public ResetPasswordResponse ResetPassword(ResetPasswordRequest request)
{
Platform.CheckForNullReference(request, "request");
Platform.CheckMemberIsSet(request.UserName, "UserName");
var now = Platform.Time;
var user = GetUser(request.UserName);
// ensure user found, account is active and the current password is correct
if (string.IsNullOrEmpty(user.EmailAddress))
{
throw new RequestValidationException(SR.MessageEmailAddressNotConfigured);
}
// ensure user found, account is active and the current password is correct
if (user == null || !user.IsActive(now))
{
// no such user, account not active, or invalid password
// the error message is deliberately vague
throw new UserAccessDeniedException();
}
// Just use the .NET routine
var newPassword = Membership.GeneratePassword(8, 1);
var expiryTime = Platform.Time;
// change the password
user.ChangePassword(newPassword, expiryTime);
// send email
var settings = new PasswordResetEmailSettings();
var mail = new OutgoingMailMessage(
settings.FromAddress,
user.EmailAddress,
settings.SubjectTemplate.Replace("$USER", user.DisplayName),
settings.BodyTemplate.Replace("$USER", user.DisplayName).Replace("$PASSWORD", newPassword),
settings.BodyTemplate.ToLower().Contains("html"));
mail.Enqueue(OutgoingMailClassification.Normal);
return new ResetPasswordResponse(user.EmailAddress);
}
public ResetPasswordResponse ResetPassword(ResetPasswordRequest request)
{
throw new NotImplementedException();
}
public void ResetPassword(string userName)
{
ResetPasswordResponse response;
var request = new ResetPasswordRequest(userName);
Platform.GetService(
delegate(IAuthenticationService service)
{
response = service.ResetPassword(request);
Platform.Log(LogLevel.Info, "Password for {0} has been reset and email sent to {1}.", userName, response.EmailAddress);
});
}
