resolves aspnetboilerplate/aspnetboilerplate#5987

ismcagdas · ismcagdas · commit 3419aa07da0c · 2021-02-13T12:54:47.000+03:00
diff --git a/aspnet-core/src/AbpCompanyName.AbpProjectName.Application/Users/UserAppService.cs b/aspnet-core/src/AbpCompanyName.AbpProjectName.Application/Users/UserAppService.cs
@@ -1,4 +1,5 @@
-﻿using System.Collections.Generic;
+﻿using System;
+using System.Collections.Generic;
 using System.Linq;
 using System.Text.RegularExpressions;
 using System.Threading.Tasks;
@@ -188,43 +189,48 @@ protected virtual void CheckErrors(IdentityResult identityResult)
 
         public async Task<bool> ChangePassword(ChangePasswordDto input)
         {
-            if (_abpSession.UserId == null)
+            await _userManager.InitializeOptionsAsync(AbpSession.TenantId);
+
+            var user = await _userManager.FindByIdAsync(AbpSession.GetUserId().ToString());
+            if (user == null)
             {
-                throw new UserFriendlyException("Please log in before attemping to change password.");
+                throw new Exception("There is no current user!");
             }
-            long userId = _abpSession.UserId.Value;
-            var user = await _userManager.GetUserByIdAsync(userId);
-            var loginAsync = await _logInManager.LoginAsync(user.UserName, input.CurrentPassword, shouldLockout: false);
-            if (loginAsync.Result != AbpLoginResultType.Success)
+            
+            if (await _userManager.CheckPasswordAsync(user, input.CurrentPassword))
             {
-                throw new UserFriendlyException("Your 'Existing Password' did not match the one on record.  Please try again or contact an administrator for assistance in resetting your password.");
+                CheckErrors(await _userManager.ChangePasswordAsync(user, input.NewPassword));
             }
-            if (!new Regex(AccountAppService.PasswordRegex).IsMatch(input.NewPassword))
+            else
             {
-                throw new UserFriendlyException("Passwords must be at least 8 characters, contain a lowercase, uppercase, and number.");
+                CheckErrors(IdentityResult.Failed(new IdentityError
+                {
+                    Description = "Incorrect password."
+                }));
             }
-            user.Password = _passwordHasher.HashPassword(user, input.NewPassword);
-            CurrentUnitOfWork.SaveChanges();
+
             return true;
         }
 
         public async Task<bool> ResetPassword(ResetPasswordDto input)
         {
             if (_abpSession.UserId == null)
             {
-                throw new UserFriendlyException("Please log in before attemping to reset password.");
+                throw new UserFriendlyException("Please log in before attempting to reset password.");
             }
-            long currentUserId = _abpSession.UserId.Value;
-            var currentUser = await _userManager.GetUserByIdAsync(currentUserId);
+            
+            var currentUser = await _userManager.GetUserByIdAsync(_abpSession.GetUserId());
             var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout: false);
             if (loginAsync.Result != AbpLoginResultType.Success)
             {
                 throw new UserFriendlyException("Your 'Admin Password' did not match the one on record.  Please try again.");
             }
+            
             if (currentUser.IsDeleted || !currentUser.IsActive)
             {
                 return false;
             }
+            
             var roles = await _userManager.GetRolesAsync(currentUser);
             if (!roles.Contains(StaticRoleNames.Tenants.Admin))
             {
@@ -235,7 +241,7 @@ public async Task<bool> ResetPassword(ResetPasswordDto input)
             if (user != null)
             {
                 user.Password = _passwordHasher.HashPassword(user, input.NewPassword);
-                CurrentUnitOfWork.SaveChanges();
+                await CurrentUnitOfWork.SaveChangesAsync();
             }
 
             return true;

