public Response ResetPassword(ResetPasswordRequest request)
{
var login = _repository.Select<Login>()
.Join(l => l.User)
.FirstOrDefault(l => l.Token == request.Token);
if (login == null || !login.IsPasswordRecovery)
{
throw Errors.User_InvalidPasswordRecoveryToken;
}
if (login.ExpireDate < DateTime.UtcNow)
{
throw Errors.User_PasswordRecoveryTokenExpired;
}
login.ExpireDate = DateTime.UtcNow;
login.User.Password = _crypto.ComputeHash(request.NewPassword);
_repository.Update(login);
_repository.Update(login.User);
login = CreateLogin(login.User);
return Response.Success.WithData(new
{
login.Token
});
}
public Result<ServiceResponse> ResetPassword(ResetPasswordRequest request)
{
return this.InTransaction("Default", uow =>
{
request.CheckNotNull();
if (string.IsNullOrEmpty(request.Token))
throw new ArgumentNullException("token");
int userId;
using (var ms = new MemoryStream(MachineKey.Unprotect(
Convert.FromBase64String(request.Token), "ResetPassword")))
using (var br = new BinaryReader(ms))
{
var dt = DateTime.FromBinary(br.ReadInt64());
if (dt < DateTime.UtcNow)
throw new ValidationError(Texts.Validation.InvalidResetToken);
userId = br.ReadInt32();
}
UserRow user;
using (var connection = SqlConnections.NewFor<UserRow>())
{
user = connection.TryById<UserRow>(userId);
if (user == null)
throw new ValidationError(Texts.Validation.InvalidResetToken);
}
if (request.ConfirmPassword != request.NewPassword)
throw new ValidationError("PasswordConfirmMismatch", LocalText.Get("Validation.PasswordConfirm"));
request.NewPassword = UserRepository.ValidatePassword(user.Username, request.NewPassword, false);
var salt = Membership.GeneratePassword(5, 1);
var hash = SiteMembershipProvider.ComputeSHA512(request.NewPassword + salt);
UserRepository.CheckPublicDemo(user.UserId);
uow.Connection.UpdateById(new UserRow
{
UserId = user.UserId.Value,
PasswordSalt = salt,
PasswordHash = hash
});
BatchGenerationUpdater.OnCommit(uow, UserRow.Fields.GenerationKey);
return new ServiceResponse();
});
}
public void ResetPassword_Call_FindByIdAsync_ResetPasswordAsync_Methods()
{
var accountsController = new AccountsController(
_applicationUserManager.Object,
_emailSendingServiceMock.Object,
_inviteServiceMock.Object);
var resetPassword = new ResetPasswordRequest {
UserId = "SomeIdId", Code = "Code"
};
var resetResult = IdentityResult.Success;
_applicationUserManager.Setup(um => um.FindByIdAsync(It.IsAny <string>())).ReturnsAsync(_registerUser);
_applicationUserManager.Setup(um => um.ResetPasswordAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>())).ReturnsAsync(resetResult);
var actionResult = accountsController.ResetPassword(resetPassword);
_applicationUserManager.Verify(um => um.FindByIdAsync(It.IsAny <string>()), Times.Once());
_applicationUserManager.Verify(um => um.ResetPasswordAsync(It.IsAny <string>(), It.IsAny <string>(), It.IsAny <string>()), Times.Once());
}
public async Task <BaseResponse <string> > ResetPasswordAsync(ResetPasswordRequest request)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user == null)
{
throw new ApiException($"You are not registered with '{request.Email}'.");
}
var result = await _userManager.ResetPasswordAsync(user, request.Token, request.Password);
if (result.Succeeded)
{
return(new BaseResponse <string>(request.Email, message: $"Password Resetted."));
}
else
{
