public async Task <ActionResult> PasswordRecoveryConfirmPOST(PasswordRecoveryConfirmModel model)
{
var customer = await _userManager.FindByEmailAsync(model.Email);
if (ModelState.IsValid)
{
var response = await _userManager.ResetPasswordAsync(customer, model.Token, model.NewPassword);
if (response.Succeeded)
{
customer.GenericAttributes.PasswordRecoveryToken = string.Empty;
await _db.SaveChangesAsync();
model.SuccessfullyChanged = true;
model.Result = T("Account.PasswordRecovery.PasswordHasBeenChanged");
}
else
{
NotifyError(T("Account.PasswordRecoveryConfirm.InvalidEmailOrToken"));
return(RedirectToAction("PasswordRecoveryConfirm", new { token = model.Token, email = model.Email }));
}
return(View(model));
}
// If we got this far something failed. Redisplay form.
return(View(model));
}
public ActionResult PasswordRecoveryConfirmStudent(string token)
{
if (_authService.CurrentUserData != null && _authService.CurrentUserData.UserId != 0)
{
return(RedirectToRoute("HomePage"));
}
string type = "SchoolStudentsPasswordRecoveryEmail";
var result = _webClient.UploadData <int>("validateusertoken", new { Token = token, Type = type });
if (result == 1)
{
var model = new PasswordRecoveryConfirmModel();
model.Username = _webClient.DownloadData <string>("getusernamebytoken", new { token = token });
return(View(model));
}
else if (result == 3)
{
var model = new PasswordRecoveryConfirmModel()
{
Result = Resource.PasswordRecoveryConfirm_invalidtoken.Replace("%SITEURL%", Url.RouteUrl("PasswordRecoveryConfirmStudent"))
};
return(View(model));
}
else
{
return(RedirectToRoute("HomePage"));
}
}
public void Should_not_have_error_when_newPassword_equals_confirmationPassword()
{
var model = new PasswordRecoveryConfirmModel();
model.NewPassword = "******";
model.ConfirmNewPassword = "******";
_validator.ShouldNotHaveValidationErrorFor(x => x.NewPassword, model);
}
public void Should_not_have_error_when_confirmNewPassword_is_specified()
{
var model = new PasswordRecoveryConfirmModel();
model.ConfirmNewPassword = "******";
//we know that new password should equal confirmation password
model.NewPassword = model.ConfirmNewPassword;
_validator.ShouldNotHaveValidationErrorFor(x => x.ConfirmNewPassword, model);
}
public void Should_have_error_when_confirmNewPassword_is_null_or_empty()
{
var model = new PasswordRecoveryConfirmModel();
model.ConfirmNewPassword = null;
_validator.ShouldHaveValidationErrorFor(x => x.ConfirmNewPassword, model);
model.ConfirmNewPassword = "";
_validator.ShouldHaveValidationErrorFor(x => x.ConfirmNewPassword, model);
}
public void ShouldHaveErrorWhenNewPasswordDoesNotEqualConfirmationPassword()
{
var model = new PasswordRecoveryConfirmModel
{
NewPassword = "******",
ConfirmNewPassword = "******"
};
_validator.TestValidate(model).ShouldHaveValidationErrorFor(x => x.ConfirmNewPassword);
}
public void Should_not_have_error_when_newPassword_equals_confirmationPassword()
{
var model = new PasswordRecoveryConfirmModel
{
NewPassword = "******",
ConfirmNewPassword = "******"
};
_validator.TestValidate(model).ShouldNotHaveValidationErrorFor(x => x.NewPassword);
}
public IActionResult PasswordRecoveryConfirm(string token, string email)
{
var model = new PasswordRecoveryConfirmModel
{
Email = email,
Token = token
};
return(View(model));
}
public void Should_have_error_when_newPassword_doesnot_equal_confirmationPassword()
{
var model = new PasswordRecoveryConfirmModel
{
NewPassword = "******",
ConfirmNewPassword = "******"
};
_validator.ShouldHaveValidationErrorFor(x => x.ConfirmNewPassword, model);
}
public void ShouldHaveErrorWhenConfirmNewPasswordIsNullOrEmpty()
