diff --git a/PlexRequests.Core/UserMapper.cs b/PlexRequests.Core/UserMapper.cs index 3c15d548e..8a4e491a5 100644 --- a/PlexRequests.Core/UserMapper.cs +++ b/PlexRequests.Core/UserMapper.cs @@ -151,7 +151,7 @@ namespace PlexRequests.Core var passwordMatch = PasswordHasher.VerifyPassword(oldPassword, userToChange.Salt, userToChange.Hash); if (!passwordMatch) { - throw new SecurityException("Password does not match"); + throw new SecurityException("Incorrect password."); } var newSalt = PasswordHasher.GenerateSalt(); diff --git a/PlexRequests.UI/Modules/LoginModule.cs b/PlexRequests.UI/Modules/LoginModule.cs index 0099a9ec2..00c4e0b4a 100644 --- a/PlexRequests.UI/Modules/LoginModule.cs +++ b/PlexRequests.UI/Modules/LoginModule.cs @@ -1,4 +1,5 @@ #region Copyright + // /************************************************************************ // Copyright (c) 2016 Jamie Rees // File: LoginModule.cs @@ -23,10 +24,12 @@ // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. // ************************************************************************/ + #endregion + using System; using System.Dynamic; - +using System.Security; using Nancy; using Nancy.Authentication.Forms; using Nancy.Extensions; @@ -43,7 +46,8 @@ namespace PlexRequests.UI.Modules { public class LoginModule : BaseModule { - public LoginModule(ISettingsService pr, ICustomUserMapper m, IResourceLinker linker) : base(pr) + public LoginModule(ISettingsService pr, ICustomUserMapper m, IResourceLinker linker) + : base(pr) { UserMapper = m; Get["/login"] = _ => @@ -81,7 +85,10 @@ namespace PlexRequests.UI.Modules if (userId == null) { - return Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl) ? $"~/{BaseUrl}/login?error=true&username=" + username : "~/login?error=true&username=" + username); + return + Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl) + ? $"~/{BaseUrl}/login?error=true&username=" + username + : "~/login?error=true&username=" + username); } DateTime? expiry = null; if (Request.Form.RememberMe.HasValue) @@ -113,7 +120,10 @@ namespace PlexRequests.UI.Modules var exists = UserMapper.DoUsersExist(); if (exists) { - return Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl) ? $"~/{BaseUrl}/register?error=true" : "~/register?error=true"); + return + Context.GetRedirect(!string.IsNullOrEmpty(BaseUrl) + ? $"~/{BaseUrl}/register?error=true" + : "~/register?error=true"); } var userId = UserMapper.CreateAdmin(username, Request.Form.Password); Session[SessionKeys.UsernameKey] = username; @@ -123,6 +133,7 @@ namespace PlexRequests.UI.Modules Get["/changepassword"] = _ => ChangePassword(); Post["/changepassword"] = _ => ChangePasswordPost(); } + private ICustomUserMapper UserMapper { get; } private Negotiator ChangePassword() @@ -148,14 +159,20 @@ namespace PlexRequests.UI.Modules { return Response.AsJson(new JsonResponseModel { Message = "The passwords do not match", Result = false }); } + try + { + var result = UserMapper.UpdatePassword(username, oldPass, newPassword); + if (result) + { + return Response.AsJson(new JsonResponseModel { Message = "Password has been changed!", Result = true }); + } - var result = UserMapper.UpdatePassword(username, oldPass, newPassword); - if (result) + return Response.AsJson(new JsonResponseModel { Message = "Could not update the password in the database", Result = false }); + } + catch (SecurityException e) { - return Response.AsJson(new JsonResponseModel { Message = "Password has been changed!", Result = true }); + return Response.AsJson(new JsonResponseModel { Message = e.ToString(), Result = false }); } - - return Response.AsJson(new JsonResponseModel { Message = "Could not update the password in the database", Result = false }); } } } \ No newline at end of file