public ActionResult ResetPassword(AHP.Core.DTO.ExternalUserInfo userInfo) { //email template needs these details {CopyrightYear}{ServerUrl}{RandomPassword}{Username} //should check email address and also reset his password and also force change pwd on first logon GenericAjaxResponse <bool> response = new GenericAjaxResponse <bool>(); try { if (string.IsNullOrEmpty(userInfo.Username)) { response.Success = false; response.Errors.Add("Username is required"); return(Json(response)); } if (string.IsNullOrEmpty(userInfo.Email)) { response.Success = false; response.Errors.Add("Email is required"); return(Json(response)); } //reset password from admin will always force user to set new password on logon response = _restClient.ResetPassword(userInfo.Username, userInfo.Email, true); if (response == null) { response = new GenericAjaxResponse <bool>(); response.Success = false; response.Errors.Add("An error occurred. Please try again."); } } catch (Exception ex) { _logger.Error("Error occurred resetting user password", ex); response.Success = false; response.Errors.Add("Error occurred. Please try again"); } return(Json(response)); }
public ActionResult AnswerSecurityQuestions(ViewModel.UserQuestionsViewmodel securityQuestions, string username) { try { if (string.IsNullOrEmpty(username)) { return(RedirectToAction("ResetPassword", "AccountRecovery", routeValues: new { id = "user-does-not-exist" })); } ViewBag.Username = username; if (!ModelState.IsValid) { if (securityQuestions == null) { return(RedirectToAction("ResetPassword", "AccountRecovery", routeValues: new { id = "invalid-user-input" })); } else { securityQuestions.SecurityQuestions = new List <string>(); //Get security questions for the user. GenericAjaxResponse <List <AHP.Core.DTO.UserSecurityOption> > apiResponse = _restClient.GetSecurityQuestionsForUser(username); //only two questions need to be present and user should also be present if (apiResponse.Success && apiResponse.Data != null && apiResponse.Data.Count == 3) { securityQuestions.SecurityQuestions.AddRange(apiResponse.Data.Select(ques => ques.Question)); } else { ModelState.AddModelError(string.Empty, apiResponse.Errors[0]); } return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions)); } } List <AHP.Core.DTO.UserSecurityOption> usrSecurityQuestions = new List <Core.DTO.UserSecurityOption>(); usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption() { Answer = securityQuestions.PrimaryProvidedAnswer, Question = securityQuestions.PrimarySelectedQuestion }); usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption() { Answer = securityQuestions.SecondaryProvidedAnswer, Question = securityQuestions.SecondarySelectedQuestion }); usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption() { Answer = securityQuestions.ThirdProvidedAnswer, Question = securityQuestions.ThirdSelectedQuestion }); GenericAjaxResponse <bool> resetPwdResponse = _restClient.ResetPassword(username, usrSecurityQuestions); if (resetPwdResponse.Success && resetPwdResponse.Data) { return(View("~/Views/AccountRecovery/PasswordResetSuccess.cshtml")); } string errMessage = resetPwdResponse.Errors[0]; if (!string.IsNullOrEmpty(errMessage)) { errMessage = errMessage.Replace("<<click here>>", "<a href='" + Url.Action("ResetPassword", "AccountRecovery") + "' title='reset password'>click here</a>") + " to try resetting your password again. <br/> <strong>Note:</strong> If you do not remember the answers to your security questions please contact ActiveHealth Management support at (800) 491 - 3464."; } ModelState.AddModelError(string.Empty, errMessage); securityQuestions.SecurityQuestions = new List <string>(); return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions)); } catch (Exception ex) { _logger.Error("An error occurred validating answers to security questions.", ex); ModelState.AddModelError(string.Empty, "An error occurred validating security answers"); } return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions)); }