{
var model = new PasswordRecoveryConfirmModel
{
ConfirmNewPassword = null
};
_validator.TestValidate(model).ShouldHaveValidationErrorFor(x => x.ConfirmNewPassword);
model.ConfirmNewPassword = string.Empty;
_validator.TestValidate(model).ShouldHaveValidationErrorFor(x => x.ConfirmNewPassword);
}
public void ShouldNotHaveErrorWhenConfirmNewPasswordIsSpecified()
{
var model = new PasswordRecoveryConfirmModel
{
ConfirmNewPassword = "******"
};
//we know that new password should equal confirmation password
model.NewPassword = model.ConfirmNewPassword;
_validator.TestValidate(model).ShouldNotHaveValidationErrorFor(x => x.ConfirmNewPassword);
}
public void Should_have_error_when_newPassword_is_null_or_empty()
{
var model = new PasswordRecoveryConfirmModel();
model.NewPassword = null;
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_validator.ShouldHaveValidationErrorFor(x => x.NewPassword, model);
model.NewPassword = "";
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_validator.ShouldHaveValidationErrorFor(x => x.NewPassword, model);
}
public ActionResult PasswordRecoveryConfirmResult()
{
if (_authService.CurrentUser != null)
{
return(RedirectToRoute("HomePage"));
}
var model = new PasswordRecoveryConfirmModel();
model.Result = Resource.PasswordRecoveryConfirm_successmsg;
model.SuccessfullyChanged = true;
return(View("PasswordRecoveryConfirm", model));
}
public void Should_validate_newPassword_is_length()
{
_customerSettings.PasswordMinLength = 5;
_validator = new PasswordRecoveryConfirmValidator(_localizationService, _customerSettings);
var model = new PasswordRecoveryConfirmModel();
model.NewPassword = "******";
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_validator.ShouldHaveValidationErrorFor(x => x.NewPassword, model);
model.NewPassword = "******";
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_validator.ShouldNotHaveValidationErrorFor(x => x.NewPassword, model);
}
public void ShouldHaveErrorWhenNewPasswordIsNullOrEmpty()
{
var model = new PasswordRecoveryConfirmModel
{
NewPassword = null
};
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_validator.TestValidate(model).ShouldHaveValidationErrorFor(x => x.NewPassword);
model.NewPassword = string.Empty;
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_validator.TestValidate(model).ShouldHaveValidationErrorFor(x => x.NewPassword);
}
public void ShouldValidateOnPasswordRecoveryConfirmModelIsAllRule()
{
var model = new PasswordRecoveryConfirmModel
{
NewPassword = "******"
};
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_passwordRecoveryConfirmValidator.TestValidate(model).ShouldHaveValidationErrorFor(x => x.NewPassword);
model.NewPassword = "******";
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_passwordRecoveryConfirmValidator.TestValidate(model).ShouldNotHaveValidationErrorFor(x => x.NewPassword);
}
public virtual IActionResult PasswordRecoveryConfirmPOST(string token, string email,
PasswordRecoveryConfirmModel model)
{
var user = _userService.GetUserByEmail(email);
if (user == null)
{
return(RedirectToRoute("Homepage"));
}
//validate token
if (!_userService.IsPasswordRecoveryTokenValid(user, token))
{
model.DisablePasswordChanging = true;
model.Result = "Wrong password recovery token";
return(View(model));
}
//validate token expiration date
if (_userService.IsPasswordRecoveryLinkExpired(user))
{
model.DisablePasswordChanging = true;
model.Result = "Your password recovery link is expired";
return(View(model));
}
if (ModelState.IsValid)
{
var response = _userRegistrationService.ChangePassword(new ChangePasswordRequest(email,
