/// <summary>
/// Save the temporal password in the bdd
/// </summary>
/// <param name="email">User name</param>
/// <param name="temporalPassword">Temporal password</param>
public void SaveTemporalPassword(string email,string temporalPassword)
{
Cotecna.Voc.Business.UserProfile user = null;
using (Business.UsersContext context = new Business.UsersContext())
{
user = context.UserProfiles.FirstOrDefault(x => x.UserName == email);
user.TemporalPassword = temporalPassword;
context.SaveChanges();
}
}
/// <summary>
/// Search and retrieve the user
/// </summary>
/// <param name="email">The name of the user</param>
/// <returns>UserProfile</returns>
public Business.UserProfile GetUser(string email)
{
Cotecna.Voc.Business.UserProfile user = null;
using (Business.UsersContext context = new Business.UsersContext())
{
user = context.UserProfiles.FirstOrDefault(x => x.UserName == email);
}
return user;
}
/// <summary>
/// Resets the user's password using the secret answer.
/// </summary>
/// <param name="userName">The user's clientEmail.</param>
/// <param name="newPassword">The new password defined by the user.</param>
/// <returns>True is the password has been successfully reset.</returns>
private bool ResetPassword(string userName, string newPassword)
{
string resetToken = WebSecurity.GeneratePasswordResetToken(userName);
bool result = WebSecurity.ResetPassword(resetToken, newPassword);
if (result)
{
using (Business.UsersContext context = new Business.UsersContext())
{
var currentUser = context.UserProfiles.FirstOrDefault(x => x.UserName == userName);
currentUser.IsDisclaimerAccepted = false;
context.SaveChanges();
}
}
return result;
}
/// <summary>
/// Verify if is valid the current url
/// </summary>
/// <param name="sentTime">Change password date</param>
/// <param name="userName">User name</param>
/// <returns>bool</returns>
private bool VerifyResetPassword(DateTime sentTime, string userName)
{
bool result = false;
using (Business.UsersContext context = new Business.UsersContext())
{
var query = (from membership in context.Memberships
join user in context.UserProfiles on membership.UserId equals user.UserId
where user.UserName == userName
select membership).FirstOrDefault();
TimeSpan wasChangedAlready = sentTime.ToUniversalTime() - query.PasswordChangedDate.GetValueOrDefault();
result = wasChangedAlready.TotalDays < 0;
}
return result;
}
/// <summary>
/// Compare the temporal password entered by the user with the one saved in the database
/// </summary>
/// <param name="userName">User name</param>
/// <param name="temporalPassword">Temporal password entered by the user</param>
/// <returns>True when it is the same than the one of the database; otherwise false</returns>
private bool CompareTemporalPassword(string userName, string temporalPassword)
{
Business.UserProfile currentUser = null;
using (Business.UsersContext context=new Business.UsersContext())
{
currentUser = context.UserProfiles.FirstOrDefault(x => x.UserName == userName);
}
string tempPasswordSaved = EncryptionHelper.DecryptAes(currentUser.TemporalPassword);
if (String.Equals(tempPasswordSaved, temporalPassword, StringComparison.Ordinal))
return true;
else
return false;
}
