/// <summary> /// Change password /// </summary> /// <param name="request">Request</param> /// <returns>Result</returns> /// <remarks></remarks> public virtual PasswordChangeResult ChangePassword(ChangePasswordRequest request) { var result = new PasswordChangeResult(); if (request == null) { result.AddError("The change password request was not valid."); return(result); } if (request.Email.IsNullOrWhiteSpace()) { result.AddError("The email is not entered"); return(result); } if (request.NewPassword.IsNullOrWhiteSpace()) { result.AddError("The password is not entered"); return(result); } var user = GetUserByEmail(request.Email); if (user == null) { result.AddError("The specified email could not be found"); return(result); } var requestIsValid = false; if (request.ValidateRequest) { //password string oldPwd; switch (user.PasswordFormat) { case PasswordFormat.Encrypted: oldPwd = _encryptionService.EncryptText(request.OldPassword); break; case PasswordFormat.Hashed: oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, user.PasswordSalt, _userSettings.HashedPasswordFormat); break; default: oldPwd = request.OldPassword; break; } bool oldPasswordIsValid = oldPwd == user.Password; if (!oldPasswordIsValid) { result.AddError("Old password doesn't match"); } if (oldPasswordIsValid) { requestIsValid = true; } } else { requestIsValid = true; } //at this point request is valid if (requestIsValid) { if (!request.NewPasswordFormat.HasValue) { request.NewPasswordFormat = _userSettings.PasswordFormat; } switch (request.NewPasswordFormat) { case PasswordFormat.Clear: { user.Password = request.NewPassword; } break; case PasswordFormat.Encrypted: { user.Password = _encryptionService.EncryptText(request.NewPassword); } break; case PasswordFormat.Hashed: { string saltKey = _encryptionService.CreateSaltKey(5); user.PasswordSalt = saltKey; user.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _userSettings.HashedPasswordFormat); } break; } user.PasswordFormat = request.NewPasswordFormat.Value; UpdateUser(user); } return(result); }
/// <summary> /// Change password /// </summary> /// <param name="request">Request</param> /// <returns>Result</returns> /// <remarks></remarks> public virtual PasswordChangeResult ChangePassword(ChangePasswordRequest request) { var result = new PasswordChangeResult(); if (request == null) { result.AddError("The change password request was not valid."); return result; } if (request.Email.IsNullOrWhiteSpace()) { result.AddError("The email is not entered"); return result; } if (request.NewPassword.IsNullOrWhiteSpace()) { result.AddError("The password is not entered"); return result; } var user = GetUserByEmail(request.Email); if (user == null) { result.AddError("The specified email could not be found"); return result; } var requestIsValid = false; if (request.ValidateRequest) { //password string oldPwd; switch (user.PasswordFormat) { case PasswordFormat.Encrypted: oldPwd = _encryptionService.EncryptText(request.OldPassword); break; case PasswordFormat.Hashed: oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, user.PasswordSalt, _userSettings.HashedPasswordFormat); break; default: oldPwd = request.OldPassword; break; } bool oldPasswordIsValid = oldPwd == user.Password; if (!oldPasswordIsValid) result.AddError("Old password doesn't match"); if (oldPasswordIsValid) requestIsValid = true; } else requestIsValid = true; //at this point request is valid if (requestIsValid) { if (!request.NewPasswordFormat.HasValue) request.NewPasswordFormat = _userSettings.PasswordFormat; switch (request.NewPasswordFormat) { case PasswordFormat.Clear: { user.Password = request.NewPassword; } break; case PasswordFormat.Encrypted: { user.Password = _encryptionService.EncryptText(request.NewPassword); } break; case PasswordFormat.Hashed: { string saltKey = _encryptionService.CreateSaltKey(5); user.PasswordSalt = saltKey; user.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _userSettings.HashedPasswordFormat); } break; } user.PasswordFormat = request.NewPasswordFormat.Value; UpdateUser(user); } return result; }