false, model.NewPassword));
if (response.Success)
{
_genericAttributeService.SaveAttribute(user, AldanUserDefaults.PasswordRecoveryTokenAttribute, "");
model.DisablePasswordChanging = true;
model.Result = "Your password has been changed";
}
else
{
model.Result = response.Errors.FirstOrDefault();
}
return(View(model));
}
//If we got this far, something failed, redisplay form
return(View(model));
}
public void Should_validate_on_PasswordRecoveryConfirmModel_is_all_rule()
{
_passwordRecoveryConfirmValidator = new PasswordRecoveryConfirmValidator(_localizationService, _customerSettings);
var model = new PasswordRecoveryConfirmModel
{
NewPassword = "******"
};
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_passwordRecoveryConfirmValidator.ShouldHaveValidationErrorFor(x => x.NewPassword, model);
model.NewPassword = "******";
//we know that new password should equal confirmation password
model.ConfirmNewPassword = model.NewPassword;
_passwordRecoveryConfirmValidator.ShouldNotHaveValidationErrorFor(x => x.NewPassword, model);
}
public virtual async Task <PasswordRecoveryConfirmModel> PreparePasswordRecoveryConfirmModel(Customer customer, string token)
{
var model = new PasswordRecoveryConfirmModel();
//validate token
if (!(customer.IsPasswordRecoveryTokenValid(token)))
{
model.DisablePasswordChanging = true;
model.Result = _localizationService.GetResource("Account.PasswordRecovery.WrongToken");
}
//validate token expiration date
if (customer.IsPasswordRecoveryLinkExpired(_customerSettings))
{
model.DisablePasswordChanging = true;
model.Result = _localizationService.GetResource("Account.PasswordRecovery.LinkExpired");
}
return(await Task.FromResult(model));
}
/// <summary>
/// Prepare the password recovery confirm model
/// </summary>
/// <returns>Password recovery confirm model</returns>
public virtual PasswordRecoveryConfirmModel PreparePasswordRecoveryConfirmModel()
{
var model = new PasswordRecoveryConfirmModel();
return(model);
}
//available even when navigation is not allowed
// [CheckAccessPublicStore(true)]
public virtual IActionResult PasswordRecoveryConfirmPOST(string token, string email, PasswordRecoveryConfirmModel model)
{
var user = _userService.GetUserByEmail(email);
if (user == null)
{
return(RedirectToRoute("HomePage"));
}
//validate token
if (!user.IsPasswordRecoveryTokenValid(token))
{
model.DisablePasswordChanging = true;
model.Result = "Password reset wrong token";
return(View(model));
}
//validate token expiration date
if (user.IsPasswordRecoveryLinkExpired(_userSettings))
{
model.DisablePasswordChanging = true;
model.Result = "Password reset Link Expired";
return(View(model));
}
if (ModelState.IsValid)
{
var response = _userRegistrationService.ChangePassword(new ChangePasswordRequest(email,
false, _userSettings.DefaultPasswordFormat, model.NewPassword));
if (response.Success)
{
_genericAttributeService.SaveAttribute(user, ResearchUserDefaults.PasswordRecoveryTokenAttribute, "");
model.DisablePasswordChanging = true;
model.Result = "รหัสผ่านของท่านถูกเปลี่ยนแปลงเรียบร้อยแล้ว กรุณาล๊อคอินเพื่อเข้าใช้งานอีกครั้ง";
}
else
{
model.Result = response.Errors.FirstOrDefault();
}
return(View(model));
}
//If we got this far, something failed, redisplay form
return(View(model));
}
public virtual IActionResult PasswordRecoveryConfirmPOST(string token, string email, PasswordRecoveryConfirmModel model)
{
var user = _userService.GetUserByEmail(email);
if (user == null)
{
return(RedirectToRoute("HomePage"));
}
//validate token
if (!_userService.IsPasswordRecoveryTokenValid(user, token))
