public ActionResult Code(string userId, string loginCode) { if (userId == null || loginCode == null) { return(RedirectToAction("Index", "Login")); } long userIdLong; if (!long.TryParse(userId, out userIdLong)) { return(RedirectToAction("Index", "Login")); } var otp = DatabaseOtpService.GetByCode(loginCode); if (otp.Time.AddMinutes(10) < DateTime.Now || otp.UserId != userIdLong) { return(RedirectToAction("Index", "Login")); } DatabaseOtpService.Disable(otp.Id); Session[Models.Login.UserIdSession] = otp.UserId; return(RedirectToAction("Index", "Patient")); }
/** * Receives a password reset token sent from email in order to redirect to * the proper password reset page. * * @receives - request link from email with embedded one time password */ public ActionResult Reset() { try { var userOtp = DatabaseOtpService.GetByCode(RouteData.Values["otp"].ToString()); var user = DatabaseUserService.GetById(userOtp.UserId); if (userOtp.IsActive()) { if (user.Enabled) { return(View("../Login/Reset", new LoginController.ResetData { Email = user.Email, OTP = userOtp.Code })); } else { return(ResetFailure()); } } else { return(ExpiredOtp()); } } catch (Exception) { return(BadLink()); } }
public ActionResult Reset(string email, string password, string confirm_password, string otpCode) { var otp = DatabaseOtpService.GetByCode(otpCode); if (otp == null || !otp.IsActive()) { return(Index()); } DatabaseOtpService.Disable(otp.Id); var user = Login.GetLogin(email); if (user == null) { return(Index()); } if (string.IsNullOrEmpty(password) || string.IsNullOrEmpty(confirm_password)) { return(ResetResult(ResetResults.PasswordNotSet)); } if (password != confirm_password) { return(ResetResult(ResetResults.PasswordsDontMatch)); } user.SetPassword(password); return(ResetResult(null)); }