//POST: PasswordReset/ResetPassword
public IActionResult ResetPassword()
{
//get input values
string ResetID = HttpContext.Request.Form["ResetID"];
string NewPassword = HttpContext.Request.Form["Password"];
string ConfirmPassword = HttpContext.Request.Form["ConfirmPassword"];
try
{
string[] ValidationInputs = { ResetID, NewPassword, ConfirmPassword };
if (!functions.ValidateInputs(ValidationInputs))
{
TempData["ErrorMessage"] = "Validation error. Missing required field(s).";
return(RedirectToAction("Index", new { id = ResetID }));
}
//verify password match
if (!functions.PasswordsMatch(NewPassword, ConfirmPassword))
{
TempData["ErrorMessage"] = "Passwords do not match";
return(RedirectToAction("Index", new { id = ResetID }));
}
string AccountID = _context.PasswordForgot.Where(s => s.ResetID == ResetID).FirstOrDefault().AccountID;
// get password
var query = _context.Accounts.Where(s => s.AccountID == AccountID);
string hashedPassword = (query.Any()) ? query.FirstOrDefault().Password : "";
//Update values
NewPassword = BCrypt.Net.BCrypt.HashPassword(NewPassword);
functions.UpdateTableData("Accounts", "AccountID", AccountID, "Password", NewPassword, _systemConfiguration.connectionString);
TempData["SuccessMessage"] = "Account password has been reset successfully.";
return(RedirectToAction("Index", "SignIn"));
}
catch (Exception ex)
{
//Log Error
_logger.LogInformation("Reset Account Password Error: " + ex.ToString());
TempData["ErrorMessage"] = "There was an error processing your request. Please try again. If this error persists, please send an email to the administrator.";
return(RedirectToAction("Index", new { id = ResetID }));
}
}