throw new ApiException($"Error occured while reseting the password. Please try again.");
}
}
public async Task <bool> ResetPassword(ResetPasswordRequest request)
{
var getUser = await _schoolHubDbContext.User.FirstOrDefaultAsync(x => x.Id == request.UserId && x.IsEmailConfirmed == true);
if (getUser != null)
{
getUser.Password = request.Password;
}
_schoolHubDbContext.Entry(getUser).State = EntityState.Modified;
await _schoolHubDbContext.SaveChangesAsync();
//TODO: Send Email to User
#region New Password Reset Notification
const int type = (int)NotificationType.PasswordReset;
await _notificationProcessor.ProcessNotificationAsync(getUser, type);
#endregion
return(true);
}
private async Task <ApiResponse> ResetPassword(ResetPasswordRequest request)
{
var apiResp = new ApiResponse
{
ResponseCode = ResponseCode.Fail
};
var securityResp = await _security.Reset(request.EmailOrUsername);
if (securityResp.ResponseCode != ResponseCode.Success)
{
apiResp.ResponseMessage = securityResp.ResponseMessage;
return(apiResp);
}
apiResp.ResponseCode = ResponseCode.Success;
return(apiResp);
}
public async Task ResetPassword(ResetPasswordRequest model)
{
var user = _context.User.SingleOrDefault(x =>
x.ResetToken == model.Token &&
x.ResetTokenExpires > DateTime.UtcNow);
if (user == null)
{
throw new AppException("Invalid token");
}
// update password and remove reset token
user.PasswordHash = BC.HashPassword(model.Password);
user.PasswordReset = DateTime.UtcNow;
user.ResetToken = null;
user.ResetTokenExpires = null;
_context.User.Update(user);
await _context.SaveChangesAsync();
}
protected void login_Click(object sender, EventArgs e)
{
ResetPasswordRequest request = new ResetPasswordRequest();
request.Email = Request.QueryString["email"];
request.Guid = Request.QueryString["guid"];
request.NewPassword = tbPassword.Text;
PasswordRecoveryResponse response = _systemService.ResetPassword(request);
if (response.Success)
{
X.Msg.Alert("Success", "Your Password Has been changed succesfully!");
Response.Redirect("~/Login.aspx");
}
else
{
lblError.Text = "Could not Reset Password";
}
}
public void ResetPassword(ResetPasswordRequest model)
{
var account = accountRepository.GetAll().SingleOrDefault(
x => x.ResetToken == model.Token &&
x.ResetTokenExpires > DateTime.UtcNow
);
if (account == null)
{
throw new AppException("Invalid token");
}
// update password and remove reset token
account.PasswordHash = BC.HashPassword(model.Password);
account.PasswordReset = DateTime.UtcNow;
account.ResetToken = null;
account.ResetTokenExpires = null;
accountRepository.Update(account, account.Id);
}
public ActionResult <LoginResponse> ResetPassword([Required, FromBody] ResetPasswordRequest request)
{
if (string.IsNullOrEmpty(request.newPassword))
{
return(ModelError("newPassword", LoginAuthMessage.PasswordMustHaveAValue.NiceToString()));
}
var error = UserEntity.OnValidatePassword(request.newPassword);
if (error != null)
{
return(ModelError("newPassword", error));
}
var rpr = ResetPasswordRequestLogic.ResetPasswordRequestExecute(request.code, request.newPassword);
return(new LoginResponse {
userEntity = rpr.User, token = AuthTokenServer.CreateToken(rpr.User), authenticationType = "resetPassword"
});
}
public async Task ResetPasswordAsync_WhenPasswordResetFailed_ShouldReturnResetPasswordFailed()
{
var request = new ResetPasswordRequest()