{
model.DisablePasswordChanging = true;
model.Result = _localizationService.GetResource("Account.PasswordRecovery.WrongToken");
return(View(model));
}
//validate token expiration date
if (_userService.IsPasswordRecoveryLinkExpired(user))
{
model.DisablePasswordChanging = true;
model.Result = _localizationService.GetResource("Account.PasswordRecovery.LinkExpired");
return(View(model));
}
if (ModelState.IsValid)
{
var response = _userRegistrationService.ChangePassword(new ChangePasswordRequest(email,
false, _userSettings.DefaultPasswordFormat, model.NewPassword));
if (response.Success)
{
_genericAttributeService.SaveAttribute(user, NopUserDefaults.PasswordRecoveryTokenAttribute, "");
model.DisablePasswordChanging = true;
model.Result = _localizationService.GetResource("Account.PasswordRecovery.PasswordHasBeenChanged");
}
else
{
model.Result = response.Errors.FirstOrDefault();
}
return(View(model));
}
//If we got this far, something failed, redisplay form
return(View(model));
}
public ActionResult PasswordRecoveryConfirmStudentPOST(string token, string username, PasswordRecoveryConfirmModel model)
{
FluentValidation.IValidator <PasswordRecoveryConfirmModel> validator = new PasswordRecoveryConfirmStudentValidator();
var validationResults = validator.Validate(model);
foreach (var item in validationResults.Errors)
{
ModelState.AddModelError(item.PropertyName, item.ErrorMessage);
}
if (ModelState.IsValid)
{
try
{
var result = _webClient.UploadData <UserStatusEnum>("passwordrecoverysubmit", new { NewPassword = model.NewPassword, Token = token });
switch (result)
{
case UserStatusEnum.Success:
model.Result = Resource.PasswordRecoveryConfirm_successmsg;
model.SuccessfullyChanged = true;
return(RedirectToAction("PasswordRecoveryConfirmResult"));
case UserStatusEnum.UserAccountNotExist:
model.Result = Resource.PasswordRecoveryConfirm_noaccount;
break;
case UserStatusEnum.InvalidToken:
model.Result = Resource.PasswordRecoveryConfirm_invalidtoken.Replace("%SITEURL%", Url.RouteUrl("PasswordRecoveryConfirmStudent"));
break;
default:
return(RedirectToRoute("HomePage"));
}
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
}
}
//redisplay page if any error
return(View(model));
}
public HttpResponseMessage PasswordRecoveryConfirmPOST(string token, string email, PasswordRecoveryConfirmModel model)
{
var customer = _customerService.GetCustomerByEmail(email);
if (customer == null)
{
return(Request.CreateResponse(HttpStatusCode.OK, new { code = 0, Message = "something went wrong" }));
}
var cPrt = customer.GetAttribute <string>(SystemCustomerAttributeNames.PasswordRecoveryToken);
if (cPrt.IsEmpty() || !cPrt.Equals(token, StringComparison.InvariantCultureIgnoreCase))
{
return(Request.CreateResponse(HttpStatusCode.OK, new { code = 0, Message = T("Account.PasswordRecoveryConfirm.InvalidEmailOrToken").Text }));
}
if (ModelState.IsValid)
{
var response = _customerRegistrationService.ChangePassword(new ChangePasswordRequest(email,
false, _customerSettings.DefaultPasswordFormat, model.NewPassword));
if (response.Success)
{
_genericAttributeService.SaveAttribute(customer, SystemCustomerAttributeNames.PasswordRecoveryToken, "");
return(Request.CreateResponse(HttpStatusCode.OK, new { code = 0, Message = "success" }));
}
else
{
model.Result = response.Errors.FirstOrDefault();
}
return(Request.CreateResponse(HttpStatusCode.OK, new { code = 0, Message = "something went wrong" }));
}
// If we got this far, something failed, redisplay form.
return(Request.CreateResponse(HttpStatusCode.OK, new { code = 0, Message = "something went wrong" }));
}
