Example #1
0
        public ActionResult ResetPassword(string token)
        {
            if (User.Identity.IsAuthenticated)
            {
                NotifyInfo("You are already logged in. Log out and try again.");
                return(Redirect(Url.Home().Index()));
            }
            Guid guidToken;

            if (!Guid.TryParse(token, out guidToken))
            {
                NotifyWarning("Sorry! We couldn't verify that this user requested a password reset. Please try resetting again.");
                return(Redirect(Url.Account().ForgotPassword()));
            }

            var model = new ResetPassword
            {
                Token = guidToken,
                Data  = Db.SingleOrDefault <PasswordRetrieval>(new { Token = guidToken })
            };

            if (model.Data == null)
            {
                NotifyWarning("Sorry! We couldn't verify that this user requested a password reset. Please try resetting again.");
                return(Redirect(Url.Account().ForgotPassword()));
            }

            return(View(model));
        }
Example #2
0
        public ActionResult ResetPassword(ResetPassword model)
        {
            if (User.Identity.IsAuthenticated)
            {
                NotifyInfo("You are already logged in. Log out and try again.");
                return(Redirect(Url.Home().Index()));
            }
            if (ModelState.IsValid)
            {
                model.Data = Db.Query <PasswordRetrieval>("select * from [{0}] where Token=@Token".Fmt(Db.GetTableName <PasswordRetrieval>()), new
                {
                    model.Token
                }).SingleOrDefault();

                if (model.Data == null)
                {
                    NotifyWarning("Sorry! We couldn't verify that this user requested a password reset. Please try resetting again.");
                    return(Redirect(Url.Account().ForgotPassword()));
                }

                var user = Db.Query <User>("delete from [{0}] where Id=@resetId;update [{1}] set Password=@Password, ModifiedOn=GetUtcDate() where Id=@UserId;select * from [{1}] where Id=@UserId"
                                           .Fmt(
                                               Db.GetTableName <PasswordRetrieval>(),
                                               Db.GetTableName <User>()
                                               ), new
                {
                    ResetId  = model.Data.Id,
                    Password = model.Password.ToSHAHash(),
                    model.Data.UserId
                }).SingleOrDefault();

                _authenticationService.SetLoginCookie(user, true);

                Metrics.Increment(Metric.Users_ResetPassword);
                //show confirmation
                return(View("ResetPasswordConfirmation"));
            }
            return(View(model));
        }
Example #3
0
        public ActionResult Login(Login model)
        {
            if (ModelState.IsValid)
            {
                var user = Db.Query <User>("select top 1 * from [{0}] where (Username=@Username OR Email=@Username) and Password=@Password and IsDeleted=0".Fmt(Db.GetTableName <User>()), new
                {
                    model.Username,
                    Password = model.Password.ToSHAHash()
                }).SingleOrDefault();
                if (user != null)
                {
                    _authenticationService.SetLoginCookie(user, model.RememberMe);
                    Metrics.Increment(Metric.Users_SuccessfulLogin);

                    if (Url.IsLocalUrl(model.ReturnUrl))
                    {
                        return(Redirect(model.ReturnUrl));
                    }
                    return(RedirectToAction("Index", "Home"));
                }
                ModelState.AddModelErrorFor <Login>(x => x.Username, string.Format("The user name or password provided is incorrect. Did you <a href='{0}'>forget your password?</a>", Url.Account().ForgotPassword()));
            }
            Metrics.Increment(Metric.Users_FailedLogin);

            // If we got this far, something failed, redisplay form
            model.Password = null;             //clear the password so they have to re-enter it
            return(View(model));
        }