Merge pull request #1223 from TechnologyEnhancedLearning/Develop/Fixes/TD-5708-FileUpload-Password-issue

swapnamol-abraham · web-flow · commit 50adea1695b8 · 2025-06-27T15:27:31.000+01:00
TD-5708: Password validation is failing for the users with password '&amp;;
diff --git a/LearningHub.Nhs.WebUI/Controllers/Api/UserController.cs b/LearningHub.Nhs.WebUI/Controllers/Api/UserController.cs
@@ -102,13 +102,13 @@ public async Task<ActionResult> CheckUserRole()
         /// <summary>
         /// to check user password is correct.
         /// </summary>
-        /// <param name="currentPassword">The currentPassword.</param>
+        /// <param name="password">The currentPassword.</param>
         /// <returns>The <see cref="Task{ActionResult}"/>.</returns>
-        [HttpGet]
-        [Route("ConfirmPassword/{currentPassword}")]
-        public async Task<ActionResult> ConfirmPassword(string currentPassword)
+        [HttpPost]
+        [Route("ConfirmPassword")]
+        public async Task<ActionResult> ConfirmPassword([FromBody] PasswordUpdateModel password)
         {
-            string passwordHash = this.userService.Base64MD5HashDigest(currentPassword);
+            string passwordHash = this.userService.Base64MD5HashDigest(password.PasswordHash);
             var userPersonalDetails = await this.userService.GetCurrentUserPersonalDetailsAsync();
             if (userPersonalDetails != null && userPersonalDetails.PasswordHash == passwordHash)
             {
diff --git a/LearningHub.Nhs.WebUI/Scripts/vuesrc/data/user.ts b/LearningHub.Nhs.WebUI/Scripts/vuesrc/data/user.ts
@@ -67,16 +67,15 @@ const IsSystemAdmin = async function (): Promise<boolean[]> {
 };
 
 const IsValidUser = async function (currentPassword: string): Promise<boolean[]> {
-    let encodedPassword = encodeURIComponent(currentPassword);
-    var IsValidUser = `/api/User/ConfirmPassword/${encodedPassword}`;
-    return await AxiosWrapper.axios.get<boolean[]>(IsValidUser)
-        .then(response => {
-            return response.data;
-        })
-        .catch(e => {
-            console.log('IsValidUser:' + e);
-            throw e;
+    try {
+        const response = await AxiosWrapper.axios.post<boolean[]>('/api/User/ConfirmPassword', {
+            PasswordHash: currentPassword
         });
+        return response.data;
+    } catch (e) {
+        console.error('IsValidUser:', e);
+        throw e;
+    }
 };
 
 const getCurrentUserBasicDetails = async function (): Promise<UserBasicModel> {
