public void TestsUserAccounts_Security_TimeOutCheck() { UserResetPasswordModel model = new UserResetPasswordModel { Email = "*****@*****.**" }; model.GenerateSecurityKey(DateTime.UtcNow); var response = service.ValidateSecurityKey(new UserResetPasswordModel { SecurityKey = model.SecurityKey }); Assert.IsTrue(response.IsOK); model.GenerateSecurityKey(DateTime.UtcNow.AddMinutes(-29)); response = service.ValidateSecurityKey(new UserResetPasswordModel { SecurityKey = model.SecurityKey }); Assert.IsTrue(response.IsOK); model.GenerateSecurityKey(DateTime.UtcNow.AddMinutes(-31)); response = service.ValidateSecurityKey(new UserResetPasswordModel { SecurityKey = model.SecurityKey }); Assert.IsFalse(response.IsOK); }
public ActionResult ChangePassword(UserResetPasswordModel userResetPasswordModel) { if (!ModelState.IsValid) { return(View(userResetPasswordModel)); } else { UserResetPasswordDto userResetPasswordDto = new UserResetPasswordDto(); userResetPasswordDto.EmailId = userResetPasswordModel.EmailId; userResetPasswordDto.Password = userResetPasswordModel.Password; bool existUser = userSignUpDal.CheckValidEmailId(userResetPasswordModel.EmailId); if (existUser == true) { int i = userSignUpDal.ResetPasswordForUser(userResetPasswordDto); if (i > 0) { ViewBag.successText = "Successfully Updated Your Password"; } else { ViewBag.failureText = "Your Password has not updated. Please try some time "; } } else { ViewBag.failureText = "This MailId is not Exist."; } return(View()); } }
public IActionResult ResetPassword(UserResetPasswordModel model) { this.logger.LogDebug(string.Format(CultureInfo.InvariantCulture, this.localizer["LogResetPasswordTry"].Value)); if (model == null) { throw new ArgumentNullException(nameof(model)); } // Is the token valid ? IActionResult existsResult = this.ResetPasswordExists(model.ResetPasswordToken); User user; if (existsResult is OkObjectResult) { UserPasswordLostResponseModel result = (existsResult as OkObjectResult).Value as UserPasswordLostResponseModel; // Is the token related to the provided user ? if (result.Email == model.Email && result.Username == model.Username) { user = this.userService.GetByEmail(result.Email); this.userService.UpdatePassword(user.Id, model.Password); return(this.Ok()); } else { return(this.Conflict(new { message = this.localizer["LogResetPasswordUserConflict"].Value })); } } else { return(existsResult); } }
public IActionResult ResetPassword([FromBody] UserResetPasswordModel resetPasswordModel) { if (resetPasswordModel == null || string.IsNullOrEmpty(resetPasswordModel.Password) || string.IsNullOrEmpty(resetPasswordModel.Token) || string.IsNullOrEmpty(resetPasswordModel.Email)) { throw new MissingParameterException(); } if (resetPasswordModel?.Password?.Length > Limits.MAX_PASSWORD) { throw new InputValueTooLargeException(); } if (resetPasswordModel?.Token?.Length > Limits.MAX_RESETPWD_CODE) { throw new InputValueTooLargeException(); } if (resetPasswordModel?.Email?.Length > Limits.MAX_EMAIL_ADDRESS) { throw new InputValueTooLargeException(); } var ipAddress = HttpContext.Connection.RemoteIpAddress.ToString(); PwdManService.ResetPassword(resetPasswordModel, ipAddress); return(new JsonResult(true)); }
