public ActionResult Create([Bind(Include = "GiftItemId,Name,Price,Description,LastUpdated,GiftTypeId")] GiftItem giftItem)
{
if (ModelState.IsValid)
{
db.GiftItems.Add(giftItem);
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.GiftTypeId = new SelectList(db.GiftTypes, "GiftTypeId", "Name", giftItem.GiftTypeId);
return(View(giftItem));
}
public async Task <ActionResult> ResetPassword(User user)
{
// check if modelstate is valid before proceeding
//if (ModelState.IsValid)
//{
/*
* Note(bryanstephens): when the user requests a password reset, a unique key is generated and sent to the requested user's email.
* This is done in order to validate the user. A reset password token must be unique, as well as only be valid for request for a
* password reset. If the user attempts to to reuse a reset password token, they will encounter an error.
*/
// #1 ==> generate encrpyt key
// RNG ==> cryptographic Random Number Generator
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
//// byte ==> integral type; stores values (8-bit integer)
byte[] data = new byte[4];
//// store in byte to then call GetBytes() ==> fills byte array with result of rng
rng.GetBytes(data);
//// user BitConverter to change byte array into integer
int value = BitConverter.ToInt32(data, 0);
// #2 ==> assign encrpyt key to database
// LINQ ==> SELECT email FROM Password WHERE email = :email
var update = (from p in db.Passwords
where p.email == user.Password.email
select p).FirstOrDefault();
update.passwordReset = value.ToString();
// set reset token
// #3 ==> save token to database
db.SaveChanges();
/*
* Note(bryanstephens): Once a password reset token has been requested, the must be notified of the change. B/c they are unable to log into their account, they will be sent a email (one that is registered in the system) in order to reset their password. Within the email, a link is also sent with the user, which contains a redirect to reset.cs, along with a reset token to authenticate the user's request
*/
var firstname = db.Users.Where(x => x.Password.email == user.Password.email).FirstOrDefault().firstName;
var resetToken = db.Users.Where(x => x.Password.email == user.Password.email).FirstOrDefault().Password.passwordReset;
// body of email message
var emailBody = "<h3>Password Reset</h3> <p> Sorry to hear you forgot your password " + firstname + ". <a href=http://http5204b-stephensbryan.azurewebsites.net/account/reset?token=" + resetToken + "> click here to reset your password</a>";
// new instance of MailMessage
var msg = new MailMessage();
// receipient address
msg.To.Add(new MailAddress(user.Password.email));
msg.Subject = "Password Reset";
msg.Body = string.Format(emailBody);
// format body of email as html
msg.IsBodyHtml = true;
// smtp credentials
// ***credentials are stored in web.config file under system.net/mailSettings***
using (var smtp = new SmtpClient())
{
await smtp.SendMailAsync(msg);
ViewBag.Sent = "Please check your email inbox for link to reset your password";
}
//}
return(View());
}