Exemple #1
0
        // RecoveryRequest get
        public DataResult <RecoveryRequest> GetRecoveryRequest(RecoveryRequest rr)
        {
            DataResult <RecoveryRequest> result = new DataResult <RecoveryRequest>();

            if (!mOnline)
            {
                result.Success      = false;
                result.ErrorMessage = DB_ERROR;
                return(result);
            }

            List <RecoveryRequest> recoveryRequests = new List <RecoveryRequest>();

            if (!string.IsNullOrWhiteSpace(rr.Token))
            {
                recoveryRequests = GetRecoveryRequestCollection().Find(x => x.Token == rr.Token).ToList();
            }

            if (recoveryRequests.Count > 0)
            {
                result.Success = true;
                result.Data    = recoveryRequests;
            }
            else
            {
                result.Success      = false;
                result.ErrorMessage = "Unable to find the request";
            }

            return(result);
        }
Exemple #2
0
        /// <summary> Generates a token and sends an email to the supplied emailaddress with the link </summary>
        public KeyValuePair <bool, string> GenerateRecoveryLink(string emailAddress)
        {
            bool succeeded = true;
            KeyValuePair <bool, string> defaultResponse = new KeyValuePair <bool, string>(succeeded, "If your email address exists an email has been sent containing a link to recover your password");

            DataResult <User> drUser = database.GetUser(new User {
                EmailAddress = emailAddress
            });

            if (!drUser.Success)
            {
                return(defaultResponse);
            }

            if (drUser.Data.Count > 1)
            {
                return(defaultResponse);
            }

            User user = drUser.Data.FirstOrDefault();

            if (user == null)
            {
                return(defaultResponse);
            }

            string recoveryToken = new Validator().RandomTemporaryString(12);

            RecoveryRequest rRequest = new RecoveryRequest()
            {
                UserId     = user.Id,
                ExpiryDate = DateTime.Now.AddHours(1),
                Token      = recoveryToken
            };

            DataResult <RecoveryRequest> drRecoveryRequest = database.StoreRecoveryRequest(rRequest);

            string link = DASHBOARD_URL + "recovery/" + recoveryToken;

            string body = string.Empty;

            body += "<a href=" + link + ">Click here</a> to recover your password ";

            string title     = "Password recovery";
            string subject   = "Monoid Dashboard: " + title;
            string recipient = user.EmailAddress;

            Mailer mailer = new Mailer();

            succeeded = mailer.SendEmail(body, subject, title, new[] { recipient });

            return(defaultResponse);
        }
Exemple #3
0
        public DataResult <RecoveryRequest> DeleteRecoveryRequest(RecoveryRequest rr)
        {
            DataResult <RecoveryRequest> result = new DataResult <RecoveryRequest>();

            if (!mOnline)
            {
                result.Success      = false;
                result.ErrorMessage = DB_ERROR;
                return(result);
            }

            try
            {
                GetRecoveryRequestCollection().DeleteOne(Builders <RecoveryRequest> .Filter.Eq(x => x.Token, rr.Token));
                result.Success = true;
            }
            catch (Exception ex)
            {
                result.Success      = false;
                result.ErrorMessage = ex.Message;
            }

            return(result);
        }
Exemple #4
0
        // RecoveryRequest store
        public DataResult <RecoveryRequest> StoreRecoveryRequest(RecoveryRequest rr)
        {
            DataResult <RecoveryRequest> result = new DataResult <RecoveryRequest>();

            if (!mOnline)
            {
                result.Success      = false;
                result.ErrorMessage = DB_ERROR;
                return(result);
            }

            try
            {
                GetRecoveryRequestCollection().InsertOne(rr);
                result.Success = true;
            }
            catch (Exception ex)
            {
                result.Success      = false;
                result.ErrorMessage = ex.Message;
            }

            return(result);
        }
Exemple #5
0
        /// <summary> Recovery process -> validate token -> save new password </summary>
        public DataResult <RecoveryRequest> Recovery(string newPassword, string token)
        {
            DataResult <RecoveryRequest> drDefaultResponse = new DataResult <RecoveryRequest>()
            {
                Success = false, ErrorMessage = "Unable to process your recovery request"
            };
            DataResult <RecoveryRequest> drRecoveryRequest = database.GetRecoveryRequest(new RecoveryRequest {
                Token = token
            });

            if (!drRecoveryRequest.Success)
            {
                return(drDefaultResponse);
            }

            RecoveryRequest recoveryRequest = drRecoveryRequest.Data.FirstOrDefault();

            if (recoveryRequest == null)
            {
                return(drDefaultResponse);
            }

            if (DateTime.Compare(recoveryRequest.ExpiryDate, DateTime.Now) > 1)
            {
                return(drDefaultResponse);
            }

            DataResult <User> drUser = database.GetUser(new User {
                Id = recoveryRequest.UserId
            });

            if (!drUser.Success)
            {
                return(drDefaultResponse);
            }

            User user = drUser.Data.FirstOrDefault();

            if (user == null)
            {
                return(drDefaultResponse);
            }

            Validator validator = new Validator();

            user.Password = newPassword;
            string hashedPassword = validator.PasswordHasher(user);

            user.Password = hashedPassword;

            DataResult <User> drUserUpdated = database.UpdateUser(user);

            if (!drUserUpdated.Success)
            {
                return(drDefaultResponse);
            }

            DataResult <RecoveryRequest> drDeleteRecoveryRequest = database.DeleteRecoveryRequest(recoveryRequest);

            return(drDeleteRecoveryRequest);
        }