public ActionResult Reset(string email, string verificationToken, string newPassword)
{
if (email != null && verificationToken != null && newPassword != null)
{
if (Users.checkEmail(email))
{
var LoginSession = Users.GetModelByEmail(email);
var RessetSession = Verification.checkReset(LoginSession.UserID, verificationToken);
DateTime verifiedDate = Convert.ToDateTime(RessetSession.ResetTriggered);
DateTime currentDate = DateTime.Now;
if ((verifiedDate - currentDate).Minutes <= 10)
{
if (Verification.CheckReset(LoginSession.UserID, verificationToken))
{
var LoginSalt = "SHA1" + LoginSession.Email + "SalesTrackingSystem";
var HashedValue = Crypto.SHA1(LoginSalt + newPassword);
if (Users.resetpassword(LoginSession.UserID, HashedValue))
{
Session["Success"] = "Password reset Successfully";
return(RedirectToAction("Login"));
}
else
{
return(RedirectToAction("Reset", "Auth", new { uac = email, uid = verificationToken }));
}
}
else
{
return(RedirectToAction("Login"));
}
}
else
{
return(View("ForgetPassword"));
}
}
else
{
return(RedirectToAction("Reset", "Auth", new { uac = email, uid = verificationToken }));
}
}
else
{
return(RedirectToAction("Reset", "Auth", new { uac = email, uid = verificationToken }));
}
}
public ActionResult Reset(string OldPassword, string NewPassword)
{
var LoginSession = (Users_Model)Session["auth"];
if (LoginSession != null)
{
var LoginSalt = "SHA1" + LoginSession.Email + "SalesTrackingSystem";
var oldPassword = Crypto.SHA1(LoginSalt + OldPassword);
var newPassword = Crypto.SHA1(LoginSalt + NewPassword);
if (Users.CheckReset(LoginSession.Email, oldPassword))
{
/*Reset and logout*/
if (Users.resetpassword(LoginSession.UserID, newPassword))
{
Session.Abandon();
Session["Success"] = "Password reset successfully!!";
return(RedirectToAction("Login", "Auth"));
}
else
{
Session["Error"] = "There Was problem while resetting password please retry!!";
return(View("Setting"));
}
}
else
{
/*Redirect error*/
Session["Warning"] = "Old Password doesn't match!!";
return(View("Setting"));
}
}
else
{
Session["Warning"] = "Unauthorized access!!";
return(RedirectToAction("Login", "Auth"));
}
}