Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public void ChangePassword(string username, string oldPassword, string newPassword)
- {
- var hashedOld = PasswordHelper.Encode(oldPassword);
- var user = db.Users.Where(u => u.Username == username && u.Password == hashedOld);
- if (user == null)
- {
- throw new UnauthorizedException();
- }
- PasswordHelper.Validate(newPassword);
- var hashedNew = PasswordHelper.Encode(newPassword);
- var duplicatePassword = user.PasswordHistory.FirstOrDefault(p => p.Value == hashedNew);
- if (duplicatePassword != null)
- {
- throw new InvalidPasswordException();
- }
- if (user.PasswordHistory.Count >= 5)
- {
- user.PasswordHistory.Remove(user.PasswordHistory.OrderBy(p => p.Date).FirstOrDefault());
- }
- user.PasswodHistory.Add(new PasswordEntry
- {
- Date = DateTimeOffset.UtcNow,
- Value = user.Password
- });
- user.Password = hashedNew;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement