public static Boolean VerifyPasswordResetToken(AccountViewModel_VerifyPasswordResetToken view, string ConnectionString, SecurityLogic security) { //Checks if a TOken GUID was provided if (view.TokenID == null) { view.Errors.Add("Invalid Reset TokenID"); } if (view.TokenKey == null) { view.Errors.Add("Invalid Reset TokenKey"); } if (view.Errors.Count > 0) { return(false); } //Gets salt for token if available if (AccountDataAccess.VerifyPasswordResetToken_GetSalt(view, ConnectionString)) { //Get Salt Validations if (view.Errors.Count > 0) { return(false); } if (view.TokenSalt == null) { view.Errors.Add("Invalid Reset Token"); return(false); } //Verifies whether a valid token existed if (AccountDataAccess.VerifyPasswordResetToken(view, ConnectionString, security)) { //Verify Salt Validations if (view.Errors.Count > 0) { return(false); } if (view.AccountID == null || view.AccountID <= 0) { view.Errors.Add("Invalid Reset Token"); return(false); } return(true); } } return(false); }
public static Boolean VerifyPasswordResetToken_GetSalt(AccountViewModel_VerifyPasswordResetToken view, string ConnectionString) { try { DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_GetPasswordResetSalt"); dataAccess.SetParamater_Input("@GUID", view.TokenID, SqlDbType.VarChar, 100); dataAccess.SetParamater_Output("@outSalt", SqlDbType.VarChar, 100); dataAccess.ExecuteNonQuery(); view.TokenSalt = (string)(dataAccess.GetParamater("@outSalt")); return(true); } catch (Exception ex) { view.Errors.Add(ex.Message); return(false); } }
public static Boolean VerifyPasswordResetToken(AccountViewModel_VerifyPasswordResetToken view, string ConnectionString, SecurityLogic security) { try { DataAccess dataAccess = new DataAccess(ConnectionString, "spAccounts_VerifyPasswordResetToken"); dataAccess.SetParamater_Input("@TokenID", view.TokenID, SqlDbType.VarChar, 100); dataAccess.SetParamater_Input("@TokenKey", security.GenerateSaltedHash(view.TokenKey, Encoding.ASCII.GetBytes(view.TokenSalt)), SqlDbType.VarChar, 100); dataAccess.SetParamater_Output("@outAccountID", SqlDbType.Int); dataAccess.ExecuteNonQuery(); view.AccountID = (int?)(dataAccess.GetParamater("@outAccountID")); return(true); } catch (Exception ex) { view.Errors.Add(ex.Message); return(false); } }
public static Boolean ResetPassword(AccountViewModel_ResetPassword resetPasswordView, AccountViewModel_VerifyPasswordResetToken verifyTokenView, string ConnectionString, SecurityLogic security) { //Checks if a valid password was provided if (resetPasswordView.password == null || resetPasswordView.password == "") { resetPasswordView.Errors.Add("Please Provide a Password"); } if (resetPasswordView.Errors.Count > 0) { return(false); } //Checks for a valid Reset Password Token (AccountID > 0 signifies a successful VerifyPasswordResetToken Execution) if (verifyTokenView.AccountID > 0 || verifyTokenView.Errors.Count() == 0) { //Generates a Salt and Resets the Password resetPasswordView.passwordSalt = security.GenerateSalt(); if (AccountDataAccess.ResetPassword(resetPasswordView, verifyTokenView, ConnectionString, security)) { //Post Validation Checks if (resetPasswordView.AccountID == null) { return(false); } if (resetPasswordView.AccountID <= 0) { return(false); } if (resetPasswordView.Errors.Count > 0) { return(false); } return(true); } } return(false); }