public ResetPasswordResponse ResetPassword(ResetPasswordRequest request)
{
Platform.CheckForNullReference(request, "request");
Platform.CheckMemberIsSet(request.UserName, "UserName");
var now = Platform.Time;
var user = GetUser(request.UserName);
// ensure user found, account is active and the current password is correct
if (string.IsNullOrEmpty(user.EmailAddress))
{
throw new RequestValidationException(SR.MessageEmailAddressNotConfigured);
}
// ensure user found, account is active and the current password is correct
if (user == null || !user.IsActive(now))
{
// no such user, account not active, or invalid password
// the error message is deliberately vague
throw new UserAccessDeniedException();
}
// Just use the .NET routine
var newPassword = Membership.GeneratePassword(8, 1);
var expiryTime = Platform.Time;
// change the password
user.ChangePassword(newPassword, expiryTime);
// send email
var settings = new PasswordResetEmailSettings();
var mail = new OutgoingMailMessage(
settings.FromAddress,
user.EmailAddress,
settings.SubjectTemplate.Replace("$USER", user.DisplayName),
settings.BodyTemplate.Replace("$USER", user.DisplayName).Replace("$PASSWORD", newPassword),
settings.BodyTemplate.ToLower().Contains("html"));
mail.Enqueue(OutgoingMailClassification.Normal);
return(new ResetPasswordResponse(user.EmailAddress));
}
public ResetPasswordResponse ResetPassword(ResetPasswordRequest request)
{
Platform.CheckForNullReference(request, "request");
Platform.CheckMemberIsSet(request.UserName, "UserName");
var now = Platform.Time;
var user = GetUser(request.UserName);
// ensure user found, account is active and the current password is correct
if (string.IsNullOrEmpty(user.EmailAddress))
{
throw new RequestValidationException(SR.MessageEmailAddressNotConfigured);
}
// ensure user found, account is active and the current password is correct
if (user == null || !user.IsActive(now))
{
// no such user, account not active, or invalid password
// the error message is deliberately vague
throw new UserAccessDeniedException();
}
// Just use the .NET routine
var newPassword = Membership.GeneratePassword(8, 1);
var expiryTime = Platform.Time;
// change the password
user.ChangePassword(newPassword, expiryTime);
// send email
var settings = new PasswordResetEmailSettings();
var mail = new OutgoingMailMessage(
settings.FromAddress,
user.EmailAddress,
settings.SubjectTemplate.Replace("$USER", user.DisplayName),
settings.BodyTemplate.Replace("$USER", user.DisplayName).Replace("$PASSWORD", newPassword),
settings.BodyTemplate.ToLower().Contains("html"));
mail.Enqueue(OutgoingMailClassification.Normal);
return new ResetPasswordResponse(user.EmailAddress);
}
