in src/Unosquare.PassCore.Web/Controllers/PasswordController.cs [66:138]
public async Task<IActionResult> Post([FromBody] ChangePasswordModel model)
{
// Validate the request
if (model == null)
{
_logger.LogWarning("Null model");
return BadRequest(ApiResult.InvalidRequest());
}
if (model.NewPassword != model.NewPasswordVerify)
{
_logger.LogWarning("Invalid model, passwords don't match");
return BadRequest(ApiResult.InvalidRequest());
}
// Validate the model
if (ModelState.IsValid == false)
{
_logger.LogWarning("Invalid model, validation failed");
return BadRequest(ApiResult.FromModelStateErrors(ModelState));
}
// Validate the Captcha
try
{
if (await ValidateRecaptcha(model.Recaptcha).ConfigureAwait(false) == false)
throw new InvalidOperationException("Invalid Recaptcha response");
}
catch (Exception ex)
{
_logger.LogWarning(ex, "Invalid Recaptcha");
return BadRequest(ApiResult.InvalidCaptcha());
}
var result = new ApiResult();
try
{
if (_options.MinimumDistance > 0 &&
_passwordChangeProvider.MeasureNewPasswordDistance(model.CurrentPassword, model.NewPassword) < _options.MinimumDistance)
{
result.Errors.Add(new ApiErrorItem(ApiErrorCode.MinimumDistance));
return BadRequest(result);
}
if (_options.MinimumScore > 0 && Core.EvaluatePassword(model.NewPassword).Score < _options.MinimumScore)
{
result.Errors.Add(new ApiErrorItem(ApiErrorCode.MinimumScore));
return BadRequest(result);
}
var resultPasswordChange = _passwordChangeProvider.PerformPasswordChange(
model.Username,
model.CurrentPassword,
model.NewPassword);
if (resultPasswordChange == null)
return Json(result);
result.Errors.Add(resultPasswordChange);
}
catch (Exception ex)
{
_logger.LogError(ex, "Failed to update password");
result.Errors.Add(new ApiErrorItem(ApiErrorCode.Generic, ex.Message));
}
return BadRequest(result);
}