/// <summary>
/// EmailNewPassword
/// </summary>
/// <param name="userName">User Name</param>
/// <param name="password">Password</param>
/// <param name="loginUrl">Login URL</param>
private bool EmailNewPassword(string userName, string password, string loginUrl)
{
bool emailNewPasswordSuccess;
try
{
var mailer = new UserMailer();
string mailTo = Membership.Provider.GetUser(userName, false).Email;
var msg = mailer.PasswordReset(
firstName: userName,
email: mailTo,
newPassword: password,
loginUrl: loginUrl);
msg.Send();
emailNewPasswordSuccess = true;
}
catch (Exception)
{
emailNewPasswordSuccess = false;
}
return(emailNewPasswordSuccess);
}
public virtual ActionResult ForgotPassword(string email, bool captchaValid, string captchaErrorMessage)
{
if (!captchaValid)
{
ModelState.AddModelError("captcha", captchaErrorMessage);
}
if (ModelState.IsValid)
{
var user = YouConfDbContext.UserProfiles
.FirstOrDefault(x => x.Email == email);
if (user != null && user.UserId > 0 && OAuthWebSecurity.HasLocalAccount(user.UserId))
{
string token = WebSecurity.GeneratePasswordResetToken(user.UserName);
//Send them an email
UserMailer mailer = new UserMailer();
var mvcMailMessage = mailer.PasswordReset(user.Email, user.UserName, token);
var emailMessage = new SendEmailMessage()
{
Body = mvcMailMessage.Body,
To = user.Email,
Subject = "Password reset request"
};
SendQueueMessage(emailMessage);
return(View("PasswordResetEmailSent"));
}
}
return(View());
}
public ActionResult ForgotPassword(ForgotPasswordModel model)
{
if (ModelState.IsValid)
{
int user_id = 0;
string username = "";
//var foundUserName = servicesManager.AccountService.GetUsernameByEmail(model.Email);
if (model.Email != null)
{
user_id = servicesManager.AccountService.IsEmailExist(model.Email);
}
if (user_id > 0)
{
username = servicesManager.AccountService.GetUserById(user_id).Name;
// Generae password token that will be used in the email link to authenticate user
var token = WebSecurity.GeneratePasswordResetToken(model.Email);
// Generate the html link sent via email
string resetLink = Url.Action("ResetPassword", "Account", new { rt = token }, "http");
// Send Email
UserMailer mailer = new UserMailer();
// Attempt to send the email
try
{
mailer.PasswordReset(model.Email, resetLink, username).Send();
return(RedirectToAction("PasswordSent"));
}
catch (Exception e)
{
ModelState.AddModelError("", "Issue sending email: " + e.Message);
}
}
else // Email not found
{
/* Note: You may not want to provide the following information
* since it gives an intruder information as to whether a
* certain email address is registered with this website or not.
* If you're really concerned about privacy, you may want to
* forward to the same "Success" page regardless whether an
* user was found or not. This is only for illustration purposes.
*/
ModelState.AddModelError("", "No user found by that email.");
model.InvalidEmail = true;
model.ErrorMessage = "البريد الإلكتروني غير متوفر";
}
}
else
{
model.InvalidEmail = true;
model.ErrorMessage = "البريد الإلكتروني خاطئ";
}
/* You may want to send the user to a "Success" page upon the successful
* sending of the reset email link. Right now, if we are 100% successful
* nothing happens on the page. :P
*/
return(View(model));
}
public ActionResult SecurityQuestions(SecurityQuestionsModel model, string username, string failureCount, string questionID)
{
if (ModelState.IsValid)
{
// string username = model.UserName;
if (WebSecurity.UserExists(username))
{
//get the question being tested
var pwMgr = new PasswordManager(username);
//get the questions for this user
var questions = pwMgr.GetQuestions();
var question = questions.FirstOrDefault(x => x.QuestionNumber.ToString() == model.QuestionID);
//check to see if the answer is valid
bool questionMatch = false;
if (question != null)
{
question.Answer = model.QuestionValue;
questionMatch = pwMgr.CheckAnswer(question);
}
//if it is, email the user the link and display the redirect to login view
if (questionMatch)
{
string token = WebSecurity.GeneratePasswordResetToken(username, 10);
string email = "";
using (var userContext = new PEMRBACEntities())
{
var profile = userContext.UserProfiles.SingleOrDefault(u => u.UserName == username);
if (profile != null)
{
email = profile.Email;
}
}
if (!String.IsNullOrEmpty(email) && !String.IsNullOrEmpty(token))
{
// Send password reset email
var mailer = new UserMailer();
mailer.PasswordReset(token, email).Send();
}
else
{
ModelState.AddModelError("",
"Could not send email at this time. If the problem perists please contact your system administrator");
}
//if everythign was successful, then we need to return the login redirect view
return(ReturnLoginRedirectView("You have been emailed a link to reset your password.",
"Password Reset - Emailed"));
}
//if the question didnt match, and this is the first failure (0), then retry with the other question
//also, lets make sure we are telling hte user why they have to answer again
if (model.FailureCount == "0")
{
ModelState.AddModelError("", "Incorrect Answer. Please Try Again.");
//get the question that we did NOT just ask
var unansweredQuestion = questions.FirstOrDefault(x => x.QuestionNumber.ToString() != model.QuestionID);
//re-ask them
var secModel = new SecurityQuestionsModel
{
UserName = username,
FailureCount = "1",
QuestionID = unansweredQuestion.QuestionNumber.ToString(),
QuestionText = unansweredQuestion.Question,
QuestionValue = string.Empty
};
return(View("SecurityQuestions", secModel));
}
//they didnt answer their quesitons correctly, display the system admin contact view.
return(View("CustomerService", new CustomerSupportModel()));
}
else
{
ModelState.AddModelError("", "No account with that username found. Please enter a valid username");
}
}
// If we got this far, something failed. redisplay form
return(View(model));
}