public ActionResult Manage(LocalPasswordModel model) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); ViewBag.HasLocalPassword = hasLocalAccount; ViewBag.ReturnUrl = Url.Action("Manage"); if (hasLocalAccount) { if (ModelState.IsValid) { bool changePasswordSucceeded; try { changePasswordSucceeded = WebSecurity.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword); } catch (Exception) { changePasswordSucceeded = false; } if (changePasswordSucceeded) { return RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess }); } else { ModelState.AddModelError("", "Неправильный текущий пароль или недопустимый новый пароль."); } } } else { ModelState state = ModelState["OldPassword"]; if (state != null) { state.Errors.Clear(); } if (ModelState.IsValid) { try { WebSecurity.CreateAccount(User.Identity.Name, model.NewPassword); return RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess }); } catch (Exception e) { ModelState.AddModelError("", e); } } } return View(model); }
public ActionResult Manage(LocalPasswordModel model) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); ViewBag.HasLocalPassword = hasLocalAccount; ViewBag.ReturnUrl = Url.Action("Manage"); if (hasLocalAccount) { if (ModelState.IsValid) { // ChangePassword will throw an exception rather than return false in certain failure scenarios. bool changePasswordSucceeded; try { changePasswordSucceeded = WebSecurity.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword); } catch (Exception) { changePasswordSucceeded = false; } if (changePasswordSucceeded) { return RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess }); } else { ModelState.AddModelError("", "The current password is incorrect or the new password is invalid."); } } } else { // User does not have a local password so remove any validation errors caused by a missing // OldPassword field ModelState state = ModelState["OldPassword"]; if (state != null) { state.Errors.Clear(); } if (ModelState.IsValid) { try { WebSecurity.CreateAccount(User.Identity.Name, model.NewPassword); return RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess }); } catch (Exception e) { ModelState.AddModelError("", e); } } } // If we got this far, something failed, redisplay form return View(model); }
public ActionResult Manage(LocalPasswordModel model) { //check if the user already has a local account to be managed bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); ViewBag.HasLocalPassword = hasLocalAccount; ViewBag.ReturnUrl = Url.Action("Manage"); if (hasLocalAccount) { if (ModelState.IsValid) { // ChangePassword will throw an exception rather than return false in certain failure scenarios. bool changePasswordSucceeded = false ; //check if chnage password worked try { changePasswordSucceeded = WebSecurity.ChangePassword(User.Identity.Name, Crypto.HashPassword( model.OldPassword), Crypto.HashPassword(model.NewPassword)); } catch (Exception) { changePasswordSucceeded = false; } if (changePasswordSucceeded) { var userId = WebSecurity.GetUserId(User.Identity.Name); if (model.OldPassword != model.NewPassword) { AuditController.AuditEntry(userId, userId, AuditController.MODIFY_USER, "Password", model.OldPassword, model.NewPassword); } //Byte[] hashedBytes = EncryptPassword(model.NewPassword); ////WebSecurity.CreateUserAndAccount(model.Email, model.Password); //User user = db.User.Where(u => u.Email == model.).FirstOrDefault(); ////set hashed password //user.pword = hashedBytes; //db.SaveChanges(); return RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess }); } else { ModelState.AddModelError("", "The current password is incorrect or the new password is invalid."); } } } else { // User does not have a local password so remove any validation errors caused by a missing // OldPassword field ModelState state = ModelState["OldPassword"]; if (state != null) { state.Errors.Clear(); } if (ModelState.IsValid) { try { WebSecurity.CreateAccount(User.Identity.Name, Crypto.HashPassword( model.NewPassword)); return RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess }); } catch (Exception) { ModelState.AddModelError("", String.Format("Unable to create local account. An account with the Name \"{0}\" may already exist.", User.Identity.Name)); } } } // If we got this far, something failed, redisplay form return View(model); }