public void TestsUserAccounts_User_Request_Password_Reset() { var USRM1 = db.Users.Where(u => u.Email == "*****@*****.**").FirstOrDefault(); var model = new UserResetPasswordModel(); // Fail wrong security key model.Email = USRM1.Email; model.SecurityKey = Crypto.Encrypt("rubbish"); model.NewPassword = "******";; model.ConfirmPassword = "******"; var response = service.ResetPassword(model); Assert.IsFalse(response.IsOK); //pass model.GenerateSecurityKey(); model.Email = ""; response = service.ResetPassword(model); Assert.IsTrue(response.IsOK); Assert.AreEqual(model.Email, USRM1.Email); db = new Repository(this.TContext); // save took place var user = db.Users.Where(u => u.Email == model.Email).FirstOrDefault(); Assert.IsNotNull(user); Assert.IsTrue(user.Password == Crypto.Hash(model.NewPassword, user.Salt)); }
/// <summary> /// Approve password reset /// </summary> /// <param name="model">Password reset model</param> /// <returns></returns> public async Task <ApiOkResult> ResetPasswordApprove(UserResetPasswordModel model) { var user = await _appUserManager.FindByEmailAsync(model.Email); if (user == null) { throw new EntityNotFoundException(model.Email, typeof(AppUser)); } var resetPasswordEntity = await _userResetPasswordRepository.GetByUser(user.Id, model.Token); if (resetPasswordEntity == null || (DateTime.UtcNow - resetPasswordEntity.CreateTime).TotalHours > 24) { throw new EntityNotFoundException(model.Token, typeof(UserResetPassword), "Can not find request to reset password"); } var result = await _appUserManager.RemovePasswordAsync(user); if (!result.Succeeded) { throw new MRSystemException("Can not reset password"); } result = await _appUserManager.AddPasswordAsync(user, model.Password); if (!result.Succeeded) { throw new MRSystemException("Can not reset password"); } await _userResetPasswordRepository.ResetAllCodes(user.Id); return(new ApiOkResult(true)); }
public async Task <IActionResult> ResetPassword(UserResetPasswordModel userReset) { if (!ModelState.IsValid) { ModelState.AddModelError("", "Yeni şifrə düzgün deyil"); return(View()); } var user = await _userManager.FindByIdAsync(userReset.UserId); if (user == null) { ModelState.AddModelError("", "İstifadəçi tapılmadı"); return(View()); } var codeDecodedBytes = WebEncoders.Base64UrlDecode(userReset.Token); var codeDecoded = Encoding.UTF8.GetString(codeDecodedBytes); var result = await _userManager.ResetPasswordAsync(user, codeDecoded, userReset.Password); if (!result.Succeeded) { foreach (var item in result.Errors) { ModelState.AddModelError("", item.Description); } return(View(userReset)); } return(RedirectToAction("Login")); }
public ActionResult RequestNewPassword(UserResetPasswordModel model) { if (ModelState.IsValid) { var response = accountService.RequestNewPassword(model); if (response.IsOK) { ViewData["CurrentUser"] = this.CurrentUser ?? new UserSessionModel(); var emailModel = response.Model as SendEmailPasswordResetModel; emailModel.RenderTextVersion = true; emailModel.BodyTextVersion = RenderView(this, "SendEmailPasswordReset", emailModel); emailModel.RenderTextVersion = false; emailModel.BodyHtmlVersion = RenderView(this, "SendEmailPasswordReset", emailModel); new EmailServices().SendEmail(emailModel); } if (ProcessServiceResponse(response)) { return(View("RequestNewPasswordAcknowledgement")); } } return(View(model)); }
public async Task <ActionResult> ResetPassword([FromBody] UserResetPasswordModel model) { if (!ModelState.IsValid) { return(BadRequest()); } try { var forgotPasswordCodeToken = await _accountService.GetForgotPasswordCodeToken(model.Email); if (!model.Code.Equals(forgotPasswordCodeToken)) { return(Unauthorized(ErrorMessage.INVALIDFORGOTPASSWORDTOKEN.ToString())); } await _accountService.ResetPassword(model.Email, model.Password); return(Ok()); } catch (ArgumentException aex) { _log.Error(aex); return(Unauthorized(aex.Message)); } }
