public async Task <IActionResult> ForgotPassword(ForgotPasswordRequest forgotPassword)
{
if (forgotPassword.Email == null)
{
return(NotFound("Enter valid email"));
}
ResetPasswordResult authResult = await _identityService.ForgotPassword(forgotPassword.Email);
if (authResult.Success)
{
string callback = /*Url.Action("ResetPassword", "Identity", new {*/ authResult.Token /*, authResult.Email })*/;
Email email = new Email(authResult.Email, "Password reset", callback);
await _emailEmmiter.SendResetEmail(email);
return(Ok());
}
else
{
if (authResult.Errors.Count() > 1)
{
return(BadRequest(new AuthenticationFailedResponse
{
Errors = authResult.Errors
}));
}
else
{
return(BadRequest(authResult.Errors.ToList()[0]));
}
}
}
public ResetPasswordResult GetMsgFromResetPWDActionResult(ResetPasswordResult result)
{
try
{
if (result.ErrorCode == "0" && String.IsNullOrEmpty(result.ErrorMessage))
{
result.ErrorMessage = MessageListResource.I0004;
}
else if (result.ErrorCode == "0")
{
result.ErrorMessage = String.Format(MessageListResource.I0005, result.ErrorMessage);
}
else if (result.ErrorCode == "1")
{
result.ErrorMessage = MessageListResource.W0002;
}
else if (result.ErrorCode == "9")
{
result.ErrorMessage = String.Format(MessageListResource.E0003, "delete", result.ErrorMessage);
}
return(result);
}
catch (Exception ex)
{
throw ex;
}
}
public ActionResult ResetPassword(string[] EmpCode)
{
try
{
string empCodeXML = ConvertToXml_Store(EmpCode, "EmpCode");
ResetPasswordResult result = MasterService.ResetPassword(empCodeXML, UserDetail.UserID);
return(Content(JsonConvert.SerializeObject(GetMsgFromResetPWDActionResult(result)), ConstantValues.JSON_CONTENT_TYPE));
}
catch (Exception ex)
{
throw ex;
}
}
public IActionResult ResetPassword(ResetPasswordViewModel model)
{
ResetPasswordResult result = ValidateResetPasswordResult(model);
if (result.IsSuccess)
{
string buff = "";
if (userService.SendResetPasswordEmail(model.Email, dataProtectorUtil.PublicKeyJson, dataProtectorUtil.PrivateKeyJson, HttpContext.Request.Host.ToString(), out buff))
{
return(new JsonResult(result));
}
else
{
result.IsSuccess = false;
result.EmailErrorMessage = buff;
}
}
return(new JsonResult(result));
}
public object ResetPassword([FromBody] ResetPasswordInfo info)
{
ResetPasswordResult result = _accountService.ResetPassword(info.Account, info.Password, info.Code);
switch (result.Code)
{
case ResetPasswordCode.AccountWrong:
return(new { Code = "accountWrong", Msg = "账号错误" });
case ResetPasswordCode.CodeWrong:
return(new { Code = "codeWrong", Msg = "代码错误" });
case ResetPasswordCode.Success:
return(new { Code = "success", Msg = "成功" });
default:
return(new { Code = "undefined" });
}
}
private ResetPasswordResult ValidateResetPasswordResult(ResetPasswordViewModel model)
{
ResetPasswordResult result = new ResetPasswordResult();
string buff = "";
result.IsValidUserName = inputValidatorUtil.ValidateUserName(model.UserName, out buff);
result.UserNameErrorMessage = buff;
result.IsValidEmail = inputValidatorUtil.ValidateEmail(model.Email, out buff);
result.EmailErrorMessage = buff;
result.IsValidCaptchaCode = inputValidatorUtil.ValidateCaptchaCode(model.CaptchaCode, HttpContext.Session.GetString("CaptchaCode"), out buff);
result.CaptchaCodeErrorMessage = buff;
if (result.IsValidEmail && result.IsValidUserName && result.IsValidCaptchaCode)
{
result.IsSuccess = true;
}
else
{
result.IsSuccess = false;
}
return(result);
}
// [AllowAnonymous]
// [ValidateAntiForgeryToken]
public async Task <IActionResult> ResetPassword([FromBody] ResetPasswordBindings bindings)
{
var id = bindings.Id;
var resetFormURL = bindings.resetFormURL ?? "";
// TODO: validate model here or with a filter ?
// TODO: do we really need the email confirmation ?
var user = await _userManager.FindByIdAsync(id);
if (user == null) // || !(await _userManager.IsEmailConfirmedAsync(user))
{
_logger.LogWarning("Invalid forgot password attempt.");
// Don't reveal that the user does not exist or is not confirmed
return(Ok(ApiModel.AsError <string>(null, "user does not exist")));
}
// For more information on how to enable account confirmation and password reset please
// visit https://go.microsoft.com/fwlink/?LinkID=532713
var code = await _userManager.GeneratePasswordResetTokenAsync(user);
var values = new { id = user.Id, code = code };
var callbackUrl = Url.Action(
action: nameof(AccountController.ResetPassword),
controller: nameof(AccountController).ToLowerInvariant().Replace("controller", ""),
values: values,
protocol: Request.Scheme,
host: Request.Host.Value);
var encodedCallback = WebUtility.UrlEncode(callbackUrl);
var link = $"{resetFormURL}?action={encodedCallback}";
var result = new ResetPasswordResult {
Id = id, Code = code, Link = link, Username = user.UserName
};
result.sent = bindings.email && await _emailSender.SendEmailAsync(user.Email, "Reset Password",
$"Please reset your password by clicking here: <a href='{link}'>link</a>");
return(Ok(ApiModel.AsSuccess <ResetPasswordResult>(result)));
}
public SynResetResponse(ResetPasswordResult _Result, string _Username = "")
{
Result = _Result;
Username = _Username;
}
