public ActionResult SetPassword(UserSetPasswordViewModel vm) { if (Request.HttpMethod != "POST") { return(View(vm)); } if (!ModelState.IsValid) { return(View(vm)); } Svc.User.SetPassword(vm.UserId, vm.Password); this.SetStatusSuccess("儲存成功!!"); return(View(vm)); }
public async Task<ActionResult> UserSetPassword(UserSetPasswordViewModel model) { ActionResult rtnResult; if (ModelState.IsValid) { // Initiate variables to check for valid passwords char[] pwTest = model.Password.ToCharArray(); string capLetters = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; string lowLetters = capLetters.ToLower(); string symbols = "!@#$%^&*"; string numbers = "1234567890"; int capCount = 0; int lowCount = 0; int symbolCount = 0; int numberCount = 0; // Increment counters for all necessary characters for (int i = 0; i < pwTest.Length; i++) { if (capLetters.Contains(pwTest[i])) { capCount++; } if (lowLetters.Contains(pwTest[i])) { lowCount++; } if (symbols.Contains(pwTest[i])) { symbolCount++; } if (numbers.Contains(pwTest[i])) { numberCount++; } } // If any counter is == 0, password is invalid if (capCount == 0 || lowCount == 0 || symbolCount == 0 || numberCount == 0) { ModelState.AddModelError("", "Passwords must have at least one non letter or digit character. Passwords must have at least one digit ('0'-'9'). Passwords must have at least one uppercase ('A'-'Z')."); return View(model); } var user = await UserManager.FindByEmailAsync(model.Email); if (user == null || !(await UserManager.IsEmailConfirmedAsync(user.Id))) { // Don't reveal that the user does not exist or is not confirmed rtnResult = View("Error"); } else { string code = await UserManager.GeneratePasswordResetTokenAsync(user.Id); model.Code = code; var result = await UserManager.ResetPasswordAsync(user.Id, model.Code, model.Password); if (result.Succeeded) { //rtnResult = RedirectToAction("Login", "Account"); rtnResult = View("UserSetPasswordConfirmation"); AddErrors(result); } else { rtnResult = View(); } } } else { rtnResult = View(); } // If we got this far, something failed, redisplay form return rtnResult; }