{
Password = "******",
UserId = Guid.NewGuid(),
Code = "verification code",
};
_mockUserManger.Setup(e => e.FindByIdAsync(request.UserId.ToString()))
.ReturnsAsync(new User());
_mockUserManger.Setup(e => e.ResetPasswordAsync(It.IsAny <User>(), request.Code, request.Password))
.ReturnsAsync(IdentityResult.Failed());
var response = await sut.ResetPasswordAsync(request);
response.IsSuccess.Should().BeFalse();
response.ResponseException !.ErrorCode.Should().Be(ErrorCode.ResetPasswordFailed);
response.ResponseException.ErrorMessage.Should().Be(ErrorCode.ResetPasswordFailed.GetDescription());
}
public void TestResetPasswordWithInvalidToken()
{
var claims = new Claim[]
{
new Claim(ClaimTypes.Email, testAccount.Email)
};
var tokenConfig = appSettings.Value.TokenConfig;
var token = IdentityHelper.GenerateToken(tokenConfig.Secret, tokenConfig.Issuer, tokenConfig.Audience, claims, tokenConfig.Expires);
token = token.Replace('e', 'f');
var request = new ResetPasswordRequest
{
Token = token,
NewPassword = "******"
};
var result = service.ResetPassword(request);
Assert.AreEqual(false, result.IsSuccess);
Assert.AreEqual(IdentityResultCode.InvalidToken, result.ResultCode);
}
public void ResetPassword(ResetPasswordRequest model)
{
var account = _context.Accounts.SingleOrDefault(x =>
x.ResetToken == model.Token &&
x.ResetTokenExpires > DateTime.UtcNow);
if (account == null)
{
throw new AppException("Invalid token");
}
// update password and remove reset token
account.PasswordHash = BC.HashPassword(model.Password);
account.PasswordReset = DateTime.UtcNow;
account.ResetToken = null;
account.ResetTokenExpires = null;
_context.Accounts.Update(account);
_context.SaveChanges();
}
public async Task <ActionResult> ResetPassword(ResetPasswordRequest model)
{
// Using email address since the username is public information
var user = await this.userManager.FindByEmailAsync(model.Email);
if (user == null)
{
// Don't reveal that the user does not exist
return(this.Ok());
}
var code = await this.userManager.GeneratePasswordResetTokenAsync(user);
await this.emailSender.SendEmailAsync(
model.Email,
"Password Reset",
$"There was a request to reset your Clicker Heroes Tracker password. If this was not you, please ignore this email.<br /><br />To reset your password, please enter this verification code:<br /><br />{code}");
return(this.Ok());
}
public Reply resetPassword(ResetPasswordRequest oRequest)
{
Reply oReply = new Reply();
oReply.status = Constants.ERROR;
try
{
//validaciones comunes
if (!ModelState.IsValid)
{
oReply.message = GetErrorsModel();
return(oReply);
}
using (ZonasAkronDevEntities db = new ZonasAkronDevEntities())
{
users oUser = (from d in db.users
where d.resetPassword.Equals(oRequest.token) && d.idStatus == 1
select d).FirstOrDefault();
if (oUser == null)
{
oReply.message = "Su solicitud ya no es válida inténtelo nuevamente.";
}
else
{
string newPass = Utilities.Encrypt.GetSHA256(oRequest.password);
oUser.password = newPass;
oUser.resetPassword = "";
oUser.updated_at = DateTime.Now;
db.Entry(oUser).State = System.Data.Entity.EntityState.Modified;
db.SaveChanges();
oReply.status = Constants.SUCCESS;
oReply.message = "Tu contraseña se modificó correctamente";
}
}
}
catch (Exception ex)
{
oReply.message = Constants.Exception.ERROR + ex.Message;
}
return(oReply);
}
