public virtual ActionResult Login(LoginModel model)
{
if (!ModelState.IsValid)
{
return(CurrentUmbracoPage());
}
if (!Members.Login(model.Username, model.Password))
{
var member = Members.GetByUsername(model.Username);
var viewData = new StoreViewData {
Success = false
};
if (member == null)
{
viewData.Messages = new[] { "Account does not exist for this email address." };
}
else
{
var messages = new List <string>
{
"Login was unsuccessful with the email address and password entered."
};
if (!member.GetPropertyValue <bool>("umbracoMemberApproved"))
{
messages.Add("This account has not been approved.");
}
if (member.GetPropertyValue <bool>("umbracoMemberLockedOut"))
{
messages.Add("This account has been locked due to too many unsucessful login attempts.");
}
viewData.Messages = messages;
}
ViewData["MerchelloViewData"] = viewData;
return(CurrentUmbracoPage());
}
return(model.SuccessRedirectUrl.IsNullOrWhiteSpace() ?
Redirect("/") : Redirect(model.SuccessRedirectUrl));
}
public virtual ActionResult ChangePassword(ChangePasswordModel model)
{
if (!ModelState.IsValid)
{
return(CurrentUmbracoPage());
}
var viewData = new StoreViewData();
if (!((model.Password.Length >= Membership.MinRequiredPasswordLength) &&
(model.Password.ToCharArray().Count(c => !char.IsLetterOrDigit(c)) >= Membership.MinRequiredNonAlphanumericCharacters)))
{
viewData.Success = false;
viewData.Messages = new[] { string.Format("New password invalid. Minimum length {0} characters", Membership.MinRequiredPasswordLength) };
ViewData["MerchelloViewData"] = viewData;
return(CurrentUmbracoPage());
}
// change password seems to have a bug that will allow it to change the password even if the supplied
// old password is wrong!
// so use the login to check the old password as a hack
var currentUser = Membership.GetUser();
if (!Members.Login(currentUser.UserName, model.OldPassword))
{
viewData.Success = false;
viewData.Messages = new[] { "Current password incorrect." };
ViewData["MerchelloViewData"] = viewData;
return(CurrentUmbracoPage());
}
if (!currentUser.ChangePassword(model.OldPassword, model.Password))
{
viewData.Success = false;
viewData.Messages = new[] { "Change password failed. Please try again." };
ViewData["MerchelloViewData"] = viewData;
return(CurrentUmbracoPage());
}
viewData.Success = true;
viewData.Messages = new[] { "Password updated successfully" };
ViewData["MerchelloViewData"] = viewData;
return(CurrentUmbracoPage());
}
public virtual ActionResult ForgotPassword(ForgotPasswordModel model)
{
if (!ModelState.IsValid)
{
return(CurrentUmbracoPage());
}
var viewData = new StoreViewData();
var member = Members.GetByUsername(model.Username);
if (member == null)
{
viewData.Success = false;
viewData.Messages = new[] { "Unknown email address." };
ViewData["MerchelloViewData"] = viewData;
return(CurrentUmbracoPage());
}
var newPassword = Membership.GeneratePassword(Membership.MinRequiredPasswordLength, 0);
var user = Membership.GetUser(model.Username);
user.ChangePassword(newPassword, newPassword);
// assumes you have set the SMTP settings in web.config and supplied a default "from" email
var msg = new MailMessage
{
Subject = string.Format("New Password for {0}", Request.Url.Host),
Body = string.Format("Your new password is: {0}", newPassword),
IsBodyHtml = false
};
msg.To.Add(new MailAddress(model.Username));
using (var smtpClient = new SmtpClient())
{
smtpClient.Send(msg);
}
viewData.Success = true;
viewData.Messages = new[] { "A new password has been emailed to you." };
ViewData["MerchelloViewData"] = viewData;
return(CurrentUmbracoPage());
}
/// <summary>
/// Gets the data of a store by its storeID.
/// </summary>
/// <param name="id">The storeID of a store</param>
/// <returns>The StoreViewData object of the store</returns>
public async Task <StoreViewData> ReadStoreViewDataByIdAsync(int id)
{
StoreViewData storeViewData = null;
// Get the connection inside a using statement to properly dispose/close.
using (var connection = new MySqlConnection(_SQLConnection))
{
// Open the connection.
connection.Open();
// Read store name, latitude/longitude, store description, and google place id of a store whose storeID == id.
var sqlString =
$"SELECT {Constants.StoreDAOStoreNameColumn}, " +
$"{Constants.StoreDAOLatitudeColumn}, {Constants.StoreDAOLongitudeColumn}, " +
$"{Constants.StoreDAOStoreDescriptionColumn}, {Constants.StoreDAOPlaceIdColumn} " +
$"FROM {Constants.StoreDAOTableName} " +
$"WHERE {Constants.StoreDAOStoreIdColumn} = @ID;";
using (var command = new MySqlCommand(sqlString, connection))
using (var dataTable = new DataTable())
{
// Inject argument to query.
command.Parameters.AddWithValue("@ID", id);
var reader = await command.ExecuteReaderAsync().ConfigureAwait(false);
dataTable.Load(reader);
foreach (DataRow row in dataTable.Rows)
{
// Create StoreViewData with retrieved data and id.
storeViewData = new StoreViewData(id,
(string)row[Constants.StoreDAOStoreNameColumn],
(double)row[Constants.StoreDAOLatitudeColumn],
(double)row[Constants.StoreDAOLongitudeColumn],
(string)row[Constants.StoreDAOStoreDescriptionColumn],
(string)row[Constants.StoreDAOPlaceIdColumn]);
}
}
}
return(storeViewData);
}
