public ActionResult ResetPassword(ResetPasswordModel model)
{
// clears the errors from the model
model.ClearToaster();
// check for simple warnings
var isValid = true;
// makes sure we don't have any empty fields
if (String.IsNullOrEmpty(model.Email))
{
model.AddError(GlobalErrors.EmptyFields);
isValid = false;
}
if (!CredentialsHelper.IsEmailValid(model.Email)) // check email is valid
{
model.AddError(ResetPasswordErrors.InvalidEmail);
isValid = false;
}
if (isValid) // check for more serious warnings
{
using (var e = new EntityContext()) // db context
{
// check if email exists in the database, we need the email to register
if (!Authorize.EmailExists(model.Email, e))
{
model.AddError(ResetPasswordErrors.EmailNotAssociatedWithUser);
isValid = false;
}
else if (!Authorize.EmailIsRegistered(model.Email, e)) // if it does check if it is already registered
{
model.AddError(ResetPasswordErrors.EmailNotRegistered);
isValid = false;
}
if (isValid && !model.HasWarnings()) // we have checked everything we need to check
{
CachedUser cachedUser = GetCachedUser.UserByEmail(model.Email, e);
if (cachedUser == null)
{
model.AddError(RegistrationErrors.UnknowError);
}
else
{
return(RedirectToAction("Send", "ResetPassword", new
{
email = cachedUser.Email,
username = cachedUser.Username,
investigatorName = cachedUser.InvestigatorName
}));
}
}
}
}
// if we got here there was an error
return(View(model));
}
/// <summary>
/// Will check to see if your credentials match any in the databses
/// </summary>
/// <param name="username">The username provided to check, case sensitive</param>
/// <param name="password">The password will be hashed and compared to the one in the database</param>
/// <param name="context">the Database context object</param>
/// <returns>Investigator Object if valid Credentials, otherwise null</returns>
public static CachedUser CredentialsByUsername(String username, String password, EntityContext context = null)
{
context.CheckInit();
var LoginData = context.Web_Login_Data.FirstOrDefault(p => p.Username == username);
if (!IsLoginAllowed(LoginData, password))
{
return(null);
}
return(GetCachedUser.GetNew(LoginData));
}
/// <summary>
/// Will check to see if your credentials match any in the databses
/// </summary>
/// <param name="email">The email provided to check, not case sensitive</param>
/// <param name="password">The password will be hashed and compared to the one in the database</param>
/// <param name="context">the Database context object</param>
/// <returns>Investigator Object if valid Credentials, otherwise null</returns>
public static CachedUser CredentialsByEmail(String email, String password, EntityContext context = null)
{
context.CheckInit();
var lowerEmail = email.ToLower();
var LoginData = context.Web_Login_Data.FirstOrDefault(p => p.Investigator.Email_Address.ToLower() == lowerEmail);
if (!IsLoginAllowed(LoginData, password))
{
return(null);
}
return(GetCachedUser.GetNew(LoginData));
}
public static CachedUser MakeNewUserLogin(String username, String email, String password, EntityContext e = null)
{
e.CheckInit();
if (!Authorize.EmailExists(email, e))
{
return(null);
}
if (Authorize.EmailIsRegistered(email, e))
{
return(null);
}
if (Authorize.UsernameIsRegistered(username, e))
{
return(null);
}
var lowerEmail = email.ToLower();
try
{
var investigator = e.Investigators.FirstOrDefault(p => p.Email_Address.ToLower() == lowerEmail);
var loginData = investigator.Web_Login_Data;
var salt = Encrypt.GenerateSalt();
loginData = new Web_Login_datum()
{
Investigator = investigator,
Salt = salt,
Password = PasswordVerify.HashPassword(password, salt),
Temp_Password = false,
Investigator_Name = investigator.Investigator_Name,
Username = username,
Suspended = false,
Email_Confirmed = false,
DataSource = DATA_SOURCE_NAME
};
e.Web_Login_Data.Add(loginData);
e.SaveChanges();
return(GetCachedUser.GetNew(loginData));
}
catch (Exception ex)
{
return(null);
}
}
/// <summary>
/// Gets the current sessions cached user
/// </summary>
/// <returns>returns cached user</returns>
public static CachedUser GetSessionUser()
{
// null if not logged in
if (!AccountHelper.IsLoggedIn())
{
return(null);
}
// gets the current cached user
var user = (CachedUser)HttpContext.Current.Session["CachedUser"];
// if there is no user or if the current session user is not the user logged in
if (user == null || user.InvestigatorName != HttpContext.Current.User.Identity.Name)
{
// store new user
using (var e = new EntityContext())
{
user = GetCachedUser.UserByUsername(HttpContext.Current.User.Identity.Name, e);
SetSessionUser(user);
}
}
// return new or old cached user
return(user);
}
