public ActionResult ResetPassword(AHP.Core.DTO.ExternalUserInfo userInfo)
{
//email template needs these details {CopyrightYear}{ServerUrl}{RandomPassword}{Username}
//should check email address and also reset his password and also force change pwd on first logon
GenericAjaxResponse <bool> response = new GenericAjaxResponse <bool>();
try
{
if (string.IsNullOrEmpty(userInfo.Username))
{
response.Success = false;
response.Errors.Add("Username is required");
return(Json(response));
}
if (string.IsNullOrEmpty(userInfo.Email))
{
response.Success = false;
response.Errors.Add("Email is required");
return(Json(response));
}
//reset password from admin will always force user to set new password on logon
response = _restClient.ResetPassword(userInfo.Username, userInfo.Email, true);
if (response == null)
{
response = new GenericAjaxResponse <bool>();
response.Success = false;
response.Errors.Add("An error occurred. Please try again.");
}
}
catch (Exception ex)
{
_logger.Error("Error occurred resetting user password", ex);
response.Success = false;
response.Errors.Add("Error occurred. Please try again");
}
return(Json(response));
}
public ActionResult AnswerSecurityQuestions(ViewModel.UserQuestionsViewmodel securityQuestions, string username)
{
try
{
if (string.IsNullOrEmpty(username))
{
return(RedirectToAction("ResetPassword", "AccountRecovery", routeValues: new { id = "user-does-not-exist" }));
}
ViewBag.Username = username;
if (!ModelState.IsValid)
{
if (securityQuestions == null)
{
return(RedirectToAction("ResetPassword", "AccountRecovery", routeValues: new { id = "invalid-user-input" }));
}
else
{
securityQuestions.SecurityQuestions = new List <string>();
//Get security questions for the user.
GenericAjaxResponse <List <AHP.Core.DTO.UserSecurityOption> > apiResponse = _restClient.GetSecurityQuestionsForUser(username);
//only two questions need to be present and user should also be present
if (apiResponse.Success && apiResponse.Data != null && apiResponse.Data.Count == 3)
{
securityQuestions.SecurityQuestions.AddRange(apiResponse.Data.Select(ques => ques.Question));
}
else
{
ModelState.AddModelError(string.Empty, apiResponse.Errors[0]);
}
return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions));
}
}
List <AHP.Core.DTO.UserSecurityOption> usrSecurityQuestions = new List <Core.DTO.UserSecurityOption>();
usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption()
{
Answer = securityQuestions.PrimaryProvidedAnswer,
Question = securityQuestions.PrimarySelectedQuestion
});
usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption()
{
Answer = securityQuestions.SecondaryProvidedAnswer,
Question = securityQuestions.SecondarySelectedQuestion
});
usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption()
{
Answer = securityQuestions.ThirdProvidedAnswer,
Question = securityQuestions.ThirdSelectedQuestion
});
GenericAjaxResponse <bool> resetPwdResponse = _restClient.ResetPassword(username, usrSecurityQuestions);
if (resetPwdResponse.Success && resetPwdResponse.Data)
{
return(View("~/Views/AccountRecovery/PasswordResetSuccess.cshtml"));
}
string errMessage = resetPwdResponse.Errors[0];
if (!string.IsNullOrEmpty(errMessage))
{
errMessage = errMessage.Replace("<<click here>>", "<a href='" + Url.Action("ResetPassword", "AccountRecovery") + "' title='reset password'>click here</a>") + " to try resetting your password again. <br/> <strong>Note:</strong> If you do not remember the answers to your security questions please contact ActiveHealth Management support at (800) 491 - 3464.";
}
ModelState.AddModelError(string.Empty, errMessage);
securityQuestions.SecurityQuestions = new List <string>();
return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions));
}
catch (Exception ex)
{
_logger.Error("An error occurred validating answers to security questions.", ex);
ModelState.AddModelError(string.Empty, "An error occurred validating security answers");
}
return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions));
}
