex.StackTrace);
                DTO dto = new DTO()
                {
                    success = false,
                    message = "change Password process has failed"
                };
                return(BadRequest(dto));
            }
        }