public async Task <IActionResult> ResetPassword([FromBody] UserPasswordReset resetInfo)
{
if (ModelState.IsValid)
{
ApplicationUser appUser = null;
if (resetInfo.UsernameOrEmail.Contains("@"))
{
appUser = await _accountManager.GetUserByEmailAsync(resetInfo.UsernameOrEmail);
}
if (appUser == null)
{
appUser = await _accountManager.GetUserByUserNameAsync(resetInfo.UsernameOrEmail);
}
if (appUser == null)
{
// Don't reveal that the user does not exist
return(NoContent());
}
var result = await _accountManager.ResetPasswordAsync(appUser, resetInfo.ResetCode, resetInfo.Password);
if (!result.Succeeded)
{
return(BadRequest($"Resetting password failed for user \"{appUser.UserName}\". Errors: {string.Join(", ", result.Errors)}"));
}
return(NoContent());
}
return(BadRequest(ModelState));
}
//[ValidateAntiForgeryToken]
public ActionResult PasswordReset(UserPasswordReset Reset)
{
const string PasswordResetSub = "Task Manager - Password Reset";
//if we have a fully valid reset then we are done
if (ModelState.IsValid)
{
//change the password
SecurityReturn TempReturn = SecurityHelper.PasswordToSaltedHash(Reset.NewConfirmPassword, CodeLengths);
DB.DoPasswordResset(Reset.Email, Reset.ResetCode, TempReturn.SaltedHashedPassword, TempReturn.Salt);
return(RedirectToAction("", "Home"));
}
//if from the email you have gotten the reset code move to next step
if (ModelState["ResetCode"].Errors.Count < 1 && ModelState["Email"].Errors.Count < 1)
{
return(View("PasswordResetStep2", Reset));
}
//if we provided a email to work with move to step 2
if (ModelState["Email"].Errors.Count < 1)
{
//make a code and attempt bind it
string Code = SecurityHelper.GetCode(20).CleanURLIllegalChars();
if (DB.CreateThePasswordResset(Reset.Email, Code).First().Value)
{
string[] Split = Reset.Email.Split(new char[] { '@' }, StringSplitOptions.RemoveEmptyEntries);
ViewBag.URL = this.MakeFullURLActionLink("PasswordResetEmailRedirect", "Account", new { Email = Split[0], Domain = Split[1], Code = Code }, false);
// if bound send an email to the email
SendEmail(Reset.Email, PasswordResetSub, "PasswordResetEmailTemplate");
}
//Display to check the email or resend
return(View("PasswordResetCheckYourEmail", Reset));
}
return(View("PasswordResetStep1", Reset));
}
public async Task ResetPassword()
{
IsBusy = true; FormValid = false;
string ModalParams;
var result = AuthService.ResetPasswordAsync(PasswordReset);
UserPasswordReset lr = await result;
if (!string.IsNullOrEmpty(lr.UsernameOrEmail))
{
var m = new ModalSuccess
{
Title = Translate.Keys["Reset"],
Message = $"{ Translate.Keys["SuccessPasswordUpdate"] }"
};
ModalParams = JsonSerializer.Serialize(m);
}
else
{
var m = new ModalError
{
Title = Translate.Keys["Reset"],
Message = $"{ Translate.Keys["UNotFoundOrMNotConfirmed"] }"
};
ModalParams = JsonSerializer.Serialize(m);
}
await CloseLoginModal(true);
await JsRuntime.InvokeVoidAsync("showModalDialog", ModalParams);
}
public ActionResult PasswordResetEmailRedirect(string Email, string Domain, string Code)
{
UserPasswordReset Reset = new UserPasswordReset()
{
Email = Email + "@" + Domain, ResetCode = Code
};
return(this.RedirectToPostAction("PasswordReset", Reset));
//return Json(Reset, JsonRequestBehavior.AllowGet);
}
public async Task <UserPasswordReset> ResetPasswordAsync(UserPasswordReset passwordReset)
{
try
{
var response = await _genericRepository.PutAsync <UserPasswordReset>("api/account/resetpassword", passwordReset);
return(response);
}
catch (HttpRequestExceptionEx e)
{
Debug.WriteLine(e.HttpCode);
return(new UserPasswordReset());
}
}
public async Task <bool> InsertPasswordResetToken(int userId, string passwordResetToken)
{
UserPasswordReset userPasswordReset = new UserPasswordReset()
{
UserId = userId,
PasswordResetToken = passwordResetToken,
CreatedOn = DateTime.Now,
IsReset = false,
};
_dbContext.UserPasswordResets.Add(userPasswordReset);
await _dbContext.SaveChangesAsync();
return(true);
}
public async Task <IActionResult> OnPostAsync()
{
var UserId = TempData.Get <string>("resetPasswordUserId");
TempData.Remove("resetPasswordUserId");
AppUser = Context.User.FirstOrDefault(x => x.Id == long.Parse(UserId) && x.IsActive);
if (HttpContext.User.Identity.IsAuthenticated)
{
return(Redirect("/"));
}
else if (AppUser == null)
{
TempData["PasswordResetMessage"] = "Kullanıcıya ulaşılamadı";
return(Redirect("/account/passwordreset"));
}
var Email = new OkurdostuEmail((IEmailConfiguration)HttpContext?.RequestServices.GetService(typeof(IEmailConfiguration)))
{
SenderMail = "*****@*****.**",
SenderName = "Okurdostu"
};
var preCreatedPaswordReset = Context.UserPasswordReset.Where(x => x.UserId == AppUser.Id && !x.IsUsed).Include(x => x.User).ToList().LastOrDefault();
var elapsedTime = DateTime.Now - preCreatedPaswordReset?.CreatedOn;
if (preCreatedPaswordReset != null && elapsedTime.Value.Hours < 11.5)
{
Email.Send(Email.PasswordResetMail(preCreatedPaswordReset.User.FullName, preCreatedPaswordReset.User.Email, preCreatedPaswordReset.GUID));
}
else
{
var UserPaswordReset = new UserPasswordReset()
{
UserId = AppUser.Id
};
await Context.AddAsync(UserPaswordReset);
var result = await Context.SaveChangesAsync();
if (result > 0)
{
Email.Send(Email.PasswordResetMail(AppUser.FullName, AppUser.Email, UserPaswordReset.GUID));
}
}
return(Redirect("/account/passwordreset/successent"));
}
public void CreateUserPasswordReset(int userID, string resetCode)
{
var oldReset = (from x in _dBContext.UserPasswordReset
where x.UserID == userID
select x).FirstOrDefault();
if (oldReset != null)
{
oldReset.ResetCode = resetCode;
oldReset.CreatedOn = DateTime.Now;
}
else
{
var reset = new UserPasswordReset
{
UserID = userID,
ResetCode = resetCode,
CreatedOn = DateTime.Now
};
_dBContext.UserPasswordReset.Add(reset);
}
_dBContext.SaveChanges();
}
