/** * Receives a password reset token sent from email in order to redirect to * the proper password reset page. * * @receives - request link from email with embedded one time password */ public ActionResult Reset() { try { var userOtp = DatabaseOtpService.GetByCode(RouteData.Values["otp"].ToString()); var user = DatabaseUserService.GetById(userOtp.UserId); if (userOtp.IsActive()) { if (user.Enabled) { return(View("../Login/Reset", new LoginController.ResetData { Email = user.Email, OTP = userOtp.Code })); } else { return(ResetFailure()); } } else { return(ExpiredOtp()); } } catch (Exception) { return(BadLink()); } }
public ActionResult Code(string userId, string loginCode) { if (userId == null || loginCode == null) { return(RedirectToAction("Index", "Login")); } long userIdLong; if (!long.TryParse(userId, out userIdLong)) { return(RedirectToAction("Index", "Login")); } var otp = DatabaseOtpService.GetByCode(loginCode); if (otp.Time.AddMinutes(10) < DateTime.Now || otp.UserId != userIdLong) { return(RedirectToAction("Index", "Login")); } DatabaseOtpService.Disable(otp.Id); Session[Models.Login.UserIdSession] = otp.UserId; return(RedirectToAction("Index", "Patient")); }
public ActionResult Reset(string email, string password, string confirm_password, string otpCode) { var otp = DatabaseOtpService.GetByCode(otpCode); if (otp == null || !otp.IsActive()) { return(Index()); } DatabaseOtpService.Disable(otp.Id); var user = Login.GetLogin(email); if (user == null) { return(Index()); } if (string.IsNullOrEmpty(password) || string.IsNullOrEmpty(confirm_password)) { return(ResetResult(ResetResults.PasswordNotSet)); } if (password != confirm_password) { return(ResetResult(ResetResults.PasswordsDontMatch)); } user.SetPassword(password); return(ResetResult(null)); }
public ActionResult Login(string phonenumber) { // just a bit of input cleanup phonenumber = new Regex("[\\(\\)\\s+\\-]").Replace(phonenumber, ""); if (!phonenumber.StartsWith("+")) { if (phonenumber.Length == 10) { phonenumber = "+1" + phonenumber; } else { phonenumber = "+" + phonenumber; } } else { if (phonenumber.Length == 11) { phonenumber = "+1" + phonenumber.Substring(1); } } // TODO Tyler - skip this step and get patient directly from phone number? var user = DatabaseUserService.GetByPhoneActive(phonenumber); if (user == null) { return(Code(null)); } var patient = DatabasePatientService.GetByUserIdActive(user.UserId); if (patient == null) { return(Code(null)); } var otp = new OTP() { UserId = patient.UserId, Time = DateTime.Now, Code = new Random().Next(0, 1000000).ToString("000000") }; DatabaseOtpService.Insert(otp); NotificationSender.SendNotification(patient, "Your one-time patient login code is " + otp.Code); return(Code(patient.UserId)); }
public bool IsActive() { if (!object_active) { return(false); } if ((Time - DateTime.Now).TotalDays < 1) { return(true); } else { DatabaseOtpService.Disable(Id); } return(false); }