public async Task <SmartJsonResult <bool> > ForgotPassword([FromBody] ForgotApiModel model) { if (!ModelState.IsValid) { return(SmartJsonResult <bool> .Failure(GetModelStateErrors(ModelState))); } var changePasswordTokenResult = await _userService.GetPasswordChangeTokenAsync(model.Email); var changePasswordUrl = $"{Url.Action("RedirectFromToken", "Token", null, "http")}?id={changePasswordTokenResult.SecondResult}"; await _messageService.SendMessageAsync(EmailType.ResetPassword, changePasswordTokenResult.Result, GetAppBaseUrl(), new Dictionary <string, string> { { "ChangePasswordLink", changePasswordUrl } }); return(changePasswordTokenResult.IsValid ? SmartJsonResult <bool> .Success(true) : SmartJsonResult <bool> .Failure(changePasswordTokenResult.ValidationErrors)); }
public async Task <DataAccess.CustomModels.ForgotModel> ForgotPassword(ForgotApiModel model, HttpRequestMessage request) { var objModel = new DataAccess.CustomModels.ForgotModel { Email = model.Email }; if (!request.IsValidClient()) { var resp = new HttpResponseMessage(HttpStatusCode.BadRequest) { Content = new StringContent("Unauthorized, Client is not valid"), ReasonPhrase = "Bad Request" }; throw new HttpResponseException(resp); } if (model.Role.ToLower() == "patient" || model.Role.ToLower() == "doctor") { try { if (ModelState.IsValid) { var user = await UserManager.FindByNameAsync(model.Email); if (user == null) { // Don't reveal that the user does not exist or is not confirmed var resp = new HttpResponseMessage(HttpStatusCode.NotFound) { Content = new StringContent("user is not exist with this email address or email is not confirmed"), ReasonPhrase = "Not Confirmed" }; throw new HttpResponseException(resp); } SwiftKareDBEntities db = new SwiftKareDBEntities(); Random rnd = new Random(); int caseSwitch = rnd.Next(1, 4); if (model.Role.ToLower() == "doctor") { Doctor doctor = db.Doctors.SingleOrDefault(o => o.userId == user.Id); switch (caseSwitch) { case 1: objModel.SecretQuestion = doctor.secretQuestion1; objModel.SecretAnswer = doctor.secretAnswer1; break; case 2: objModel.SecretQuestion = doctor.secretQuestion2; objModel.SecretAnswer = doctor.secretAnswer2; break; default: objModel.SecretQuestion = doctor.secretQuestion3; objModel.SecretAnswer = doctor.secretAnswer3; break; } } else if (model.Role.ToLower() == "patient") { Patient patient = db.Patients.SingleOrDefault(o => o.userId == user.Id); switch (caseSwitch) { case 1: objModel.SecretQuestion = patient.secretQuestion1; objModel.SecretAnswer = patient.secretAnswer1; break; case 2: objModel.SecretQuestion = patient.secretQuestion2; objModel.SecretAnswer = patient.secretAnswer2; break; default: objModel.SecretQuestion = patient.secretQuestion3; objModel.SecretAnswer = patient.secretAnswer3; break; } } else { var resp = new HttpResponseMessage(HttpStatusCode.NotImplemented) { Content = new StringContent("Role is undefined"), ReasonPhrase = "Undefined Role" }; throw new HttpResponseException(resp); } // var code = await UserManager.GeneratePasswordResetTokenAsync(user.Id); // return code; } // If we got this far, something failed, redisplay form //return ""; } catch (Exception) { throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError) { Content = new StringContent("An error occurred while posting in api/account/ForgotPassword, please try again or contact the administrator."), ReasonPhrase = "Critical Exception" }); } } else { var resp = new HttpResponseMessage(HttpStatusCode.NotImplemented) { Content = new StringContent("Role is undefined"), ReasonPhrase = "Undefined Role" }; throw new HttpResponseException(resp); } return(objModel); }