public void RequestPasswordReset(string email, string siteUrl, Func <string, string> resetUrlGenerator)
{
if (string.IsNullOrEmpty(email))
{
throw new ArgumentNullException("email");
}
if (string.IsNullOrEmpty(siteUrl))
{
throw new ArgumentNullException("siteurl");
}
if (resetUrlGenerator == null)
{
throw new ArgumentNullException("resetUrlGenerator");
}
User user = _userService.GetUserByEmail(email);
if (user == null)
{
throw new UserNotExistsException(string.Format(CultureInfo.InvariantCulture, "User with email {0} not found", email));
}
DateTime expiration = DateTime.UtcNow.Add(_webConfiguration.ResetPasswordRequestExpiration);
ResetPasswordRequest request = _userService.CreatePasswordResetRequestForUser(user, expiration);
string link = resetUrlGenerator(request.Token);
TimeZoneData timeZoneData = _timeZonesProvider.GetTimeZoneByIdOrDefault(user.TimeZone);
var templateData = new Dictionary <string, object>
{
{ "link", link },
{ "siteurl", siteUrl },
{ "username", user.Name },
{ "expire", new DateTimeOffset(request.Expiration).ToOffset(timeZoneData.Offset).ToString("dd.MM.yyyy HH:mm zzz") }
};
string emailBody = _templateEngine.TransformTemplate(templateData, MailResources.RestorePasswordMailBody);
string emailSubject = _templateEngine.TransformTemplate(templateData, MailResources.RestorePasswordMailSubject);
_mailService.SendMessage(emailSubject, emailBody, _webConfiguration.RestorePasswordMailFrom, user.Email);
}
public async Task <Result> ResetPassword(ResetPasswordRequest request)
{
ValidationResult validationResult = _recoverPasswordValidator.Validate(request);
if (!validationResult.IsValid)
{
_logger.LogWarning($"Invlid RecoverPassword request");
return(Result.Fail(validationResult.Errors));
}
AppUserEntity appUser = await _userManager.FindByEmailAsync(request.Email);
if (appUser == null)
{
_logger.LogWarning($"No user. Email {request.Email}");
return(Result.Ok());
}
bool emailConfirmed = await _userManager.IsEmailConfirmedAsync(appUser);
if (!emailConfirmed || !appUser.Enabled || appUser.LockoutEnd != null)
{
_logger.LogWarning($"User email not confirmed. UserId {appUser.Id}");
return(Result.Ok());
}
string code = Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(request.Code));
IdentityResult identityResult = await _userManager.ResetPasswordAsync(appUser, code, request.Password);
if (!identityResult.Succeeded)
{
_logger.LogWarning($"Faild to reset password for user. User {appUser.Id}");
return(Result.Fail(identityResult.Errors));
}
await _emailSender.SendEmailAsync(appUser.Email, "Password changed", $"Your password has been changed");
_logger.LogInformation($"Password reset. UserId {appUser.Id}");
return(Result.Ok());
}
public async Task <JsonResult> ResetPassword([FromBody] ResetPasswordRequest request)
{
BaseResponse response = new BaseResponse();
AppUser user = await _userManager.FindByEmailAsync(request.Email);
if (user != null)
{
IdentityResult identityResult = await _userManager.ResetPasswordAsync(user, request.Token, request.Password);
if (identityResult.Succeeded)
{
response.Number = 1;
response.Message = "Şifre Başarılı Bir Şekilde Değiştirilmiştir";
return(Json(response));
}
identityResult.Errors.ToList <IdentityError>();
}
response.Number = 2;
response.Message = "Geçersiz Email ve Token Bilgisi";
return(Json(response));
}
/// <summary>
/// Resets the password of the user.
