public ActionResult ChangePassword(ChangePasswordViewModel cpvm) { if (Session["User"] == null) { return RedirectToAction("LoginPage", "Application"); } else if (cpvm.id != Convert.ToInt32(Session["User"])) { return RedirectToAction("LoggedInProfile"); } else if (!this.ModelState.IsValid) { return View(cpvm); } else { if (!cpvm.new_password.Equals(cpvm.confirm_password)) { this.ModelState.AddModelError("new_password", "Mismatch."); this.ModelState.AddModelError("confirm_password", "Mismatch."); } Account a = db.Accounts.Find(Session["User"]); if (a == null) { this.ModelState.AddModelError("password", "Error"); } if (!BCrypt.Net.BCrypt.Verify(cpvm.old_password, Encoding.UTF8.GetString(a.password))) { this.ModelState.AddModelError("old_password", "Error"); } if (this.ModelState.IsValid) { a.password = Encoding.UTF8.GetBytes(BCrypt.Net.BCrypt.HashPassword(cpvm.new_password, BCrypt.Net.BCrypt.GenerateSalt(10))); db.SaveChanges(); return RedirectToAction("LoggedInProfile", "Application"); } else { return View(cpvm); } } }
private ChangePasswordViewModel GenerateChangePasswordViewModel() { ChangePasswordViewModel cpvm = new ChangePasswordViewModel(); cpvm.id = Convert.ToInt32(Session["User"]); return cpvm; }