public async Task <ActionResult> RecuperarSenha(RecoverPassword model)
{
if (!model.Senha.Equals(model.ConfirmarSenha))
{
ViewBag.Error = "Senhas não conferem";
return(View("Error"));
}
var data = new Dictionary <string, string> {
{ "Email", model.Email },
{ "Password", model.Senha },
{ "ConfirmPassword", model.ConfirmarSenha }
};
using (var client = new HttpClient()) {
client.BaseAddress = new Uri(BaseUrl.URL);
using (var requestContent = new FormUrlEncodedContent(data)) {
var response = await client.PostAsync("/api/Account/change", requestContent);
if (response.IsSuccessStatusCode)
{
return(RedirectToAction("Login", "Account"));
}
return(View("Error"));
}
}
}
public ActionResult RecoverPassword()
{
var passwordResetToken = Request["PasswordResetToken"] ?? "";
using (var context = new SEContext())
{
var user = context.User.Include("SecurityQuestionLookupItem").Where(u => u.PasswordResetToken == passwordResetToken && u.PasswordResetExpiry > DateTime.Now).FirstOrDefault();
if (user == null)
{
HandleErrorInfo error = new HandleErrorInfo(new ArgumentException("INFO: The password recovery token is not valid or has expired"), "Account", "RecoverPassword");
return(View("Error", error));
}
if (user.Enabled == false)
{
HandleErrorInfo error = new HandleErrorInfo(new InvalidOperationException("INFO: Your account is not currently approved or active"), "Account", "Recover");
return(View("Error", error));
}
RecoverPassword recoverPasswordModel = new RecoverPassword()
{
Id = user.Id,
SecurityAnswer = "",
SecurityQuestion = user.SecurityQuestionLookupItem.Description,
PasswordResetToken = passwordResetToken,
UserName = user.UserName
};
return(View("RecoverPassword", recoverPasswordModel));
}
}
public async Task <IActionResult> RecoveryPassword([FromBody] RecoverPassword userRec)
{
try
{
var user = await _userManager.FindByEmailAsync(userRec.Email);
if (user == null)
{
return(BadRequest(new { message = "The selected email doesn't exist" }));
}
var code = await _userManager.ResetPasswordAsync(user, userRec.code, userRec.NewPassword);
if (code.Succeeded)
{
var response = new HttpResponseMessage(HttpStatusCode.OK);
response.Content = new StringContent("Password successfully updated");
return(Ok(response));
}
foreach (var err in code.Errors)
{
if (err.Code.Equals("InvalidToken"))
{
return(BadRequest(new { message = "Invalid Token" }));
}
}
return(BadRequest(new { message = code.Errors }));
}
catch (Exception e)
{
var ex = e;
return(BadRequest());
}
}
public long RecoverPassword(RecoverPassword recoverEmail)
{
LogBook.LogBook.TextLog.Info(string.Format("EMail {0}", recoverEmail.recoverEmail));
var repository = new INSecurityImplementation();
var result = repository.RecoverPassword(recoverEmail.recoverEmail, Request.RequestUri.GetLeftPart(UriPartial.Authority));
return(string.IsNullOrEmpty(result) ? (long)0 : (long)1);
}
public async Task <ActionResult> RecoverPassword(RecoverPassword recoverPasswordModel)
{
using (var context = new SEContext())
{
var user = context.User.Where(u => u.Id == recoverPasswordModel.Id).FirstOrDefault();
if (user == null)
{
HandleErrorInfo error = new HandleErrorInfo(new Exception("INFO: The user is not valid"), "Account", "RecoverPassword");
return(View("Error", error));
}
if (!(user.Enabled))
{
HandleErrorInfo error = new HandleErrorInfo(new Exception("INFO: Your account is not currently approved or active"), "Account", "Recover");
return(View("Error", error));
}
if (user.SecurityAnswer != recoverPasswordModel.SecurityAnswer)
{
ModelState.AddModelError("SecurityAnswer", "The security answer is incorrect");
return(View("RecoverPassword", recoverPasswordModel));
}
if (recoverPasswordModel.Password != recoverPasswordModel.ConfirmPassword)
{
ModelState.AddModelError("ConfirmPassword", "The passwords do not match");
return(View("RecoverPassword", recoverPasswordModel));
}
var recaptchaSuccess = ValidateRecaptcha();
if (ModelState.IsValid && recaptchaSuccess)
{
var result = await UserManager.ChangePasswordFromTokenAsync(user.Id, recoverPasswordModel.PasswordResetToken, recoverPasswordModel.Password);