/// </summary>
/// <param name="resetPasswordDetails"></param>
/// <returns>returns 200 status code, if password reset is success</returns>
public async Task <IHttpActionResult> ResetPassword(ResetPasswordRequest resetPasswordDetails)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
try
{
var isOTPValid = await _unitOfWork.GetForgotPasswordRepository().VerifyOTP(resetPasswordDetails.OTP, resetPasswordDetails.UserId);
if (isOTPValid)
{
await _repo.ResetPassword(resetPasswordDetails.NewPassword, resetPasswordDetails.UserId);
}
return(Ok("password reset successfully"));
}
catch (Exception e)
{
return(InternalServerError(e));
}
}
public async Task <bool> ResetUserPasswordAsync(ResetPasswordRequest req)
{
var user = await _repo.GetAsync(req.Id);
if (user == null)
{
throw new KeyNotFoundException($"Could not find user with id: {req.Id}");
}
user.Password = req.Password;
var updatedUser = _repo.Update(user);
if (updatedUser == null)
{
return(false);
}
await _repo.UnitOfWork.SaveChangesAsync();
return(true);
}
public async Task <Response <string> > ResetPasswordAsync(ResetPasswordRequest request)
{
var user = await _userRepository.FindAsync(x =>
x.ResetToken == request.Token &&
x.ResetTokenExpires > DateTime.UtcNow);
if (user == null)
{
throw new ApiException("Invalid token");
}
// update password and remove reset token
user.Password = BC.HashPassword(request.Password);
user.PasswordReset = DateTime.UtcNow;
user.ResetToken = null;
user.ResetTokenExpires = null;
await _userRepository.UpdateAsync(user);
return(new Response <string>(user.Email, "Password Resetted."));
}
public async Task <IResult> ResetPasswordAsync(ResetPasswordRequest request)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user == null)
{
// Don't reveal that the user does not exist
return(Result.Fail("An Error has occured!"));
}
var result = await _userManager.ResetPasswordAsync(user, request.Token, request.Password);
if (result.Succeeded)
{
return(Result.Success("Password Reset Successful!"));
}
else
{
return(Result.Fail("An Error has occured!"));
}
}
public async Task ResetPasswordAsync_Should_Return_NoContentResult()
{
var resetPasswordRequest = new ResetPasswordRequest
{
Email = "*****@*****.**",
Code = "123456",
Password = "******",
ConfirmPassword = "******",
};
var resetPasswordCommand = new ResetPasswordCommand(resetPasswordRequest.Email, resetPasswordRequest.Code, resetPasswordRequest.Password);
_mapperMock.Setup(x => x.Map <ResetPasswordRequest, ResetPasswordCommand>(It.IsAny <ResetPasswordRequest>())).Returns(resetPasswordCommand);
_communicationBusMock.Setup(x => x.SendCommandAsync(It.IsAny <ResetPasswordCommand>(), It.IsAny <CancellationToken>()))
.Returns(Task.CompletedTask);
var result = await _controller.ResetPasswordAsync(resetPasswordRequest);
var noContentResult = result.As <NoContentResult>();
noContentResult.Should().NotBeNull();
}
private void ResetUserPassword()
{
if (Page.IsValid)
{
string password = txtPassword.Text;
if (userID != -1)
{
//Updates Password for the specified user
User user = new User();
user.ChangePassword(userID, password);
//Deletes ForgotPasswordRequest record from database table
ResetPasswordRequest request = new ResetPasswordRequest();
request.DeleteResetPasswordRequest(userID);
// Shows a confirmation message & Redirects the user to the Sign In page
divSuccess.Visible = true;
}
}
}
public ActionResult ResetPassword(string token)
{
if (string.IsNullOrEmpty(token))
{
throw new HttpException((int)HttpStatusCode.NotFound, "not found");
}
ResetPasswordRequest request = _membershipService.GetActivePasswordResetRequestByToken(token);
if (request == null)
{
throw new HttpException((int)HttpStatusCode.NotFound, "not found");
}
ResetPasswordModel model = new ResetPasswordModel();
model.Init(_membershipService.MinPasswordLength);
