public ActionResult ResetPassword(ResetPasswordModel model) { // clears the errors from the model model.ClearToaster(); // check for simple warnings var isValid = true; // makes sure we don't have any empty fields if (String.IsNullOrEmpty(model.Email)) { model.AddError(GlobalErrors.EmptyFields); isValid = false; } if (!CredentialsHelper.IsEmailValid(model.Email)) // check email is valid { model.AddError(ResetPasswordErrors.InvalidEmail); isValid = false; } if (isValid) // check for more serious warnings { using (var e = new EntityContext()) // db context { // check if email exists in the database, we need the email to register if (!Authorize.EmailExists(model.Email, e)) { model.AddError(ResetPasswordErrors.EmailNotAssociatedWithUser); isValid = false; } else if (!Authorize.EmailIsRegistered(model.Email, e)) // if it does check if it is already registered { model.AddError(ResetPasswordErrors.EmailNotRegistered); isValid = false; } if (isValid && !model.HasWarnings()) // we have checked everything we need to check { CachedUser cachedUser = GetCachedUser.UserByEmail(model.Email, e); if (cachedUser == null) { model.AddError(RegistrationErrors.UnknowError); } else { return(RedirectToAction("Send", "ResetPassword", new { email = cachedUser.Email, username = cachedUser.Username, investigatorName = cachedUser.InvestigatorName })); } } } } // if we got here there was an error return(View(model)); }
/// <summary> /// Will check to see if your credentials match any in the databses /// </summary> /// <param name="username">The username provided to check, case sensitive</param> /// <param name="password">The password will be hashed and compared to the one in the database</param> /// <param name="context">the Database context object</param> /// <returns>Investigator Object if valid Credentials, otherwise null</returns> public static CachedUser CredentialsByUsername(String username, String password, EntityContext context = null) { context.CheckInit(); var LoginData = context.Web_Login_Data.FirstOrDefault(p => p.Username == username); if (!IsLoginAllowed(LoginData, password)) { return(null); } return(GetCachedUser.GetNew(LoginData)); }
/// <summary> /// Will check to see if your credentials match any in the databses /// </summary> /// <param name="email">The email provided to check, not case sensitive</param> /// <param name="password">The password will be hashed and compared to the one in the database</param> /// <param name="context">the Database context object</param> /// <returns>Investigator Object if valid Credentials, otherwise null</returns> public static CachedUser CredentialsByEmail(String email, String password, EntityContext context = null) { context.CheckInit(); var lowerEmail = email.ToLower(); var LoginData = context.Web_Login_Data.FirstOrDefault(p => p.Investigator.Email_Address.ToLower() == lowerEmail); if (!IsLoginAllowed(LoginData, password)) { return(null); } return(GetCachedUser.GetNew(LoginData)); }
public static CachedUser MakeNewUserLogin(String username, String email, String password, EntityContext e = null) { e.CheckInit(); if (!Authorize.EmailExists(email, e)) { return(null); } if (Authorize.EmailIsRegistered(email, e)) { return(null); } if (Authorize.UsernameIsRegistered(username, e)) { return(null); } var lowerEmail = email.ToLower(); try { var investigator = e.Investigators.FirstOrDefault(p => p.Email_Address.ToLower() == lowerEmail); var loginData = investigator.Web_Login_Data; var salt = Encrypt.GenerateSalt(); loginData = new Web_Login_datum() { Investigator = investigator, Salt = salt, Password = PasswordVerify.HashPassword(password, salt), Temp_Password = false, Investigator_Name = investigator.Investigator_Name, Username = username, Suspended = false, Email_Confirmed = false, DataSource = DATA_SOURCE_NAME }; e.Web_Login_Data.Add(loginData); e.SaveChanges(); return(GetCachedUser.GetNew(loginData)); } catch (Exception ex) { return(null); } }
/// <summary> /// Gets the current sessions cached user /// </summary> /// <returns>returns cached user</returns> public static CachedUser GetSessionUser() { // null if not logged in if (!AccountHelper.IsLoggedIn()) { return(null); } // gets the current cached user var user = (CachedUser)HttpContext.Current.Session["CachedUser"]; // if there is no user or if the current session user is not the user logged in if (user == null || user.InvestigatorName != HttpContext.Current.User.Identity.Name) { // store new user using (var e = new EntityContext()) { user = GetCachedUser.UserByUsername(HttpContext.Current.User.Identity.Name, e); SetSessionUser(user); } } // return new or old cached user return(user); }