private ActionResult ValidateUser(UserLoginModel Model, string ReturnUrl) { SetTermOfUse(); string formId = "", pageNumber; if (ReturnUrl == null || !ReturnUrl.Contains("/")) { ReturnUrl = "/Home/Index"; } else { formId = ReturnUrl.Substring(0, ReturnUrl.IndexOf('/')); pageNumber = ReturnUrl.Substring(ReturnUrl.LastIndexOf('/') + 1); } try { Epi.Web.Enter.Common.Message.UserAuthenticationResponse result = _isurveyFacade.ValidateUser(Model.UserName, Model.Password); if (result.UserIsValid) { if (result.User.ResetPassword) { UserResetPasswordModel model = new UserResetPasswordModel(); model.UserName = Model.UserName; model.FirstName = result.User.FirstName; model.LastName = result.User.LastName; ReadPasswordPolicy(model); return(ResetPassword(model)); } else { FormsAuthentication.SetAuthCookie(Model.UserName, false); string UserId = Epi.Web.Enter.Common.Security.Cryptography.Encrypt(result.User.UserId.ToString()); Session["UserId"] = UserId; //Session["UsertRole"] = result.User.Role; Session["UserHighestRole"] = result.User.UserHighestRole; Session["UserEmailAddress"] = result.User.EmailAddress; Session["UserFirstName"] = result.User.FirstName; Session["UserLastName"] = result.User.LastName; Session["UGuid"] = result.User.UGuid; return(RedirectToAction(Epi.Web.MVC.Constants.Constant.INDEX, "Home", new { surveyid = formId })); //return Redirect(ReturnUrl); } } //else { ModelState.AddModelError("", "The email or password you entered is incorrect."); Model.ViewValidationSummary = true; return(View(Model)); } } catch (Exception) { ModelState.AddModelError("", "The email or password you entered is incorrect."); Model.ViewValidationSummary = true; return(View(Model)); throw; } }
// var currentUser = context.Session["UserSessionModel"] as UserSessionModel; public ServiceResponse RequestNewPassword(UserResetPasswordModel model) { this.Response = new ServiceResponse(); var emailUser = GetUserSessionModel(model.Email).Model as UserSessionModel; if (emailUser == null) { this.Response.AddError("Email", ResourceModelUser.MU007); } else { var emailModel = new SendEmailPasswordResetModel(); emailModel.From = new MailAddress(Utilities.Config("dpo.sys.email.from"), "Daikin Office Project"); emailModel.To.Add(new MailAddress(emailUser.Email, emailUser.DisplayName)); model.GenerateSecurityKey(); emailModel.SecurityKey = model.SecurityKey; emailModel.Subject = "Daikin Password Reset Request"; this.Response.Model = emailModel; } return(this.Response); }
public bool SetNewPassword(UserResetPasswordModel model) { Users user = UserManager.GetByHash(model.ConfirmHash); UserManager.NewPasswordUpdate(user.Id, model.NewPassword); return(true); }
public ActionResult RequestNewPassword(String UserEmail) { var model = new UserResetPasswordModel { Email = UserEmail }; return(View(model)); }
public async Task <IActionResult> ApproveResetPassword([FromBody] UserResetPasswordModel model) { if (!ModelState.IsValid) { return(BadModelResponse()); } return(Ok(await _loginManager.ResetPasswordApprove(model))); }
public IActionResult ResetPassword(string token, string userId) { var model = new UserResetPasswordModel { Token = token, UserId = userId }; return(View(model)); }
