public async Task <SmartJsonResult <bool> > ForgotPassword([FromBody] ForgotApiModel model)
{
if (!ModelState.IsValid)
{
return(SmartJsonResult <bool> .Failure(GetModelStateErrors(ModelState)));
}
var changePasswordTokenResult = await _userService.GetPasswordChangeTokenAsync(model.Email);
var changePasswordUrl = $"{Url.Action("RedirectFromToken", "Token", null, "http")}?id={changePasswordTokenResult.SecondResult}";
await _messageService.SendMessageAsync(EmailType.ResetPassword, changePasswordTokenResult.Result, GetAppBaseUrl(),
new Dictionary <string, string> {
{ "ChangePasswordLink", changePasswordUrl }
});
return(changePasswordTokenResult.IsValid
? SmartJsonResult <bool> .Success(true)
: SmartJsonResult <bool> .Failure(changePasswordTokenResult.ValidationErrors));
}
public async Task <DataAccess.CustomModels.ForgotModel> ForgotPassword(ForgotApiModel model, HttpRequestMessage request)
{
var objModel = new DataAccess.CustomModels.ForgotModel {
Email = model.Email
};
if (!request.IsValidClient())
{
var resp = new HttpResponseMessage(HttpStatusCode.BadRequest)
{
Content = new StringContent("Unauthorized, Client is not valid"),
ReasonPhrase = "Bad Request"
};
throw new HttpResponseException(resp);
}
if (model.Role.ToLower() == "patient" || model.Role.ToLower() == "doctor")
{
try
{
if (ModelState.IsValid)
{
var user = await UserManager.FindByNameAsync(model.Email);
if (user == null)
{
// Don't reveal that the user does not exist or is not confirmed
var resp = new HttpResponseMessage(HttpStatusCode.NotFound)
{
Content = new StringContent("user is not exist with this email address or email is not confirmed"),
ReasonPhrase = "Not Confirmed"
};
throw new HttpResponseException(resp);
}
SwiftKareDBEntities db = new SwiftKareDBEntities();
Random rnd = new Random();
int caseSwitch = rnd.Next(1, 4);
if (model.Role.ToLower() == "doctor")
{
Doctor doctor = db.Doctors.SingleOrDefault(o => o.userId == user.Id);
switch (caseSwitch)
{
case 1:
objModel.SecretQuestion = doctor.secretQuestion1;
objModel.SecretAnswer = doctor.secretAnswer1;
break;
case 2:
objModel.SecretQuestion = doctor.secretQuestion2;
objModel.SecretAnswer = doctor.secretAnswer2;
break;
default:
objModel.SecretQuestion = doctor.secretQuestion3;
objModel.SecretAnswer = doctor.secretAnswer3;
break;
}
}
else if (model.Role.ToLower() == "patient")
{
Patient patient = db.Patients.SingleOrDefault(o => o.userId == user.Id);
switch (caseSwitch)
{
case 1:
objModel.SecretQuestion = patient.secretQuestion1;
objModel.SecretAnswer = patient.secretAnswer1;
break;
case 2:
objModel.SecretQuestion = patient.secretQuestion2;
objModel.SecretAnswer = patient.secretAnswer2;
break;
default:
objModel.SecretQuestion = patient.secretQuestion3;
objModel.SecretAnswer = patient.secretAnswer3;
break;
}
}
else
{
var resp = new HttpResponseMessage(HttpStatusCode.NotImplemented)
{
Content = new StringContent("Role is undefined"),
ReasonPhrase = "Undefined Role"
};
throw new HttpResponseException(resp);
}
// var code = await UserManager.GeneratePasswordResetTokenAsync(user.Id);
// return code;
}
// If we got this far, something failed, redisplay form
//return "";
}
catch (Exception)
{
throw new HttpResponseException(new HttpResponseMessage(HttpStatusCode.InternalServerError)
{
Content = new StringContent("An error occurred while posting in api/account/ForgotPassword, please try again or contact the administrator."),
ReasonPhrase = "Critical Exception"
});
}
}
else
{
var resp = new HttpResponseMessage(HttpStatusCode.NotImplemented)
{
Content = new StringContent("Role is undefined"),
ReasonPhrase = "Undefined Role"
};
throw new HttpResponseException(resp);
}
return(objModel);
}
