public static Boolean VerifyPasswordResetToken(AccountViewModel_VerifyPasswordResetToken view, string ConnectionString, SecurityLogic security)
{
//Checks if a TOken GUID was provided
if (view.TokenID == null)
{
view.Errors.Add("Invalid Reset TokenID");
}
if (view.TokenKey == null)
{
view.Errors.Add("Invalid Reset TokenKey");
}
if (view.Errors.Count > 0)
{
return(false);
}
//Gets salt for token if available
if (AccountDataAccess.VerifyPasswordResetToken_GetSalt(view, ConnectionString))
{
//Get Salt Validations
if (view.Errors.Count > 0)
{
return(false);
}
if (view.TokenSalt == null)
{
view.Errors.Add("Invalid Reset Token");
return(false);
}
//Verifies whether a valid token existed
if (AccountDataAccess.VerifyPasswordResetToken(view, ConnectionString, security))
{
//Verify Salt Validations
if (view.Errors.Count > 0)
{
return(false);
}
if (view.AccountID == null || view.AccountID <= 0)
{
view.Errors.Add("Invalid Reset Token");
return(false);
}
return(true);
}
}
return(false);
}
public static Boolean VerifyPasswordResetToken_GetSalt(AccountViewModel_VerifyPasswordResetToken view, string ConnectionString)
{
try
{
DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_GetPasswordResetSalt");
dataAccess.SetParamater_Input("@GUID", view.TokenID, SqlDbType.VarChar, 100);
dataAccess.SetParamater_Output("@outSalt", SqlDbType.VarChar, 100);
dataAccess.ExecuteNonQuery();
view.TokenSalt = (string)(dataAccess.GetParamater("@outSalt"));
return(true);
}
catch (Exception ex)
{
view.Errors.Add(ex.Message);
return(false);
}
}
public static Boolean VerifyPasswordResetToken(AccountViewModel_VerifyPasswordResetToken view, string ConnectionString, SecurityLogic security)
{
try
{
DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_VerifyPasswordResetToken");
dataAccess.SetParamater_Input("@TokenID", view.TokenID, SqlDbType.VarChar, 100);
dataAccess.SetParamater_Input("@TokenKey", security.GenerateSaltedHash(view.TokenKey, Encoding.ASCII.GetBytes(view.TokenSalt)), SqlDbType.VarChar, 100);
dataAccess.SetParamater_Output("@outAccountID", SqlDbType.Int);
dataAccess.ExecuteNonQuery();
view.AccountID = (int?)(dataAccess.GetParamater("@outAccountID"));
return(true);
}
catch (Exception ex)
{
view.Errors.Add(ex.Message);
return(false);
}
}
public static Boolean ResetPassword(AccountViewModel_ResetPassword resetPasswordView, AccountViewModel_VerifyPasswordResetToken verifyTokenView, string ConnectionString, SecurityLogic security)
{
//Checks if a valid password was provided
if (resetPasswordView.password == null || resetPasswordView.password == "")
{
resetPasswordView.Errors.Add("Please Provide a Password");
}
if (resetPasswordView.Errors.Count > 0)
{
return(false);
}
//Checks for a valid Reset Password Token (AccountID > 0 signifies a successful VerifyPasswordResetToken Execution)
if (verifyTokenView.AccountID > 0 || verifyTokenView.Errors.Count() == 0)
{
//Generates a Salt and Resets the Password
resetPasswordView.passwordSalt = security.GenerateSalt();
if (AccountDataAccess.ResetPassword(resetPasswordView, verifyTokenView, ConnectionString, security))
{
//Post Validation Checks
if (resetPasswordView.AccountID == null)
{
return(false);
}
if (resetPasswordView.AccountID <= 0)
{
return(false);
}
if (resetPasswordView.Errors.Count > 0)
{
return(false);
}
return(true);
}
}
return(false);
}
