public IHttpActionResult ResetPassword(VMResetPassword model)
{
Users user = _dbUsers.FindByResetPasswordToken(model.ResetPasswordToken);
if (user == null)
{
return(NotFound());
}
Regex passwordRule = new Regex(@"(?=^.{6,}$)(?=.*\d)(?=.*[a-zA-Z])");
if (string.IsNullOrEmpty(model.NewPassword) || model.NewPassword != model.ConfirmNewPassword || !passwordRule.IsMatch(model.NewPassword))
{
return(BadRequest());
}
if (!_dbAuthenticationTokens.DeactivateByUserID(user.UserID))
{
return(StatusCode((HttpStatusCode)456));
}
user.PasswordSalt = PasswordGenerator.GenerateSalt();
user.PasswordHash = PasswordGenerator.GenerateHash(model.NewPassword, user.PasswordSalt);
user.LastPasswordChange = DateTime.Now;
user.ResetPasswordToken = null;
user.ResetPasswordTokenExpiration = null;
if (!_dbUsers.Edit(user))
{
return(StatusCode((HttpStatusCode)554));
}
return(Ok());
}
public ActionResult ResetPassword(int id, VMResetPassword VMResetPassword)
{
response = GlobalVariable.WebApiClient.GetAsync(string.Concat(controller, $"/{id}")).Result;
Customer customer = response.Content.ReadAsAsync <Customer>().Result;
if (customer.Password != VMResetPassword.OldPassword)
{
ViewBag.ErrorMessage = "Invalid Old Password !";
ViewBag.ErrorMessage2 = "Please try again later.";
return(View());
}
customer.Password = VMResetPassword.Password;
response = GlobalVariable.WebApiClient.PutAsJsonAsync(string.Concat(controller, $"/{customer.ID}"), customer).Result;
return(RedirectToAction("Index"));
}