model.Token = request.Token;
return(View(model));
}
private void ResetPassword()
{
string email = txtEmail.Text;
User user = new User();
//Retrieves a user's details by providing their email
user = user.GetUserByEmail(email);
if (user != null)
{
string guid = Guid.NewGuid().ToString();
int userID = user.ID;
DateTime requestdateTime = DateTime.Now;
ResetPasswordRequest request = new ResetPasswordRequest(guid, userID, requestdateTime);
request.AddResetPasswordRequest(request);
//Send an Email to the specified user using query string
string toEmailAddress = user.Email;
string username = user.Username;
//Response.Redirect("~/Pages/UserAccounts/ResetPassword.aspx?GUID=" + guid);
string emailBody = "Hello" + username + ",<br/>Click the link below to reset your password<br/><br/> http://localhost:52449/UserAccounts/ResetPassword.aspx?GUID=" + guid;
MailMessage mailMessage = new MailMessage("*****@*****.**", toEmailAddress);
mailMessage.Body = emailBody;
mailMessage.IsBodyHtml = true;
mailMessage.Subject = "Reset Password";
//Create an SMTP object
SmtpClient smtpClient = new SmtpClient("smtp.gmail.com", 587);
smtpClient.Credentials = new NetworkCredential()
{
UserName = "******",
Password = "******"
};
smtpClient.EnableSsl = true;
smtpClient.Send(mailMessage);
}
else
{
divFail.Visible = true;
}
}
public IActionResult ForgotPassword(ForgotPasswordViewModel model)
{
var _user = new AuthenticateResponse
{
MembershipKey = 1006979, //1007435,
EmailAddress = "*****@*****.**", //"*****@*****.**",
FirstName = "Tolulope",
LastName = "Olusakin",
FullName = "Olusakin Tolulope S"//"Funmilayo Ruth Adeyemi",
};
ResetPasswordResponse response = new ResetPasswordResponse();
try
{
var resetRequest = new ResetPasswordRequest
{
Username = model.Username,
EmailAddress = model.EmailAddress
};
response = _clientService.ResetPassword(resetRequest);
if (response.ResponseCode == "00" || response.ResponseCode == "0")
{
var msg = "Success: " + response.ResponseMessage;
ViewBag.message = msg;
return(View(model));
}
else
{
ViewBag.message = response.ResponseMessage;
}
}
catch (Exception ex)
{
ViewBag.message = ex.Message;
Utilities.ProcessError(ex, _contentRootPath);
_logger.LogError(null, ex, ex.Message);
}
return(View(model));
}
public override Task <BooleanMessageReply> ResetPassword(ResetPasswordRequest request, ServerCallContext context)
{
try
{
if (Game.World.WorldData.TryGetAuthInfo(request.Username, out AuthInfo login))
{
// Simple length check
if (request.NewPassword.Length > 8 || request.NewPassword.Length < 4)
{
return(Task.FromResult(new BooleanMessageReply()
{
Message = "Passwords must be between 4 and 8 characters",
Success = false
}));
}
login.PasswordHash = BCrypt.Net.BCrypt.HashPassword(request.NewPassword,
BCrypt.Net.BCrypt.GenerateSalt(12));
login.LastPasswordChange = DateTime.Now;
login.LastPasswordChangeFrom = context.Peer;
login.Save();
}
else
{
return(Task.FromResult(new BooleanMessageReply()
{
Message = "Unknown user", Success = false
}));
}
}
catch (Exception e)
{
GameLog.UserActivityError("grpc: ResetPassword: unknown exception {e}", e);
}
return(Task.FromResult(new BooleanMessageReply()
{
Message = "Unknown error", Success = false
}));
}
public ResetPasswordResponse SendResetPasswordMail(ResetPasswordRequest req)
{
User user = _context.Users.Where(p => p.Email == req.Email && p.Active)
.Select(s => s).FirstOrDefault();
UserActivation usersActivation = new UserActivation();
usersActivation.User = user;
usersActivation.StartTime = DateTime.Now;
usersActivation.ActivationCode = GenerateActivationCode();
usersActivation.ActivationType = ActivationType.PasswordReset;
_mailService.SetActivation(usersActivation.Adapt <Activation>());
_mailService.SetEmailType(EmailType.PasswordReset);
_mailService.SetMailBoxes = ConvertUserToMailBoxesArray(user);
