Example #1
0
        public ActionResult ChangeGeneratedPassword(Person person, string returnUrl)
        {
            person.Error = string.Empty;

            var passwordManager = new PasswordManager();
            var changePassword  = passwordManager.ChangePassword(person);

            if (changePassword.Item1)
            {
                var service = new DomainService();

                person = service.GetEntity <HospitalManagementSystemContext, Person>(person.UserName, null);
                person.PasswordChanged = true;
                service.SaveEntity <HospitalManagementSystemContext, Person>(person, UserId, null);

                FormsAuthentication.SetAuthCookie(person.UserName, false);

                if (!string.IsNullOrWhiteSpace(returnUrl))
                {
                    return(Redirect(returnUrl));
                }

                return(RedirectToAction("Profile", "Account"));
            }

            person.Error = changePassword.Item2;
            return(View(person));
        }
        public ActionResult ResetPassword(ResetPasswordModel model)
        {
            if (ModelState.IsValid)
            {
                //get the user to reset the password for
                using (var userContext = new PEMRBACEntities())
                {
                    var user = userContext.Memberships.SingleOrDefault(u => u.PasswordVerificationToken == model.Token);
                    if (user != null && user.PasswordVerificationTokenExpirationDate != null)
                    {
                        DateTime expiration = ((DateTime)user.PasswordVerificationTokenExpirationDate).ToLocalTime();
                        if (DateTime.Now > expiration)
                        {
                            // token expired
                            ModelState.AddModelError("", "This token has expired. You must complete the reset password process within 10 minutes.");
                            var newModel = new ResetPasswordModel {
                                Expired = false
                            };
                            return(View(newModel));
                        }
                        else
                        {
                            // token is valid, reset their password
                            var passwordManager = new PasswordManager(user.UserProfile.UserName);
                            var returnValue     = passwordManager.ChangePassword(model.NewPassword, model.Token);

                            if (returnValue != PasswordManager.ChangeResult.Ok)
                            {
                                ModelState.AddModelError("", passwordManager.LastError);
                                return(View(model));
                            }
                            //return ContactSupport(passwordManager.LastError);


                            return(ReturnLoginRedirectView("Your password has been reset.", "Password Reset - Success"));
                        }
                    }
                    else
                    {
                        // no user exists with this token
                        return(SendToLoginPage());
                    }
                }
            }

            // If we got this far, something failed. redisplay form
            return(View(model));
        }
Example #3
0
        public ActionResult ChangePassword(Person person)
        {
            person.Error = string.Empty;
            person.SetMembership(Membership.GetUser());

            var passwordManager = new PasswordManager();
            var changePassword  = passwordManager.ChangePassword(person);

            if (changePassword.Item1)
            {
                return(RedirectToAction("Profile", "Account"));
            }

            person.Error = changePassword.Item2;
            return(View(person));
        }
Example #4
0
        /// <summary>
        /// Changes user password if the current password is verified to be correct
        /// </summary>
        /// <param name="newPassword">New password</param>
        /// <returns>True if user password is changed successfully</returns>
        /// <remarks>Set logon name, password of the ZentityUser object to correct values and then call this method.</remarks>
        /// <exception cref="System.ArgumentException">Thrown when this method is called without first setting the 
        /// logon name and password of the ZentityUser object.</exception>
        /// <exception cref="Zentity.Security.Authentication.AuthenticationException">Thrown when new password does not conform to password policy.</exception>
        /// <example>
        /// <code>
        /// try
        ///    {
        ///        //For changing password create an instance of ZentityUser and set logon name and password.
        ///        //Then call ChangePassword method with new password as the parameter.
        ///        ZentityUser user = new ZentityUser { LogOnName = &quot;john&quot; };
        ///        user.SetPassword(&quot;john@123&quot;); //In case of UI accepting user inputs this call would be something like user.SetPassword(passwordBox1.Password);
        ///        bool isPasswordChanged = user.ChangePassword(&quot;john!@#4&quot;);
        ///        if (isPasswordChanged)
        ///        {
        ///            Console.WriteLine(&quot;Password changed&quot;);
        ///        }
        ///        else
        ///        {
        ///            Console.WriteLine(&quot;Errors while changing password. Please verify whether the logon name and current password are correct.&quot;);
        ///        }
        ///    }
        ///    catch (AuthenticationException ex)
        ///    {
        ///        //AuthenticationException may be thrown in case of database errors, or if new password does not conform to password policy.
        ///        Console.WriteLine(ex.Message);
        ///        //In case of database errors the AuthenticationException object will wrap the sql exception. 
        ///        if (ex.InnerException != null)
        ///        {
        ///            Console.WriteLine(ex.InnerException.Message);
        ///        }
        ///    }
        ///
        /// </code>
        /// </example>
        public bool ChangePassword(string newPassword)
        {
            #region Validations
            ValidateParameters("newPassword", newPassword);
            #endregion

            if (PasswordPolicyProvider.CheckPolicyConformance(newPassword))
            {
                bool success = PasswordManager.ChangePassword(this.LogOnName, this.Password, newPassword);
                return success;
            }
            else
            {
                throw new AuthenticationException(ConstantStrings.PolicyConformanceExceptionMessage);
            }
        }
Example #5
0
        protected ActionResult ResetPassword(ProfileModel model)
        {
            // If we got this far, something failed, redisplay form
            TryValidateModel(model.Password);
            model.Groups = GetGroups(model.Username);
            if (ModelState.IsValid)
            {
                // check to make sure the passwords have values
                if (string.IsNullOrEmpty(model.Password.NewPassword) ||
                    string.IsNullOrEmpty(model.Password.ConfirmPassword))
                {
                    ModelState.AddModelError("Password",
                                             (new ResourceFactory()).GetLocalizedTitle(
                                                 ResourceTypes.ErrorMessage,
                                                 "Password must be set"));
                    return(View(model));
                }

