コード例 #1
0
        public ActionResult ChangeTemporaryPassword(ChangePassword changePassword, string returnUrl)
        {
            ChangePassword aChangePassword = Session["UserLoginId"] as ChangePassword;

            if (aChangePassword != null)
            {
                if (aDoctorManager.IsValid(aChangePassword.DoctorLoginId, aChangePassword.OldPassword))
                {
                    changePassword.DoctorLoginId    = aChangePassword.DoctorLoginId;
                    changePassword.NewPassword      = Crypto.Hash(changePassword.NewPassword);
                    changePassword.PasswordVerified = true;
                    string message = aDoctorManager.ChangeTemporaryPassword(changePassword);
                    if (message == "Success")
                    {
                        bool   rememberMe = false;
                        int    timeout    = rememberMe ? 525600 : 60; // 525600 min = 1year
                        var    ticket     = new FormsAuthenticationTicket(aChangePassword.DoctorLoginId, rememberMe, timeout);
                        string encrypted  = FormsAuthentication.Encrypt(ticket);
                        var    cookie     = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
                        cookie.Expires  = DateTime.Now.AddMinutes(timeout);
                        cookie.HttpOnly = true;
                        Response.Cookies.Add(cookie);
                        if (Url.IsLocalUrl(returnUrl))
                        {
                            return(Redirect(returnUrl));
                        }
                        else
                        {
                            Session["UserLoginId"]        = null;
                            TempData["ChangeTempPassMsg"] = "Your temporary password changed successfully.";
                            return(RedirectToAction("Index", "Doctor"));
                        }
                    }
                    else
                    {
                        ViewBag.ErrorMessage = message;
                        return(View());
                    }
                }
                else
                {
                    return(RedirectToAction("Login", "Register"));
                }
            }
            else
            {
                return(RedirectToAction("Login", "Register"));
            }
        }