// RecoveryRequest get
public DataResult <RecoveryRequest> GetRecoveryRequest(RecoveryRequest rr)
{
DataResult <RecoveryRequest> result = new DataResult <RecoveryRequest>();
if (!mOnline)
{
result.Success = false;
result.ErrorMessage = DB_ERROR;
return(result);
}
List <RecoveryRequest> recoveryRequests = new List <RecoveryRequest>();
if (!string.IsNullOrWhiteSpace(rr.Token))
{
recoveryRequests = GetRecoveryRequestCollection().Find(x => x.Token == rr.Token).ToList();
}
if (recoveryRequests.Count > 0)
{
result.Success = true;
result.Data = recoveryRequests;
}
else
{
result.Success = false;
result.ErrorMessage = "Unable to find the request";
}
return(result);
}
/// <summary> Generates a token and sends an email to the supplied emailaddress with the link </summary>
public KeyValuePair <bool, string> GenerateRecoveryLink(string emailAddress)
{
bool succeeded = true;
KeyValuePair <bool, string> defaultResponse = new KeyValuePair <bool, string>(succeeded, "If your email address exists an email has been sent containing a link to recover your password");
DataResult <User> drUser = database.GetUser(new User {
EmailAddress = emailAddress
});
if (!drUser.Success)
{
return(defaultResponse);
}
if (drUser.Data.Count > 1)
{
return(defaultResponse);
}
User user = drUser.Data.FirstOrDefault();
if (user == null)
{
return(defaultResponse);
}
string recoveryToken = new Validator().RandomTemporaryString(12);
RecoveryRequest rRequest = new RecoveryRequest()
{
UserId = user.Id,
ExpiryDate = DateTime.Now.AddHours(1),
Token = recoveryToken
};
DataResult <RecoveryRequest> drRecoveryRequest = database.StoreRecoveryRequest(rRequest);
string link = DASHBOARD_URL + "recovery/" + recoveryToken;
string body = string.Empty;
body += "<a href=" + link + ">Click here</a> to recover your password ";
string title = "Password recovery";
string subject = "Monoid Dashboard: " + title;
string recipient = user.EmailAddress;
Mailer mailer = new Mailer();
succeeded = mailer.SendEmail(body, subject, title, new[] { recipient });
return(defaultResponse);
}
public DataResult <RecoveryRequest> DeleteRecoveryRequest(RecoveryRequest rr)
{
DataResult <RecoveryRequest> result = new DataResult <RecoveryRequest>();
if (!mOnline)
{
result.Success = false;
result.ErrorMessage = DB_ERROR;
return(result);
}
try
{
GetRecoveryRequestCollection().DeleteOne(Builders <RecoveryRequest> .Filter.Eq(x => x.Token, rr.Token));
result.Success = true;
}
catch (Exception ex)
{
result.Success = false;
result.ErrorMessage = ex.Message;
}
return(result);
}
// RecoveryRequest store
public DataResult <RecoveryRequest> StoreRecoveryRequest(RecoveryRequest rr)
{
DataResult <RecoveryRequest> result = new DataResult <RecoveryRequest>();
if (!mOnline)
{
result.Success = false;
result.ErrorMessage = DB_ERROR;
return(result);
}
try
{
GetRecoveryRequestCollection().InsertOne(rr);
result.Success = true;
}
catch (Exception ex)
{
result.Success = false;
result.ErrorMessage = ex.Message;
}
return(result);
}
/// <summary> Recovery process -> validate token -> save new password </summary>
public DataResult <RecoveryRequest> Recovery(string newPassword, string token)
{
DataResult <RecoveryRequest> drDefaultResponse = new DataResult <RecoveryRequest>()
{
Success = false, ErrorMessage = "Unable to process your recovery request"
};
DataResult <RecoveryRequest> drRecoveryRequest = database.GetRecoveryRequest(new RecoveryRequest {
Token = token
});
if (!drRecoveryRequest.Success)
{
return(drDefaultResponse);
}
RecoveryRequest recoveryRequest = drRecoveryRequest.Data.FirstOrDefault();
if (recoveryRequest == null)
{
return(drDefaultResponse);
}
if (DateTime.Compare(recoveryRequest.ExpiryDate, DateTime.Now) > 1)
{
return(drDefaultResponse);
}
DataResult <User> drUser = database.GetUser(new User {
Id = recoveryRequest.UserId
});
if (!drUser.Success)
{
return(drDefaultResponse);
}
User user = drUser.Data.FirstOrDefault();
if (user == null)
{
return(drDefaultResponse);
}
Validator validator = new Validator();
user.Password = newPassword;
string hashedPassword = validator.PasswordHasher(user);
user.Password = hashedPassword;
DataResult <User> drUserUpdated = database.UpdateUser(user);
if (!drUserUpdated.Success)
{
return(drDefaultResponse);
}
DataResult <RecoveryRequest> drDeleteRecoveryRequest = database.DeleteRecoveryRequest(recoveryRequest);
return(drDeleteRecoveryRequest);
}