                //force the pw reset as admin, ignore pw reset rules, etc.
                try
                {
                    var pwMGr = new PasswordManager(model.Username);
                    pwMGr.ChangePassword(model.Password.NewPassword, true);
                    // send them back to the user listing page.
                    ModelState.AddModelError(Constants.ViewData.ModelStateStatusKey, (new ResourceFactory()).GetLocalizedTitle(ResourceTypes.StatusMessage, "Password Changed Successfully"));
                    return(Edit(model.Username));
                }
                catch (Exception e)
                {
                    ModelState.AddModelError("", "Could not reset users password.");
                }
            }

            //otherwise, rol lthoreugh and add the errors
            List <string> errorsToAdd = ModelState.Values.SelectMany(modelValue => modelValue.Errors).Select(modelError => modelError.ErrorMessage).ToList();

            foreach (var error in errorsToAdd)
            {
                ModelState.AddModelError("Password", (new ResourceFactory()).GetLocalizedTitle(ResourceTypes.ErrorMessage, error));
            }


            return(View("Edit", model));
        }
Example #6
0
        private object OnChangePassword(object message)
        {
            var packet = ( ChangePasswordMessage )message;
            var ret    = new OperationResult();

            if (!this.CheckSession(packet.SessionKey))
            {
                ret.Value = false;
                return(ret);
            }

            if (!this.IsPasswordCorrect(packet.OldPassword))
            {
                ret.Value = false;
                return(ret);
            }

            if (!this.IsPasswordCorrect(packet.NewPassword))
            {
                ret.Value = false;
                return(ret);
            }

            PasswordManager passwordManager = new PasswordManager();

            string oldPassword = HashManager.Sha256(packet.OldPassword);

            bool result = passwordManager.CheckPassword(oldPassword);

            if (result)
            {
                string newPassword = HashManager.Sha256(packet.NewPassword);
                result = passwordManager.ChangePassword(oldPassword, newPassword);
            }

            ret.Value = result;
            return(ret);
        }
        private ActionResult ResetPassword(ProfileModel model)
        {
            TryValidateModel(model.Password);
            if (ModelState.IsValid)
            {
                // check to make sure the passwords have values
                if (string.IsNullOrEmpty(model.Password.NewPassword) ||
                    string.IsNullOrEmpty(model.Password.ConfirmPassword))
                {
                    ModelState.AddModelError("Password",
                                             (new ResourceFactory()).GetLocalizedTitle(
                                                 ResourceTypes.ErrorMessage,
                                                 "Password must be set"));
                    return(View(model));
                }
                // Did password change?
                var passwordManager = new PasswordManager(User.Identity.Name);
                //if we are forcing a password change, we need to force the change, update their status to say they dont have it required anymore, then log them out and force another login
                if (model.PasswordResetRequired)
                {
                    var returnValue = passwordManager.ChangePassword(model.Password.NewPassword, false);
                    if (returnValue != PasswordManager.ChangeResult.Ok)
                    {
                        ModelState.AddModelError("Password", passwordManager.LastError);
                        return(View(model));
                    }
                    // If here and password reset was required then clear the flag for the user.
                    var uMgr = new UserFactory();
                    uMgr.UpdateUserPasswordReset(User.Identity.Name, false);

                    // Log out.
                    Logout();
                    // Send user to login page
                    return(SendToLoginPage());
                }
                else
                {
                    //otherwise, follow the regular PW reset rules
                    PasswordManager.ChangeResult returnValue = passwordManager.ChangePassword(model.Password.NewPassword);
                    if (returnValue != PasswordManager.ChangeResult.Ok)
                    {
                        ModelState.AddModelError("Password", passwordManager.LastError);
                        return(View(model));
                    }
                }


                //if we made it here, then the password was reset successfully. clear all the other model errors and add the status message
                ModelState.AddModelError(Constants.ViewData.ModelStateStatusKey,
                                         (new ResourceFactory()).GetLocalizedTitle(
                                             ResourceTypes.StatusMessage,
                                             "Password Change Successful"));

                return(View(model));
            }

            //if we got here, something is wrong
            //if they are required to change their password, tell them
            if (model.PasswordResetRequired)
            {
                ModelState.AddModelError(Constants.ViewData.ModelStateStatusKey,
                                         (new ResourceFactory()).GetLocalizedTitle(ResourceTypes.StatusMessage,
                                                                                   "Password Change Required"));
            }

            //otherwise, rol lthoreugh and add the errors
            List <string> errorsToAdd = ModelState.Values.SelectMany(modelValue => modelValue.Errors).Select(modelError => modelError.ErrorMessage).ToList();

            foreach (var error in errorsToAdd)
            {
                ModelState.AddModelError("Password", (new ResourceFactory()).GetLocalizedTitle(ResourceTypes.ErrorMessage, error));
            }

            return(View("Edit", model));
        }