public async Task <IActionResult> Post([FromBody] Data data)
{
try {
string email = data.email;
string password = data.password;
string password2 = data.password2;
TestEmail(email);
TestPassword(password);
TestPassword2(password, password2);
CreateUserIfNotExists(email, password);
await SendResetLink.SendVerificationLink(data.email, "verification", "verify", "verifying your account", "account-verification");
return(Ok("User was succesfully created. Check your e-mail for confirmation."));
} catch (Exception e) {
return(BadRequest(new Response(e)));
}
}
protected void btnReset_Click(object sender, EventArgs e)
{
string email = txtEmail.Text;
//check that the user with that email exists, get their UID
string query = "SELECT ID FROM Users WHERE EMAIL ='" + email + "';";
DataTable dt = DataAccess.selectQuery(query);
if (dt.Rows.Count == 1)
{
string UID = dt.Rows[0]["ID"].ToString();
//removes all other reset keys that may exist for the user
string delete = "DELETE FROM Password_Resets WHERE UID = '" + UID + "';";
DataAccess.selectQuery(delete);
//generate a random 50 character string
string key = RandomString(50, false);
string now = DateTime.Now.ToString();
//insert recovery key into the database
string addKey = "INSERT INTO Password_Resets (query_string, UID, TIME)" +
" VALUES ('" + key + "','" + UID + "','" + now + "');";
DataAccess.selectQuery(addKey);
//send email with link
SendResetLink.sendResetLink(email, key);
lblMessage.Text = "A reset link has been sent to your email";
}
else
{
lblMessage.Text = "invalid email address";
}
}