private void ReadPasswordPolicy(UserResetPasswordModel Model) { Model.MinimumLength = SecurityAppSettings.GetIntValue(SecurityAppSettings.Key.PasswordMinimumLength); Model.MaximumLength = SecurityAppSettings.GetIntValue(SecurityAppSettings.Key.PasswordMaximumLength); Model.UseSymbols = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseSymbols); Model.UseNumeric = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseNumbers); Model.UseLowerCase = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseLowerCase); Model.UseUpperCase = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseUpperCase); Model.UseUserIdInPassword = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseUserIdInPassword); Model.UseUserNameInPassword = SecurityAppSettings.GetBoolValue(SecurityAppSettings.Key.UseUserNameInPassword); Model.NumberOfTypesRequiredInPassword = SecurityAppSettings.GetIntValue(SecurityAppSettings.Key.NumberOfTypesRequiredInPassword); Model.Symbols = SecurityAppSettings.GetStringValue(SecurityAppSettings.Key.Symbols); }
private void ReadPasswordPolicy(UserResetPasswordModel Model) { Model.MinimumLength = Convert.ToInt16(ConfigurationManager.AppSettings["PasswordMinimumLength"]); Model.MaximumLength = Convert.ToInt16(ConfigurationManager.AppSettings["PasswordMaximumLength"]); Model.UseSymbols = Convert.ToBoolean(ConfigurationManager.AppSettings["UseSymbols"]); //= false; Model.UseNumeric = Convert.ToBoolean(ConfigurationManager.AppSettings["UseNumbers"]); //= false; Model.UseLowerCase = Convert.ToBoolean(ConfigurationManager.AppSettings["UseLowerCase"]); Model.UseUpperCase = Convert.ToBoolean(ConfigurationManager.AppSettings["UseUpperCase"]); Model.UseUserIdInPassword = Convert.ToBoolean(ConfigurationManager.AppSettings["UseUserIdInPassword"]); Model.UseUserNameInPassword = Convert.ToBoolean(ConfigurationManager.AppSettings["UseUserNameInPassword"]); Model.NumberOfTypesRequiredInPassword = Convert.ToInt16(ConfigurationManager.AppSettings["NumberOfTypesRequiredInPassword"]); Model.Symbols = ConfigurationManager.AppSettings["Symbols"]; }
public int ResetPassword([System.Web.Http.FromBody] UserResetPasswordModel model) { int ret = -1; User u = null; string resetToken = string.Empty; if (model != null && !string.IsNullOrEmpty(model.Email)) { using (var repo = Resolver.Resolve <IUserRepository>()) { u = repo.SelectByExternalId(model.Email); if (u != null) { if (u.Password == null) { u.Password = new UserPasswordDetails(); } resetToken = u.Password.ResetToken = Utils.Crypto.GetHash(Guid.NewGuid().ToString()); u.Password.ConfirmToken = string.Empty; repo.Update(u); MessageQueueManager.Current.GetQueue(MessageQueueType.Email).AddMessages(new Message[] { new Message() { Id = Guid.NewGuid().ToString(), Subject = Ifly.Resources.Frontpage.Email_PasswordReset_Subject, Body = new GenericMessageBody ( new Tuple <string, string>("Recipient", model.Email), new Tuple <string, string>("Body", string.Format(Ifly.Resources.Frontpage.Email_PasswordReset_Body, string.Format("{0}://{1}/change-password?email={2}&token={3}", Request.Url.Scheme, Request.Url.Authority, Server.UrlEncode(model.Email), resetToken))) ).ToString() } }); } else { throw new System.Web.HttpException((int)System.Net.HttpStatusCode.NotFound, "Not found"); } } } else { throw new System.Web.HttpException((int)System.Net.HttpStatusCode.BadRequest, "Bad request"); } return(ret); }
public void ResetPassword(UserResetPasswordModel model) { model.NewPassword = hashCryptoHelper.HashString(model.NewPassword); var userData = userDataRepository.FetchAll().Where(x => x.TokenHash == model.Token).FirstOrDefault(); userServiceValidationHelper.ValidateUserData(userData); userServiceValidationHelper.ValidateUserPasswordToken(userData); userData.PassHash = model.NewPassword; userData.IsTokenUsed = true; userData.FailedLoginCount = 0; userDataRepository.Update(userData); userDataRepository.Save(); }
