public async Task <IActionResult> ResetPasswordRequestAsync(PasswordResetInput model)
{
var account = await _userAccountService.GetByEmailAsync(model.Email, x => x.PasswordResetSecretCollection);
if (account == null)
{
ModelState.AddModelError("", "Invalid email");
return(BadRequest(ModelState.Errors()));
}
if (!account.PasswordResetSecretCollection.Any())
{
await _userAccountService.ResetPasswordAsync(model.Email);
return(Ok());
}
var bytes = Encoding.UTF8.GetBytes(account.Guid.ToString());
bytes = _protector.Protect(bytes);
var vm = new PasswordResetWithSecretInputModel {
ProtectedAccountID = Convert.ToBase64String(bytes),
Questions = account.PasswordResetSecretCollection.Select(
x => new PasswordResetSecretViewModel
{
QuestionId = x.Guid,
Question = x.Question
}).ToArray()
};
return(Ok(vm));
}
public async Task <IActionResult> ResetPasswordWithQuestionsAsync(PasswordResetWithSecretInputModel model)
{
var answers =
model.Questions.Select(x => new PasswordResetQuestionAnswer().InjectFrom(x)).Cast <PasswordResetQuestionAnswer>();
var bytes = Convert.FromBase64String(model.ProtectedAccountID);
bytes = _protector.Unprotect(bytes);
var val = Encoding.UTF8.GetString(bytes);
var accountId = Guid.Parse(val);
await _userAccountService.ResetPasswordFromSecretQuestionAndAnswerAsync(accountId, answers.ToArray());
return(Ok());
}
public ActionResult ResetWithQuestions(PasswordResetWithSecretInputModel model)
{
if (ModelState.IsValid)
{
try
{
var answers =
model.Questions.Select(x => new PasswordResetQuestionAnswer {
QuestionID = x.QuestionID, Answer = x.Answer
});
this.userAccountService.ResetPasswordFromSecretQuestionAndAnswer(model.UnprotectedAccountID.Value, answers.ToArray());
return(View("ResetSuccess"));
}
catch (ValidationException ex)
{
ModelState.AddModelError("", ex.Message);
}
}
var id = model.UnprotectedAccountID;
if (id != null)
{
var account = this.userAccountService.GetByID(id.Value);
if (account != null)
{
var vm = new PasswordResetWithSecretInputModel(account.ID);
vm.Questions =
account.PasswordResetSecrets.Select(
x => new PasswordResetSecretViewModel
{
QuestionID = x.PasswordResetSecretID,
Question = x.Question
}).ToArray();
return(View("ResetWithQuestions", vm));
}
}
return(RedirectToAction("Index"));
}
public ActionResult Index(PasswordResetInputModel model)
{
if (ModelState.IsValid)
{
try
{
var account = this.userAccountService.GetByEmail(model.Email);
if (account != null)
{
if (!account.PasswordResetSecrets.Any())
{
this.userAccountService.ResetPassword(model.Email);
return(View("ResetSuccess"));
}
var vm = new PasswordResetWithSecretInputModel(account.ID);
vm.Questions =
account.PasswordResetSecrets.Select(
x => new PasswordResetSecretViewModel
{
QuestionID = x.PasswordResetSecretID,
Question = x.Question
}).ToArray();
return(View("ResetWithQuestions", vm));
}
else
{
ModelState.AddModelError("", "Invalid email");
}
}
catch (ValidationException ex)
{
ModelState.AddModelError("", ex.Message);
}
}
return(View("Index"));
}