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,5 @@`
`1`		`-using System.Collections.Generic;`
	`1`	`+using System;`
	`2`	`+using System.Collections.Generic;`
`2`	`3`	`using System.Linq;`
`3`	`4`	`using System.Text.RegularExpressions;`
`4`	`5`	`using System.Threading.Tasks;`
`@@ -188,43 +189,48 @@ protected virtual void CheckErrors(IdentityResult identityResult)`
`188`	`189`
`189`	`190`	`public async Task<bool> ChangePassword(ChangePasswordDto input)`
`190`	`191`	`{`
`191`		`- if (_abpSession.UserId == null)`
	`192`	`+ await _userManager.InitializeOptionsAsync(AbpSession.TenantId);`
	`193`	`+`
	`194`	`+ var user = await _userManager.FindByIdAsync(AbpSession.GetUserId().ToString());`
	`195`	`+ if (user == null)`
`192`	`196`	`{`
`193`		`- throw new UserFriendlyException("Please log in before attemping to change password.");`
	`197`	`+ throw new Exception("There is no current user!");`
`194`	`198`	`}`
`195`		`- long userId = _abpSession.UserId.Value;`
`196`		`- var user = await _userManager.GetUserByIdAsync(userId);`
`197`		`- var loginAsync = await _logInManager.LoginAsync(user.UserName, input.CurrentPassword, shouldLockout: false);`
`198`		`- if (loginAsync.Result != AbpLoginResultType.Success)`
	`199`	`+`
	`200`	`+ if (await _userManager.CheckPasswordAsync(user, input.CurrentPassword))`
`199`	`201`	`{`
`200`		`- throw new UserFriendlyException("Your 'Existing Password' did not match the one on record. Please try again or contact an administrator for assistance in resetting your password.");`
	`202`	`+ CheckErrors(await _userManager.ChangePasswordAsync(user, input.NewPassword));`
`201`	`203`	`}`
`202`		`- if (!new Regex(AccountAppService.PasswordRegex).IsMatch(input.NewPassword))`
	`204`	`+ else`
`203`	`205`	`{`
`204`		`- throw new UserFriendlyException("Passwords must be at least 8 characters, contain a lowercase, uppercase, and number.");`
	`206`	`+ CheckErrors(IdentityResult.Failed(new IdentityError`
	`207`	`+ {`
	`208`	`+ Description = "Incorrect password."`
	`209`	`+ }));`
`205`	`210`	`}`
`206`		`- user.Password = _passwordHasher.HashPassword(user, input.NewPassword);`
`207`		`- CurrentUnitOfWork.SaveChanges();`
	`211`	`+`
`208`	`212`	`return true;`
`209`	`213`	`}`
`210`	`214`
`211`	`215`	`public async Task<bool> ResetPassword(ResetPasswordDto input)`
`212`	`216`	`{`
`213`	`217`	`if (_abpSession.UserId == null)`
`214`	`218`	`{`
`215`		`- throw new UserFriendlyException("Please log in before attemping to reset password.");`
	`219`	`+ throw new UserFriendlyException("Please log in before attempting to reset password.");`
`216`	`220`	`}`
`217`		`- long currentUserId = _abpSession.UserId.Value;`
`218`		`- var currentUser = await _userManager.GetUserByIdAsync(currentUserId);`
	`221`	`+`
	`222`	`+ var currentUser = await _userManager.GetUserByIdAsync(_abpSession.GetUserId());`
`219`	`223`	`var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout: false);`
`220`	`224`	`if (loginAsync.Result != AbpLoginResultType.Success)`
`221`	`225`	`{`
`222`	`226`	`throw new UserFriendlyException("Your 'Admin Password' did not match the one on record. Please try again.");`
`223`	`227`	`}`
	`228`	`+`
`224`	`229`	`if (currentUser.IsDeleted \|\| !currentUser.IsActive)`
`225`	`230`	`{`
`226`	`231`	`return false;`
`227`	`232`	`}`
	`233`	`+`
`228`	`234`	`var roles = await _userManager.GetRolesAsync(currentUser);`
`229`	`235`	`if (!roles.Contains(StaticRoleNames.Tenants.Admin))`
`230`	`236`	`{`
`@@ -235,7 +241,7 @@ public async Task<bool> ResetPassword(ResetPasswordDto input)`
`235`	`241`	`if (user != null)`
`236`	`242`	`{`
`237`	`243`	`user.Password = _passwordHasher.HashPassword(user, input.NewPassword);`
`238`		`- CurrentUnitOfWork.SaveChanges();`
	`244`	`+ await CurrentUnitOfWork.SaveChangesAsync();`
`239`	`245`	`}`
`240`	`246`
`241`	`247`	`return true;`