public ActionResult GetPassword(GetPasswordViewModel model) { if (ModelState.IsValid) { int memberAction = (int)MemberActionType.GetPassword; int limitMin = ConfigSetting.GetPasswordEmailTimeDiffMin; if (MemberService.HasGetPasswordActionInLimitTime(model.Email, limitMin, memberAction)) { ViewBag.SendMail = true; ViewBag.HasSendMail = true; ViewBag.Message = limitMin; } else { Member member = MemberService.GetALL().Single(x => x.Email.Equals(model.Email, StringComparison.CurrentCultureIgnoreCase)); string userKey = Guid.NewGuid().ToString(); string emailTitle = member.NickName + string.Format(" 您好!找回{0}密码!", ConfigSetting.SiteName); EmailModel em = EmailService.GetMail(Server.MapPath("~/EmailTemplate/getpwd.htm"), emailTitle, member.MemberID, member.Email, member.NickName, userKey); EmailService.SendMail(em); Member_ActionService.Create(member, memberAction, userKey); ViewBag.HasSendMail = false; ViewBag.SendMail = true; ViewBag.Title = ""; } return(View(model)); } return(View(model)); }
public async Task <IActionResult> GetPassword([FromBody] GetPasswordViewModel getPasswordViewModel) { // Given this is a sensitive method, we don't give the correct error if (ModelState.IsValid == false) { return(BadRequest()); } if (getPasswordViewModel.AssetId < 0) { return(BadRequest()); } if (getPasswordViewModel.ProjectId < 0) { return(BadRequest()); } if (string.IsNullOrWhiteSpace(getPasswordViewModel.FormDigest)) { return(BadRequest()); } string accessIpAddress = HttpContext?.Connection?.RemoteIpAddress?.ToString(); if (string.IsNullOrWhiteSpace(accessIpAddress)) { return(BadRequest()); } try { var asset = await _assetService.GetAssetAsync(getPasswordViewModel.ProjectId, getPasswordViewModel.AssetId, accessIpAddress); var credential = asset as Credential; var decryptedPassword = _assetService.DecryptPassword(credential.Password); return(new OkObjectResult(decryptedPassword)); } catch (Exception ex) { // LOG through SERVICE TODO var t = new TelemetryClient(); t.TrackException(ex); return(BadRequest()); } }
public async Task <ActionResult> GetPassword(GetPasswordViewModel model) { if (ModelState.IsValid) { var employee = ERSAIDB.Employees.FirstOrDefault(e => e.BadgeNumber == model.BadgeNumber); if (employee == null) { ModelState.AddModelError("", "No employee with specified badge number"); return(View(model)); } if (employee.BirthDate?.Date != model.BirthDate?.Date) { ModelState.AddModelError("", "Wrong date of birth"); return(View(model)); } var payslipUser = ERSAIDB.PersonalAccountUsers.FirstOrDefault(u => u.Badge == employee.BadgeNumber); payslipUser = payslipUser ?? ERSAIDB.PersonalAccountUsers.Add(new DataModels.ERSAI.PersonalAccountUser() { Badge = employee.BadgeNumber, ModifiedDate = DateTime.Now }); /*payslipUser.AppUser = payslipUser.AppUser ?? new AppUser() * { * SecurityStamp = Guid.NewGuid().ToString(), * UserName = employee.BadgeNumber * };*/ var newPassword = payslipUser.SetNewPassword(); ERSAIDB.SaveChanges(); bool mailSent = false, SMSSent = false; if (App.SMTPClient != null) { try { App.SMTPClient.TrySendEmail(new IntegrationClients.SMTP.EmailMessage() { Body = $"Your new password is {newPassword}", Header = IntegrationClients.SMTP.MessageHeader.GetDefault(employee.FullName), Footer = IntegrationClients.SMTP.MessageFooter.GetDefault(), Subject = "Your new password", To = payslipUser.ERSAIAccount?.Mail }); mailSent = true; } catch { mailSent = false; } } if (App.SMSClient != null) { try { var response = await App.SMSClient.SendSMS(new IntegrationClients.Infobip.SMSMessage() { To = new[] { payslipUser.MobPhone?.Primary_MobilePhone }, Text = $"Your new payslip password is:{Environment.NewLine}{newPassword}" }); SMSSent = true; } catch { SMSSent = false; } } LoginPageMessage message; if (SMSSent || mailSent) { message = new LoginPageMessage() { CssClass = "positive", Content = $"Your new password was sent to {(mailSent ? (payslipUser.ERSAIAccount?.Mail + (SMSSent ? " and " : string.Empty)) : string.Empty)}{(SMSSent ? payslipUser.MobPhone?.Primary_MobilePhone : "")}" } } ; else { message = new LoginPageMessage() { CssClass = "error", Content = "We couldn't send your new password to you due to contact information absense. Please, contact your HR" } }; return(RedirectToAction("Login", message)); } // If we got this far, something failed, redisplay form return(View(model)); }