Beispiel #1
0
        public virtual ActionResult ForgotPassword(ForgotPasswordModel model)
        {
            if (!ModelState.IsValid) return CurrentUmbracoPage();
            var viewData = new StoreViewData();
            var member = Members.GetByUsername(model.Username);
            if (member == null)
            {
                viewData.Success = false;
                viewData.Messages = new[] { "Unknown email address." };
                ViewData["MerchelloViewData"] = viewData;
                return CurrentUmbracoPage();
            }

            var newPassword = Membership.GeneratePassword(Membership.MinRequiredPasswordLength, 0);
            var user = Membership.GetUser(model.Username);
            user.ChangePassword(newPassword, newPassword);

            // assumes you have set the SMTP settings in web.config and supplied a default "from" email
            var msg = new MailMessage
            {
                Subject = string.Format("New Password for {0}", Request.Url.Host),
                Body = string.Format("Your new password is: {0}", newPassword),
                IsBodyHtml = false
            };
            msg.To.Add(new MailAddress(model.Username));
            using (var smtpClient = new SmtpClient())
            {
                smtpClient.Send(msg);
            }

            viewData.Success = true;
            viewData.Messages = new[] { "A new password has been emailed to you." };
            ViewData["MerchelloViewData"] = viewData;
            return CurrentUmbracoPage();
        }
Beispiel #2
0
        public virtual ActionResult Login(LoginModel model)
        {
            if (!ModelState.IsValid) return CurrentUmbracoPage();

            if (!Members.Login(model.Username, model.Password))
            {
                var member = Members.GetByUsername(model.Username);

                var viewData = new StoreViewData { Success = false };

                if (member == null)
                {
                    viewData.Messages = new[] { "Account does not exist for this email address." };
                }
                else
                {
                    var messages = new List<string>
                    {
                        "Login was unsuccessful with the email address and password entered."
                    };

                    if (!member.GetPropertyValue<bool>("umbracoMemberApproved")) messages.Add("This account has not been approved.");
                    if (member.GetPropertyValue<bool>("umbracoMemberLockedOut")) messages.Add("This account has been locked due to too many unsucessful login attempts.");

                    viewData.Messages = messages;
                }

                ViewData["MerchelloViewData"] = viewData;
                return CurrentUmbracoPage();
            }

            return model.SuccessRedirectUrl.IsNullOrWhiteSpace() ?
                Redirect("/") : Redirect(model.SuccessRedirectUrl);
        }
Beispiel #3
0
        public virtual ActionResult ChangePassword(ChangePasswordModel model)
        {
            if (!ModelState.IsValid) return CurrentUmbracoPage();
            var viewData = new StoreViewData();

            if (!((model.Password.Length >= Membership.MinRequiredPasswordLength) &&
                (model.Password.ToCharArray().Count(c => !char.IsLetterOrDigit(c)) >= Membership.MinRequiredNonAlphanumericCharacters)))
            {
                viewData.Success = false;
                viewData.Messages = new[] { string.Format("New password invalid. Minimum length {0} characters", Membership.MinRequiredPasswordLength) };
                ViewData["MerchelloViewData"] = viewData;
                return CurrentUmbracoPage();
            }

            // change password seems to have a bug that will allow it to change the password even if the supplied
            // old password is wrong!
            // so use the login to check the old password as a hack
            var currentUser = Membership.GetUser();
            if (!Members.Login(currentUser.UserName, model.OldPassword))
            {
                viewData.Success = false;
                viewData.Messages = new[] { "Current password incorrect." };
                ViewData["MerchelloViewData"] = viewData;
                return CurrentUmbracoPage();
            }

            if (!currentUser.ChangePassword(model.OldPassword, model.Password))
            {
                viewData.Success = false;
                viewData.Messages = new[] { "Change password failed. Please try again." };
                ViewData["MerchelloViewData"] = viewData;
                return CurrentUmbracoPage();
            }

            viewData.Success = true;
            viewData.Messages = new[] { "Password updated successfully" };
            ViewData["MerchelloViewData"] = viewData;
            return CurrentUmbracoPage();
        }