public override bool ChangePassword(string userName, string oldPassword, string newPassword)
{
if (string.IsNullOrEmpty(userName))
{
throw CreateArgumentNullOrEmptyException("userName");
}
if (string.IsNullOrEmpty(oldPassword))
{
throw CreateArgumentNullOrEmptyException("oldPassword");
}
if (string.IsNullOrEmpty(newPassword))
{
throw CreateArgumentNullOrEmptyException("newPassword");
}
using (BlogUnitOfWork context = new BlogUnitOfWork(new ModelContextInit()))
{
dynamic user = context.Users.FirstOrDefault(Usr => Usr.Username == userName);
if (user == null)
{
return false;
}
dynamic hashedPassword = user.Password;
bool verificationSucceeded = (hashedPassword != null && CodeFirstCrypto.VerifyHashedPassword(hashedPassword, oldPassword));
if (verificationSucceeded)
{
user.PasswordFailuresSinceLastSuccess = 0;
}
else
{
int failures = user.PasswordFailuresSinceLastSuccess;
if (failures != -1)
{
user.PasswordFailuresSinceLastSuccess += 1;
user.LastPasswordFailureDate = DateTime.UtcNow;
}
context.SaveChanges();
return false;
}
dynamic newhashedPassword = CodeFirstCrypto.HashPassword(newPassword);
if (newhashedPassword.Length > 128)
{
throw new ArgumentException("Password too long");
}
user.Password = newhashedPassword;
user.PasswordChangedDate = DateTime.UtcNow;
context.SaveChanges();
return true;
}
}