public void TestsUserAccounts_User_RequestNewPassword() { var USRM1 = db.Users.Where(u => u.Email == "*****@*****.**").FirstOrDefault(); var model = new UserResetPasswordModel(); // Fail model.Email = "dsfdsf"; var errors = service.RequestNewPassword(model).GetMessages(MessageTypeEnum.Error); Assert.IsTrue(errors.Any(m => m.Key == "Email")); //fail model.Email = USRM1.Email; errors = service.RequestNewPassword(model).GetMessages(MessageTypeEnum.Error); Assert.IsFalse(errors.Any(m => m.Key == "Email")); }
public async Task <BaseServiceResponse> ResetPassword(UserResetPasswordModel model) { var response = new BaseServiceResponse(); try { if (model.Email == null) { return(response); } var user = await db.FindByEmail(model.Email.ToLower()); if (user == null) { return(response); } string resetToken = hasher.Hash(model.Email).Hash; user.Reset = resetToken; await db.UpdateAsync(user); var resetModel = new PasswordResetModel() { ActionUrl = $"http://www.aliseeks.com/user/reset?token={resetToken}", Name = user.Username, SenderName = "Alex", Subject = "Password Reset", ToAddress = user.Email }; await email.SendPasswordResetTo(resetModel); } catch (Exception e) { var sentry = new SentryEvent(e); await raven.CaptureNetCoreEventAsync(sentry); } return(response); }
// var lastUpdate = Db.UserQueryByEmail(context.User.Identity.Name).Select(u => u.Timestamp).FirstOrDefault(); public ServiceResponse ValidateSecurityKey(UserResetPasswordModel model) { this.Response = new ServiceResponse(); if (model.DecryptSecurityKey() == false) { this.Response.AddError(ResourceModelUser.MU009); return(this.Response); } if (new TimeSpan(DateTime.UtcNow.Ticks - model.SecurityTicks).TotalMinutes > 30) { this.Response.AddError(ResourceModelUser.MU009); return(this.Response); } this.Response.Model = model; return(this.Response); }
public ActionResult ResettingPasswordFromSecurityLink(UserResetPasswordModel model) { if (ModelState.IsValid) { var response = accountService.ValidateSecurityKey(model); if (ProcessServiceResponse(response)) { response = accountService.ResetPassword(model); if (ProcessServiceResponse(response)) { FormsAuthentication.SignOut(); return(View("PasswordResetAcknowledgement")); } } } return(View(model)); }
public ActionResult ResetPassword(UserResetPasswordModel Model, string Action, string ReturnUrl) { switch (Action.ToUpper()) { case "CANCEL": return(RedirectToAction(ViewActions.Index, ControllerNames.Login)); default: break; } if (!ModelState.IsValid) { UserResetPasswordModel model = new UserResetPasswordModel(); model.UserName = Model.UserName; ReadPasswordPolicy(model); // ModelState.AddModelError("", "Passwords do not match. Please try again."); return(View("ResetPassword", model)); } if (!ValidatePassword(Model)) { ModelState.AddModelError("", "Password is not strong enough. Please try again."); return(View("ResetPassword", Model)); } _securityFacade.UpdateUser(new UserDTO() { UserName = Model.UserName, PasswordHash = Model.Password, Operation = OperationMode.UpdatePassword, ResetPassword = true }); UserLoginModel UserLoginModel = new UserLoginModel(); UserLoginModel.Password = Model.Password; UserLoginModel.UserName = Model.UserName; return(ValidateUser(UserLoginModel, ReturnUrl)); }
