protected void Button1_Click(object sender, EventArgs e)
{
string userId = new SRPUser().GetUsernameByEmail(uxEmailaddress.Text);
string remoteAddress = new Tools.WebTools().RemoteUserAddress(Request);
if (string.IsNullOrEmpty(userId))
{
// user requested a password for an email address that is not in the database
// if account doesn't exist, send an email saying so
var values = new {
SystemName = SRPSettings.GetSettingValue("SysName", 1),
ControlRoomLink = string.Format("{0}{1}",
BaseUrl,
"/ControlRoom/LoginRecovery.aspx"),
ContactName = SRPSettings.GetSettingValue("ContactName", 1),
ContactEmail = SRPSettings.GetSettingValue("ContactEmail", 1),
RemoteAddress = remoteAddress,
UserEmail = uxEmailaddress.Text,
PasswordResetSubject = SRPResources.PasswordEmailSubject
};
this.Log().Info("User at {0} requested password reset for nonexistent email {1}",
values.RemoteAddress,
values.UserEmail);
// TODO email - move this template out to the database
StringBuilder body = new StringBuilder();
body.Append("<p>A password reset request was received by {SystemName} for your ");
body.Append("address. Unfortunately no account could be found associated with ");
body.Append("this email address.</p>");
body.Append("<p>If you initiated this request, feel free to ");
body.Append("<a href=\"{ControlRoomLink}\">try requesting the password</a> ");
body.Append("for any other email address you might have used.</p>");
body.Append("<p>If you have any comments or questions, please contact ");
body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
body.Append("</a>.</p>");
body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
body.Append("submitted from: {RemoteAddress}.</em></p>");
new EmailService().SendEmail(uxEmailaddress.Text,
"{SystemName} - {PasswordResetSubject}".FormatWith(values),
body.ToString().FormatWith(values));
}
else
{
SRPUser lookupUser = SRPUser.FetchByUsername(userId);
string passwordResetToken = lookupUser.GeneratePasswordResetToken();
if (string.IsNullOrEmpty(passwordResetToken))
{
lblMessage.Text = "Unable to initiate password reset process.";
return;
}
var values = new {
SystemName = SRPSettings.GetSettingValue("SysName", lookupUser.TenID),
PasswordResetLink = string.Format("{0}{1}?token={2}",
BaseUrl,
"/ControlRoom/PasswordRecovery.aspx",
passwordResetToken),
ContactName = SRPSettings.GetSettingValue("ContactName", lookupUser.TenID),
ContactEmail = SRPSettings.GetSettingValue("ContactEmail", lookupUser.TenID),
RemoteAddress = remoteAddress,
UserEmail = uxEmailaddress.Text,
PasswordResetSubject = SRPResources.PasswordEmailSubject,
};
this.Log().Info("User at {0} requested password reset for email {1}",
values.RemoteAddress,
values.UserEmail);
// TODO email - move this template out to the database
StringBuilder body = new StringBuilder();
body.Append("<p>A password reset request was received by {SystemName} for your ");
body.Append("address.</p>");
body.Append("<p>Please <a href=\"{PasswordResetLink}\">click here</a> ");
body.Append("to create a new password for your account.</p>");
body.Append("<p>If you did not initiate this request, take no action and your ");
body.Append("password will not be changed.</p>");
body.Append("<p>If you have any comments or questions, please contact ");
body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
body.Append("</a>.</p>");
body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
body.Append("submitted from: {RemoteAddress}.</em></p>");
new EmailService().SendEmail(uxEmailaddress.Text,
"{SystemName} - {PasswordResetSubject}".FormatWith(values),
body.ToString().FormatWith(values));
}
lblMessage.Text = "Processing your password reset request, you should receive an email soon.";
}