_mailService.SetEmailMessage();
_mailService.SendEmailAsync();
_context.UserActivations.Add(usersActivation);
_context.SaveChangesAsync();
ResetPasswordResponse res = new ResetPasswordResponse();
res.isResetMailSent = true;
return(res);
}
public ResponseDto ResetPassword(ResetPasswordRequest request)
{
request.mobile_number = Common.GetStandardMobileNumber(request.mobile_number);
ResponseDto response = new ResponseDto();
Consumer consumer = null;
string newPasswordHash = TokenGenerator.GetHashedPassword(request.new_password, 49);
string confirmPasswordHash = TokenGenerator.GetHashedPassword(request.confirm_password, 49);
try
{
using (UserDao dao = new UserDao())
{
consumer = dao.FindByMobileNumber(request.mobile_number);
if (consumer == null)
{
MakeNouserResponse(response);
return(response);
}
if (newPasswordHash == confirmPasswordHash)
{
consumer.Password = TokenGenerator.GetHashedPassword(request.new_password, 49);
dao.Update(consumer);
response.code = 0;
response.has_resource = 1;
response.message = MessagesSource.GetMessage("passwd.reset");
return(response);
}
}
response.code = 1;
response.has_resource = 0;
response.message = MessagesSource.GetMessage("exception");
return(response);
}
catch (Exception ex)
{
response.MakeExceptionResponse(ex);
return(response);
}
}
public async Task <IActionResult> ResetPassword([FromBody] ResetPasswordRequest request)
{
var shopUser = await _userManager.FindByIdAsync(request.UserId);
if (shopUser != null)
{
var decodedToken = EncodeHelper.Base64Decode(request.Token);
var resetPasswordResult = await _userManager.ResetPasswordAsync(shopUser, decodedToken, request.Password);
if (resetPasswordResult.Succeeded)
{
return(StatusCode((int)HttpStatusCode.OK, "Password was reset"));
}
return(StatusCode((int)HttpStatusCode.BadRequest,
new ErrorResponse(ErrorReasons.BadRequest,
resetPasswordResult.Errors.Select(e => e.Description).FirstOrDefault())));
}
return(StatusCode((int)HttpStatusCode.NotFound,
new ErrorResponse(ErrorReasons.NotFound, "User was not found.")));
}
public async Task <IActionResult> ResetPassword(ResetPasswordRequest resetPassword)
{
try
{
if (!ValidateResetPasswordRequest(resetPassword))
{
return(BadRequest(new { Message = "Please Enter Proper Data" }));
}
var user = HttpContext.User;
if (user.HasClaim(u => u.Type == "TokenType"))
{
if ((user.Claims.FirstOrDefault(u => u.Type == "TokenType").Value == "ForgotPassword") ||
(user.Claims.FirstOrDefault(u => u.Type == "TokenType").Value == "login"))
{
int userID = Convert.ToInt32(user.Claims.FirstOrDefault(u => u.Type == "UserID").Value);
success = await _userBusiness.ResetPassword(userID, resetPassword);
if (success)
{
success = true;
message = "Your Password Changed Successfully";
return(Ok(new { success, message }));
}
else
{
message = "Unable to Change the Password";
return(NotFound(new { success, message }));
}
}
}
message = "Invalid Token";
return(BadRequest(new { success, message }));
}
catch (Exception ex)
{
return(BadRequest(new { ex.Message }));
}
}
public Result<ServiceResponse> ResetPassword(ResetPasswordRequest request)
{
return this.InTransaction("Default", uow =>
{
request.CheckNotNull();
if (string.IsNullOrEmpty(request.Token))
throw new ArgumentNullException("token");
var username = Authorization.Username;
//if (!Dependency.Resolve<IAuthenticationService>().Validate(ref username, request.OldPassword))
// throw new ValidationError("CurrentPasswordMismatch", Texts.Validation.CurrentPasswordMismatch);
if (request.ConfirmPassword != request.NewPassword)
throw new ValidationError("PasswordConfirmMismatch", Texts.Validation.PasswordConfirmMismatch);
request.NewPassword = UserRepository.ValidatePassword(username, request.NewPassword, false);
var salt = Membership.GeneratePassword(5, 1);
