public IActionResult SendConfirmation(ForgotPasswordVM model) { if (!ModelState.IsValid) { return(RedirectToAction("ForgotPassword")); } User user = con.Users.SingleOrDefault(i => i.Email == model.Email); if (user == null) { TempData["errorMessage"] = "Email address doesn't exist. Make sure that you enter a valid email address."; return(RedirectToAction("ForgotPassword")); } ChangePasswordCode changepw = con.ChangePasswords.SingleOrDefault (i => i.UserId == user.Id); if (changepw != null) { if ((DateTime.Now - changepw.Created).TotalHours < 24) { TempData["errorMessage"] = "Email has been already sent to this email address"; return(RedirectToAction("ForgotPassword")); } else { con.ChangePasswords.Remove(changepw); con.SaveChanges(); } } string value = RandomString.GetString(30); string link = $"{ this.Request.Scheme}://{this.Request.Host}{this.Request.PathBase}/Login/ChangePassword?value=" + value; string message = "Visit this link for password change: \n" + link + "\nIf you don't change your password in next 24 hours this link will disappear " + "will be invalid."; EmailSettings.SendEmail(_configuration, user.Username, user.Email, "Change password", message); ChangePasswordCode passwordRequest = new ChangePasswordCode { Value = value, UserId = user.Id, Created = DateTime.Now }; con.ChangePasswords.Add(passwordRequest); con.SaveChanges(); TempData["successMessage"] = "Email for password confirmation is successfully sent. Check your inbox."; return(RedirectToAction("Index")); }
public IActionResult ConfirmNewPassword(ChangePasswordVM model) { if (!ModelState.IsValid) { return(View("ChangePassword", model)); } string value = (string)TempData["value"]; ChangePasswordCode changepw = con.ChangePasswords.SingleOrDefault(i => i.Value == value); User user = con.Users.SingleOrDefault (i => i.Id == changepw.UserId); user.PasswordHash = HashHelper.GetHash(model.Password, Convert.FromBase64String(user.PasswordSalt)); con.ChangePasswords.Remove(changepw); con.SaveChanges(); TempData["successMessage"] = "Your password is successfully changed."; return(RedirectToAction("Index")); }