public IActionResult SaveResetPassword(Models.ResetPassword userObj) { if (ModelState.IsValid) { if (!_repObj.CheckEmailId(userObj.EmailId.ToLower())) { TempData["Status1"] = "Wrong Email Address"; return(RedirectToAction("ResetPassword")); } var returnValue = _repObj.SecurityCheckPassword(userObj.EmailId.ToLower(), userObj.Birthplace.ToLower()); if (returnValue) { ViewBag.emailadd = userObj.EmailId; emailidforuse11 = userObj.EmailId; TempData["ema"] = userObj.EmailId; return(RedirectToAction("ConfirmPassword", "User")); } else { TempData["Status1"] = "Wrong Credentials"; return(RedirectToAction("ResetPassword")); } } return(View("ResetPassword")); }
public ActionResult ResetPassword(String email, String token) { Models.ResetPassword rp = new Models.ResetPassword(); rp.EmailAddress = email; rp.Token = token; return(View(rp)); }
public static bool ResetPasswordInDB(Models.ResetPassword resetPassword) { bool tokenMatches = false; MySqlConnection cn = new MySqlConnection(@"DataSource=localhost;Initial Catalog=luckydraw;User Id=root;Password=''"); cn.Open(); MySqlCommand cmd = cn.CreateCommand(); cmd.CommandType = CommandType.Text; cmd.CommandText = String.Format("SELECT COUNT(emailAddress) AS count FROM adminforgotpassword WHERE token = @token AND emailAddress = @emailAddress"); cmd.Parameters.Add("@emailAddress", MySqlDbType.VarChar).Value = resetPassword.EmailAddress; cmd.Parameters.Add("@token", MySqlDbType.VarChar).Value = resetPassword.Token; MySqlDataReader rd = cmd.ExecuteReader(); while (rd.Read()) { if (Convert.ToInt32(rd["count"].ToString()) == 0) { tokenMatches = false; } else { tokenMatches = true; } } rd.Close(); rd.Dispose(); if (tokenMatches) { string salt = getSalt(); string passwordHash = createPasswordHash(salt, resetPassword.NewPassword); MySqlCommand cmd1 = cn.CreateCommand(); cmd1.CommandType = CommandType.Text; cmd1.CommandText = String.Format("UPDATE adminlogin SET passwordHash = @passwordHash, salt = @salt WHERE emailAddress = @emailAddress"); cmd1.Parameters.Add("@emailAddress", MySqlDbType.VarChar).Value = resetPassword.EmailAddress; cmd1.Parameters.Add("@passwordHash", MySqlDbType.VarChar).Value = passwordHash; cmd1.Parameters.Add("@salt", MySqlDbType.Blob).Value = salt; MySqlDataReader rd1 = cmd1.ExecuteReader(); rd1.Close(); cmd1.Dispose(); cn.Close(); return(true); } else { return(false); } }
public ActionResult ResetPassword(Models.ResetPassword resetPassword) { if (ModelState.IsValid) { if (ResetPasswordInDB(resetPassword)) { return(RedirectToAction("AdminIndex", "Login")); } else { ViewBag.ErrorMessage = "The token is invalid. Please reset your password again!"; return(View()); } } else { ViewBag.ErrorMessage = "Please ensure all fields are valid."; return(View()); } }
public ActionResult resetpassword(Models.ResetPassword model) { if (!ModelState.IsValid) { return(View(model)); } var user = userManager.FindByEmail(model.Email); if (user == null) { // Don't reveal that the user does not exist return(RedirectToAction("Index", "Home")); } var result = userManager.ResetPassword(user.Id, model.Code, model.Password); if (result.Succeeded) { sendEmail(user, "Password Changed", "Your password has been changed"); return(RedirectToAction("Index", "Home")); } return(View()); }
public static bool ResetPasswordInDB(Models.ResetPassword resetPassword) { bool tokenMatches = false; try { SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(); builder.DataSource = "luckydrawapplication20200108092548dbserver.database.windows.net"; builder.UserID = "sqladmin"; builder.Password = "******"; builder.InitialCatalog = "luckywheeldb"; using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) { StringBuilder sb = new StringBuilder(); sb.Append("SELECT COUNT(emailAddress) AS count FROM adminforgotpassword WHERE token = '" + resetPassword.Token + "' AND emailAddress = '" + resetPassword.EmailAddress + "'"); String sql = sb.ToString(); using (SqlCommand command = new SqlCommand(sql, connection)) { connection.Open(); using (SqlDataReader rd = command.ExecuteReader()) { while (rd.Read()) { if (Convert.ToInt32(rd["count"].ToString()) == 0) { tokenMatches = false; } else { tokenMatches = true; } } } } } } catch (Exception e) { Console.WriteLine(e.ToString()); } if (tokenMatches) { try { SqlConnectionStringBuilder builder = new SqlConnectionStringBuilder(); builder.DataSource = "luckydrawapplication20200108092548dbserver.database.windows.net"; builder.UserID = "sqladmin"; builder.Password = "******"; builder.InitialCatalog = "luckywheeldb"; using (SqlConnection connection = new SqlConnection(builder.ConnectionString)) { StringBuilder sb = new StringBuilder(); sb.Append("UPDATE adminlogin SET passwordHash = '" + resetPassword.NewPassword + "' WHERE emailAddress = '" + resetPassword.EmailAddress + "'"); String sql = sb.ToString(); using (SqlCommand command = new SqlCommand(sql, connection)) { connection.Open(); SqlDataReader rd = command.ExecuteReader(); } } } catch (Exception e) { Console.WriteLine(e.ToString()); } return(true); } else { return(false); } }