public ActionResult ChangePasswordUnauthenticated(ResetPasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View());
}
var goodUid = db.ResetPasswordRequests.Where(u => u.Guid == model.Code).FirstOrDefault();
if (goodUid.Guid != model.Code)
{
return(View(model));
}
var valid = db.ValidateUser(model.Username, model.Email).FirstOrDefault();
if ((model.Password == model.ConfirmPassword) && (valid.Valid != 0))
{
RNGCryptoServiceProvider csprng = new RNGCryptoServiceProvider();
byte[] salt = new byte[SALT_BYTE_SIZE];
csprng.GetBytes(salt);
var hashedPassword = Hash.CreateHash(model.Password, salt);
db.ChangePassword(model.Username, hashedPassword, salt);
return(RedirectToAction("Login"));
}
else
{
ViewBag.Error = "Incorrect Information!";
return(View());
}
}