private async Task PerformResetPasswordAsync(ResetPasswordData data)
{
bool result = await UserManager.EmailPasswordResetLink(data.NickName, ApplicationAdapter.GetEmailData(this.Request.Host.Host,
EmailTemplate.ResetPasswordLink)).ConfigureAwait(false);
data.EmailSent = result;
}
public async Task <IActionResult> ResetPassword([FromBody] ResetPasswordData data)
{
if (!ModelState.IsValid)
{
return(Unauthorized());
}
var user = await UserManager().FindByEmailAsync(data.Email);
if (user == null)
{
return(Unauthorized());
}
if (!await UserManager().VerifyUserTokenAsync(user, "Default", "ResetPassword", data.Token))
{
return(Unauthorized());
}
// Set a new password for the user
var hasedPassword = PasswordHasher.Hash(data.Password);
user.PasswordHash = hasedPassword.PasswordHash;
user.PasswordSalt = hasedPassword.PasswordSalt;
_context.Admin.Update(user);
_context.SaveChanges();
// Update the SecurityStamp to prevent re-usage of this token
await UserManager().UpdateSecurityStampAsync(user);
return(Ok());
}
public async Task <bool> ResetPassword(ResetPasswordData resetPasswordData)
{
var user = await userManager.FindByEmailAsync(resetPasswordData.Email);
if (user == null)
{
return(true);
}
resetPasswordData.Code = resetPasswordData.Code.Replace(" ", "+");
var result = await userManager.ResetPasswordAsync(user, resetPasswordData.Code, resetPasswordData.Password);
return(result.Succeeded);
}
public async Task <IActionResult> ResetPassword(ResetPasswordData data)
{
if (!ModelState.IsValid)
{
return(View(data));
}
// check if the email address specified is the one registered with the user. If not, redirect to home
var user = await UserGuiHelper.GetUserAsync(data.NickName);
if (string.Compare(user.EmailAddress, data.EmailAddress, StringComparison.OrdinalIgnoreCase) != 0)
{
// not the same, ignore request
return(RedirectToAction("Index", "Home"));
}
await PerformResetPasswordAsync(data);
return(View(data));
}
public IActionResult ResetPassword([FromBody] ResetPasswordData reset_password_data)
{
var item = _context.User.FirstOrDefault(t => t.Username == reset_password_data.Username || t.Email == reset_password_data.Email);
if (item != null && (reset_password_data.Username != null || reset_password_data.Email != null))
{
var session = HttpContext.Get <LoggableEntities>(_context);
var current_User = session == null ? null : session.User;
var current_Admin = session == null ? null : session.Admin;
var allowed_items = ApiTokenValid ? _context.User : (current_User != null ? (from _User in _context.User where _User.Id == current_User.Id
select _User) : _context.User);
if (!allowed_items.Any(i => i.Id == item.Id))
{
return(Unauthorized());
}
var new_password_text = PasswordHasher.RandomPassword;
var apiKey = StaticMailer._mailOptions.MailApiToken;
var client = new SendGridClient(apiKey);
var from = new EmailAddress(StaticMailer._mailOptions.MailFrom);
var subject = "User password reset request.";
var to = new EmailAddress(item.Email);
var plainTextContent = $"Your User password has been reset. Your new username and password combination is \n\nUsername: {item.Username}\nPassword: {new_password_text}\n";
var htmlContent = $"Your User password has been reset. Your new username and password combination is <br />Username: {item.Username}<br />Password: {new_password_text}<br />";
var msg = MailHelper.CreateSingleEmail(from, to, subject, plainTextContent, htmlContent);
var response = client.SendEmailAsync(msg).Result;
var new_password = PasswordHasher.Hash(new_password_text);
item.PasswordHash = new_password.PasswordHash;
item.PasswordSalt = new_password.PasswordSalt;
_context.User.Update(item);
_context.SaveChanges();
// HttpContext.Logout(_context);
return(Ok());
}
return(Unauthorized());
}
public async Task <ApiResult> ResetPasswordAsync(ResetPasswordData resetPasswordData)
{
var result = default(ApiResult);
var email = resetPasswordData.Email;
var token = resetPasswordData.Token;
var password = resetPasswordData.Password;
var user = await userManager.FindByEmailAsync(email);
if (user == null)
{
var message = "User not found";
var loggerMessage = $"User {email} not found";
var errors = new string[] { };
result = ApiResult.GetErrorResult(ApiResultStatus.NotFound, loggerMessage, message, errors);
}
else
{
var resetResult = await userManager.ResetPasswordAsync(user, token, password);
if (resetResult.Succeeded)
{
var message = "Password was reseted. Use your new password to sign in";
result = ApiResult.GetOkResult(ApiResultStatus.Ok, message: message);
}
else
{
var message = "Password reset error";
var loggerMessage = $"{message} for {email}";
var errors = GetIdentityErrors(resetResult.Errors);
result = ApiResult.GetErrorResult(ApiResultStatus.BadRequest, loggerMessage, message, errors);
}
}
return(result);
}
public async Task <IActionResult> ResetPassword([FromBody] ResetPasswordData resetPasswordData)
{
var result = await accountService.ResetPasswordAsync(resetPasswordData);
return(this.GetActionResult(result, logger));
}