public ActionResult ResetPassword(string id)
{
//Verify the reset password link
//Find account associated with this link
//redirect to reset password page
if (string.IsNullOrWhiteSpace(id))
{
return(HttpNotFound());
}
using (var context = new Models.db())
{
var user = context.myusers.Where(a => a.ResetPasswordCode == id).FirstOrDefault();
if (user != null)
{
ResetPasswordModel model = new ResetPasswordModel();
model.ResetCode = id;
return(View(model));
}
else
{
return(HttpNotFound());
}
}
}
public ActionResult ResetPassword(ResetPasswordModel model)
{
var message = "";
//if (ModelState.IsValid)
//{
using (var context = new Models.db())
{
var user = context.myusers.Where(a => a.ResetPasswordCode == model.ResetCode).FirstOrDefault();
if (user != null)
{
//you can encrypt password here, we are not doing it
user.Password = model.NewPassword;
//make resetpasswordcode empty string now
user.ResetPasswordCode = "";
//to avoid validation issues, disable it
context.Configuration.ValidateOnSaveEnabled = false;
context.SaveChanges();
message = "New password updated successfully";
}
//}
}
//else
//{
// message = "Something invalid";
//}
ViewBag.Message = message;
return(View(model));
}
public ActionResult ForgotPassword(string EmailID)
{
string resetCode = Guid.NewGuid().ToString();
var verifyUrl = "/Account/ResetPassword/" + resetCode;
var link = Request.Url.AbsoluteUri.Replace(Request.Url.PathAndQuery, verifyUrl);
using (var context = new Models.db())
{
var getUser = (from s in context.myusers where s.Email == EmailID select s).FirstOrDefault();
if (getUser != null)
{
getUser.ResetPasswordCode = resetCode;
//This line I have added here to avoid confirm password not match issue , as we had added a confirm password property
context.Configuration.ValidateOnSaveEnabled = false;
context.SaveChanges();
var subject = "Password Reset Request";
var body = "Hi " + getUser.NameFamily + ", <br/> You recently requested to reset your password for your account. Click the link below to reset it. " +
" <br/><br/><a href='" + link + "'>" + link + "</a> <br/><br/>" +
"If you did not request a password reset, please ignore this email or reply to let us know.<br/><br/> Thank you";
SendEmail(getUser.Email, body, subject);
ViewBag.Message = "Reset password link has been sent to your email id.";
}
else
{
ViewBag.Message = "User doesn't exists.";
return(View());
}
}
return(View());
}