if (result.Succeeded)
{
context.SaveChanges();
await UserManager.SignInAsync(user.UserName, false);
return(View("RecoverPasswordSuccess"));
}
else
{
AddErrors(result);
return(View("RecoverPassword", recoverPasswordModel));
}
}
else
{
ModelState.AddModelError("", "Password change was not successful");
return(View("RecoverPassword", recoverPasswordModel));
}
}
}
public bool CheckRecoverPassword(RecoverPassword recoverPassword)
{
var item = _usuarioInfrastructure.GetByMail(recoverPassword.Email);
if (item == null)
{
return(false);
}
var tokens = _usuarioInfrastructure.GetTokenValid(item.Id);
if (!tokens.Contains(recoverPassword.Token))
{
return(false);
}
_usuarioInfrastructure.ChangePassword(item.UserName, recoverPassword.Password);
return(true);
}
public bool ResetPassword(string email, out string message)
{
var result = false;
message = string.Empty;
try
{
using (var context = new BankingContext())
{
var user = context.Users.FirstOrDefault(a => a.UserName.ToLower() == email.ToLower());
if (user != null)
{
var bytes = Encoding.UTF8.GetBytes(email + "!" + DateTime.Now.ToString());
var code = Convert.ToBase64String(bytes);
var body = $@"<h3>Dear Customer, </h3><p>Please click on the link below for your password reset.</p><br/>
<p><a href='https://localhost:44376/account/resetpassword?g={code}'>Reset</a></p>";
var passwordRecord = new RecoverPassword
{
ExpiryTime = DateTime.Now.AddMinutes(15),
RecoveryCode = code,
UserId = user.Id
};
EmailService.SendEmail(email, "Password Recovery", body, true);
context.RecoverPasswords.Add(passwordRecord);
context.SaveChanges();
message = $"Recovery mail successfully sent to {email}";
}
else
{
message = "User with supplied email address not found";
}
}
}
catch (Exception ex)
{
message = ex.Message;
}
return(result);
}
public async Task <string> TryToSendEmailRecovery(string username)
{
var userExists = UserManager.FindByName(username);
if (userExists == null)
{
return(String.Empty);
}
var valid = ConfigurationManager.AppSettings["ValidPreregistrationDays"] ?? "5";
var validUntil = DateTime.UtcNow.AddDays(Convert.ToInt32(valid));
var token = Guid.NewGuid().ToString().Replace("-", "");
var recoverPassword = new RecoverPassword
{
UserName = username,
ValidUntil = validUntil,
Token = token,
Activated = false
};
await _recoverPasswordRepository.AddAsync(recoverPassword);
var templateDictionary = new Dictionary <string, string>
{
{
"TOKEN",
$"{ConfigurationManager.AppSettings["WebRoute"]}/login/recoverpassword?token={token}"
},
{
"NAME",
username
}
};
const string lang = "en-US";
await _emailServices.SendEmail(userExists.Email, "TechTrackerX Recover Password", "RecoverPassword", templateDictionary, lang);
return(token);
}
public Operation PasswordResetUpdate(RecoverPassword model)
{
return(Operation.Create(() =>
{
if (model == null)
{
throw new Exception("Password recover cannot be empty");
}
model.Validate();
var user = _db.Users.FirstOrDefault(c => c.PasswordResetCode == model.Code);
if (user == null)
{
throw new Exception("User code does not exist");
}
double code_in_minute = double.Parse(config["System:passwordResetCodeMinute"]);
if (user.PasswordResetDate.Subtract(DateTime.Now).Minutes > code_in_minute)
{
throw new Exception("Password reset code has expires, please request for a new reset code");
}
if (model.Password != model.ConfirmPassword)
{
throw new Exception("Password must be equal confirm password");
}
user.Password = EncryptPassword(model.Password, user.Salt);
user.ModifiedDate = DateTime.UtcNow;
_db.Users.Update(user);
_db.SaveChanges();
}));
}
public async Task <IActionResult> Post([FromBody] RecoverPassword command)
{
await DispatchAsync(command);
return(Ok());
}
public IActionResult UpdatePassword([FromBody] RecoverPassword model)
{
var op = _repo.PasswordResetUpdate(model);
return(Ok(op));
}
private void linkLabel1_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
{
RecoverPassword recForm = new RecoverPassword();
recForm.ShowDialog();
}