var hash = SiteMembershipProvider.ComputeSHA512(request.NewPassword + salt);
uow.Connection.UpdateById(new UserRow
{
UserId = int.Parse(Authorization.UserId),
PasswordSalt = salt,
PasswordHash = hash
});
BatchGenerationUpdater.OnCommit(uow, UserRow.Fields.GenerationKey);
return new ServiceResponse();
});
}
public static bool ResetPassword(ResetPasswordRequest model)
{
if (string.IsNullOrEmpty(model.NewPassword))
{
throw new Exception("You must provide a password");
}
Guid tokenGuid = new Guid(model.TokenId);
Token token = UserTokensService.Get(tokenGuid); // Given the token, Get the UserName
ApplicationUser applicationUser = GetUserbyUserName(token.UserName); // From the UserName, get UserId
bool success = ChangePassWord(applicationUser.Id, model.NewPassword); // applicationUser has the email we needed to use ChangePassWord
if (success)
{
UserTokensService.Delete(tokenGuid);
}
return success;
}
public ResetPasswordResponse ResetPassword(ResetPasswordRequest request)
{
var response = new ResetPasswordResponse();
try
{
if (WebSecurity.ResetPassword(request.ResetPasswordToken, request.NewPassword))
{
response.Status = StatusCode.OK;
}
else
{
response.Status = StatusCode.Unauthorized;
}
}
catch (Exception ex)
{
response.Status = StatusCode.InternalServerError;
this.exceptionHandler.HandleException(ex);
}
return response;
}
public ResetPasswordResponse ResetPassword(ResetPasswordRequest request)
{
throw new NotImplementedException();
}
public HttpResponseMessage NewPassword(ResetPasswordRequest model)
{
BaseResponse resp = null;
if (!ModelState.IsValid) //if my data is NOT valid
{
return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState); //it will return as error response
}
var success = UserService.ResetPassword(model);
if (!success)
{
resp = new ErrorResponse("Unable to change password! Your password must have the following: At least one uppercase ('A'-'Z'), at least one digit ('0'-'9'), and at least one special character.");
return Request.CreateResponse(HttpStatusCode.BadRequest, resp);
}
ItemResponse<bool> response = new ItemResponse<bool>();
response.Item = success;
return Request.CreateResponse(response);
}
public ActionResult ResetPassword(ResetPasswordViewModel model)
{
if (this.ModelState.IsValid)
{
var request = new ResetPasswordRequest
{
ResetPasswordToken = model.ResetPasswordToken,
NewPassword = model.NewPassword
};
var response = this.authenticationService.ResetPassword(request);
if (response.Status == StatusCode.OK)
{
this.TempData["SuccessMessage"] = "You have successfully reset your password. Please login with your new credentials.";
return this.RedirectToAction("login");
}
else
{
this.TempData.Add("ResetPasswordFail", "XXX");
return this.RedirectToAction("request-password");
}
}
return this.View();
}
/// <summary>
/// The generate change password link.
/// </summary>
/// <param name="request">
/// The request.
/// </param>
/// <returns>
/// The TdService.Services.Messaging.Membership.ChangePasswordLinkResponse.
/// </returns>
public ResetPasswordResponse ResetPassword(ResetPasswordRequest request)
{
try
{
var user = this.userRepository.GetUserByEmail(request.IdentityToken);
if (user == null)
{
return new ResetPasswordResponse
{
MessageType = MessageType.Error,
ErrorCode = ErrorCode.UserNotFound.ToString()
};
}
var pwdKey = Guid.NewGuid();
user.PasswordResetKey = pwdKey;
this.userRepository.UpdateUser(user);
this.userRepository.SaveChanges();
this.emailService.SendMail(
EmailResources.EmailActivationFrom,
request.IdentityToken,
EmailResources.ResetPasswordSubject,
string.Format(EmailResources.ResetPasswordBody, this.ApplicationUrl, pwdKey));
return new ResetPasswordResponse { MessageType = MessageType.Success };
}
catch (Exception ex)
{
return new ResetPasswordResponse { MessageType = MessageType.Error, Message = ex.Message };
}
}