public ActionResult ResetPassword(UserResetPasswordModel Model, string Action, string ReturnUrl) { switch (Action.ToUpper()) { case "CANCEL": return(RedirectToAction(Epi.Web.MVC.Constants.Constant.INDEX, "Login")); default: break; } if (!ModelState.IsValid) { UserResetPasswordModel model = new UserResetPasswordModel(); model.UserName = Model.UserName; ReadPasswordPolicy(model); // ModelState.AddModelError("", "Passwords do not match. Please try again."); return(View("ResetPassword", model)); } if (!ValidatePassword(Model)) { ModelState.AddModelError("", "Password is not strong enough. Please try again."); return(View("ResetPassword", Model)); } _isurveyFacade.UpdateUser(new Enter.Common.DTO.UserDTO() { UserName = Model.UserName, PasswordHash = Model.Password, Operation = Constant.OperationMode.UpdatePassword, ResetPassword = true }); UserLoginModel UserLoginModel = new UserLoginModel(); UserLoginModel.Password = Model.Password; UserLoginModel.UserName = Model.UserName; return(ValidateUser(UserLoginModel, ReturnUrl)); }
public ServiceResponse ResetPassword(UserResetPasswordModel model) { this.Response = new ServiceResponse(); if (model.DecryptSecurityKey() == false) { this.Response.AddError(ResourceModelUser.MU009); return(this.Response); } Validation.IsPasswordConfirmed(this.Response.Messages, model.NewPassword, model.ConfirmPassword, "ConfirmPassword"); this.Db.ReadOnly = false; var user = this.Db.UserQueryByEmail(model.Email).FirstOrDefault(); user.Password = Crypto.Hash(model.NewPassword, user.Salt); this.Db.SaveChanges(); this.Response.Model = model; return(this.Response); }
private bool ValidatePassword(UserResetPasswordModel Model) { //int minLength = Convert.ToInt16(ConfigurationManager.AppSettings["PasswordMinimumLength"]); //int maxLength = Convert.ToInt16(ConfigurationManager.AppSettings["PasswordMaximumLength"]); //bool useSymbols = Convert.ToBoolean(ConfigurationManager.AppSettings["UseSymbols"]); //= false; //bool useNumeric = Convert.ToBoolean(ConfigurationManager.AppSettings["UseNumbers"]); //= false; //bool useLowerCase = Convert.ToBoolean(ConfigurationManager.AppSettings["UseLowerCase"]); //bool useUpperCase = Convert.ToBoolean(ConfigurationManager.AppSettings["UseUpperCase"]); //bool useUserIdInPassword = Convert.ToBoolean(ConfigurationManager.AppSettings["UseUserIdInPassword"]); //bool useUserNameInPassword = Convert.ToBoolean(ConfigurationManager.AppSettings["UseUserNameInPassword"]); //int numberOfTypesRequiredInPassword = Convert.ToInt16(ConfigurationManager.AppSettings["NumberOfTypesRequiredInPassword"]); ReadPasswordPolicy(Model); int successCounter = 0; if (Model.UseSymbols && HasSymbol(Model.Password)) { successCounter++; } if (Model.UseUpperCase && HasUpperCase(Model.Password)) { successCounter++; } if (Model.UseLowerCase && HasLowerCase(Model.Password)) { successCounter++; } if (Model.UseNumeric && HasNumber(Model.Password)) { successCounter++; } if (Model.UseUserIdInPassword) { if (Model.Password.ToString().Contains(Model.UserName.Split('@')[0].ToString())) { successCounter = 0; } } if (Model.UseUserNameInPassword) { if (Model.Password.ToString().Contains(Model.FirstName) || Model.Password.ToString().Contains(Model.LastName)) { successCounter = 0; } } if (Model.Password.Length < Model.MinimumLength || Model.Password.Length > Model.MaximumLength) { return(false); } if (Model.NumberOfTypesRequiredInPassword <= successCounter && successCounter != 0) { return(true); } return(false); }
//[HttpGet] public ActionResult ResetPassword(UserResetPasswordModel model) { return(View("ResetPassword", model)); }
public async Task <IActionResult> ResetPassword(CancellationToken cancellationToken, UserResetPasswordModel model) { var userAgent = Request.UserAgent(); var command = new UserManagementCommand <UserResetPasswordModel>(model, User, userAgent); var result = await Mediator.Send(command, cancellationToken).ConfigureAwait(false); return(Ok(result)); }
public async Task <IActionResult> Reset([FromBody] UserResetPasswordModel model) { await user.ResetPassword(model); return(Ok()); }