public virtual ActionResult Reset(String id, String t)
{
if (!ModelState.IsValid)
{
return(View());
}
//
//Validate the id and token
//This will decrypt the values, find the record, and ensure its not expired
//If not valid then throw error, and redirect to ForgotPassword page to have them enter userid and email
//
var request = new ValidateSecurityPasswordResetTokenRequest()
{
Id = id,
Token = t
};
var response = _service.ValidateSecurityPasswordResetToken(request);
if (!response.IsSuccessful)
{
//Redirect to the home page with an error message if there is an issue
AddToastMessage(new ToastMessage
{
AutoHide = false,
Position = ToastMessage.ToastPosition.TopCenter,
Type = ToastMessage.ToastType.Error,
Title = "Invalid Request",
Message = response.Message
});
return(RedirectToAction(MVC.Home.Index()));
}
//
//If valid, render the view allowing the password to be reset
//
var model = new ResetForgottenPasswordViewModel()
{
Id = id,
Token = t
};
return(View(model));
}
/// <summary>
/// For a forgotten password request that has been emailed to the user, allow them to
/// reset their password.
/// </summary>
/// <param name="model"></param>
public ResetForgottenPasswordResponse ResetForgottenPassword(
ResetForgottenPasswordRequest request)
{
//
//Validate the parameters
//
if (request == null || String.IsNullOrWhiteSpace(request.Id) || String.IsNullOrWhiteSpace(request.Token))
{
return(new ResetForgottenPasswordResponse()
{
IsSuccessful = false,
Message = "An invalid password reset request was made."
});
}
//
//Ensure the id and token is valid
//
var validationRequest = new ValidateSecurityPasswordResetTokenRequest()
{
Id = request.Id,
Token = request.Token
};
var validationResponse = this.ValidateSecurityPasswordResetToken(validationRequest);
if (!validationResponse.IsSuccessful)
{
return(new ResetForgottenPasswordResponse()
{
IsSuccessful = false,
Message = validationResponse.Message
});
}
var securityPasswordResetRequest = validationResponse.SecurityPasswordResetRequest;
//
//Get the SecurityUser record if it exists
//
SecurityUser securityUser = null;
if (securityPasswordResetRequest.SecurityUserId != null)
{
securityUser =
_repository.GetAll <SecurityUser>()
.FirstOrDefault(p => p.SecurityUserId == securityPasswordResetRequest.SecurityUserId);
}
//
//Change the password
//
var changePasswordRequest = new ChangePasswordRequest()
{
UserName = securityPasswordResetRequest.UserName,
AuthenticationMethod = (securityUser != null ? securityUser.AuthenticationMethod : null),
SecurityUserId = (securityUser != null ? securityUser.SecurityUserId : (int?)null),
NewPassword = request.NewPassword,
NewPasswordConfirm = request.NewPasswordConfirm,
CheckPasswordComplexity = true,
CheckIfUserPasswordCanBeChanged = true,
EnforcePasswordHistory = true,
SendPasswordSuccessfullyChangedEmail = true
};
var changePasswordResponse = _passwordService.ChangePassword(changePasswordRequest);
if (!changePasswordResponse.IsSuccessful)
{
return(new ResetForgottenPasswordResponse()
{
IsSuccessful = false,
Message = changePasswordResponse.Message
});
}
//
//Update the password reset request entity to store that the request has been processed
//
securityPasswordResetRequest.Processed = true;
securityPasswordResetRequest.ProcessDate = DateTime.Now;
_repository.Commit();
//
//Successful reset of forgotten password if we got to here
//
return(new ResetForgottenPasswordResponse()
{
IsSuccessful = true,
Message = null
});
}
/// <summary>
/// Validate a security password reset request, ensuring the ID and token can be decrypted and
/// has not expired
/// </summary>
/// <param name="model"></param>
public ValidateSecurityPasswordResetTokenResponse ValidateSecurityPasswordResetToken(
ValidateSecurityPasswordResetTokenRequest request)
{
//
//Validate the parameters
//
if (request == null || String.IsNullOrWhiteSpace(request.Id) || String.IsNullOrWhiteSpace(request.Token))
{
return(new ValidateSecurityPasswordResetTokenResponse()
{
IsSuccessful = false,
Message = "An invalid password reset request was made."
});
}
//
//Decrypt the ID and token to verify they are valid
//
int passwordResetId;
String passwordResetToken = null;
try
{
String passwordResetIdString = AESEncryption.Decrypt(request.Id);
passwordResetToken = AESEncryption.Decrypt(request.Token);
passwordResetId = Convert.ToInt32(passwordResetIdString);
}
catch (Exception e)
{
LogService.Instance.Log.Debug("Exception logged for debug purposes only. This was meant to be caught and handled.", e);
return(new ValidateSecurityPasswordResetTokenResponse()
{
IsSuccessful = false,
Message = "An invalid password reset request was made."
});
}
//
//If valid, get the SecurityPasswordResetRequest object from the table
//
var securityPasswordResetRequest = _repository.GetAll <SecurityPasswordResetRequest>().Where(p => p.SecurityPasswordResetRequestId == passwordResetId && p.Token == passwordResetToken).FirstOrDefault();
if (securityPasswordResetRequest == null)
{
return(new ValidateSecurityPasswordResetTokenResponse()
{
IsSuccessful = false,
Message = "An invalid password reset request was made."
});
}
//
//Ensure the password reset request hasnt expired and hasnt been processed already
//
if (securityPasswordResetRequest.ExpirationDate == null || securityPasswordResetRequest.ExpirationDate < DateTime.Now || securityPasswordResetRequest.Processed)
{
return(new ValidateSecurityPasswordResetTokenResponse()
{
IsSuccessful = false,
Message = "The password reset request has expired."
});
}
//
//If we got here then all is good
//
return(new ValidateSecurityPasswordResetTokenResponse()
{
IsSuccessful = true,
Message = null,
SecurityPasswordResetRequest = securityPasswordResetRequest
});
}
