public async Task <ActionResult> ForgotPassword(ForgotPasswordViewModel forgotPassword)
{
var recaptcha = new ReCaptcha();
var responseFromServer = recaptcha.OnActionExecuting();
if (responseFromServer.StartsWith("true", StringComparison.Ordinal))
{
if (forgotPassword != null && ModelState.IsValid)
{
var userByUsername = await DatabaseContext.RegisteredUsers.Find(new BsonDocument {
{ "Account.UserName", forgotPassword.UserName }
}).ToListAsync();
if (userByUsername.Count > 0)
{
if (userByUsername[0].Account.Email.Equals(forgotPassword.Email))
{
var password = CreatePassword();
var passwordEncryption = new PasswordHashAndSalt();
var tempEncryptedPassword = passwordEncryption.getHashedPassword(password);
userByUsername[0].Account.TempPassword = tempEncryptedPassword;
await DatabaseContext.RegisteredUsers.ReplaceOneAsync(r => r.Account.UserName == userByUsername[0].Account.UserName, userByUsername[0]);
using (var mail = new MailMessage())
{
mail.To.Add(forgotPassword.Email);
mail.Subject = "Royal Holloway LETS Password Recovery";
mail.Body = "<p>Hello " + userByUsername[0].About.FirstName + ",</p><h3>Forgotten your password?</h3><p>We got a request to reset your Royal Holloway LETS account's password.<br/>You use the below code in bold to login to your account.<br/><b>Please change your password to something memorable when you have logged in.</b></p><h2>" + password + "</h2><p>All the best,<br/>Royal Holloway LETS</p>";
SendEmail(mail);
ModelState.AddModelError("Success", "Please check you email, We have sent you your recovery password to your account.");
forgotPassword.UserName = null;
forgotPassword.Email = null;
}
}
else
{
ModelState.AddModelError("Email", "Sorry, The Email you provided is not associated with the username you entered.");
return(View(forgotPassword));
}
}
else
{
ModelState.AddModelError("UserName", "Sorry, We didn't find any account associated with this username in our system.");
}
}
}
else
{
ModelState.AddModelError("ReCaptcha", "Incorrect CAPTCHA entered.");
return(View(forgotPassword));
}
return(View());
}
public async Task <ActionResult> ChangePassword(RegisterUserViewModel registeredUser)
{
if (User != null)
{
var username = User.Identity.Name;
var userByUsername = await DatabaseContext.RegisteredUsers.Find(new BsonDocument
{
{ "Account.UserName", username }
}).ToListAsync();
var passwordEncryption = new PasswordHashAndSalt();
var oldPassword = passwordEncryption.getHashedPassword(registeredUser.Account.OldPassword);
var newPassword = passwordEncryption.getHashedPassword(registeredUser.Account.NewPassword);
var confirmNewPassword = passwordEncryption.getHashedPassword(registeredUser.Account.ConfirmNewPassword);
if (userByUsername != null && userByUsername.Count > 0 && newPassword.Equals(confirmNewPassword))
{
if (userByUsername[0].Account.Password.Equals(oldPassword) ||
(!string.IsNullOrEmpty(userByUsername[0].Account.TempPassword) &&
userByUsername[0].Account.TempPassword.Equals(oldPassword)))
{
userByUsername[0].Account.Password = newPassword;
userByUsername[0].Account.TempPassword = null;
await DatabaseContext.RegisteredUsers.ReplaceOneAsync(r => r.Account.UserName == userByUsername[0].Account.UserName, userByUsername[0]);
TempData.Add("PasswordChanged", "Your Password was changed successfully.");
}
else
{
TempData.Add("PasswordNotChanged", "There was an error in changing you password. Please try again.");
}
}
}
else
{
TempData.Add("PasswordNotChanged", "There was an error in changing you password. Please try again.");
}
return(RedirectToAction("UserProfile", "Account"));
}
public async Task <ActionResult> Login(LoginViewModel loginUser)
{
if (loginUser != null && ModelState.IsValid)
{
var userByUsername = await DatabaseContext.RegisteredUsers.Find(new BsonDocument {
{ "Account.UserName", loginUser.UserName }
}).ToListAsync();
var passowordEncryption = new PasswordHashAndSalt();
loginUser.Password = passowordEncryption.getHashedPassword(loginUser.Password);
if (userByUsername.Count > 0)
{
if (userByUsername[0].Account.UserName.Equals(loginUser.UserName) && (userByUsername[0].Account.Password.Equals(loginUser.Password) || (!string.IsNullOrEmpty(userByUsername[0].Account.TempPassword) && userByUsername[0].Account.TempPassword.Equals(loginUser.Password))))
{
var userAuthentication = new UserAuthentication();
var identity = userAuthentication.AuthenticateUser(userByUsername[0].Account.UserName);
HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties {
IsPersistent = false, ExpiresUtc = DateTime.UtcNow + TimeSpan.FromMinutes(15)
}, identity);
return(RedirectToAction("UserProfile", "Account"));
}
else
{
ModelState.AddModelError("UserName", "Please make sure you entered the correct username.");
ModelState.AddModelError("Password", "Please make sure you entered the correct password.");
View();
}
}
else
{
ModelState.AddModelError("UserName", "Please make sure you entered the correct username.");
ModelState.AddModelError("Password", "Please make sure you entered the correct password.");
return(View());
}
}
return(View());
}
public ActionResult Register(RegisterUserViewModel registerUser)
{
var recaptcha = new ReCaptcha();
var responseFromServer = recaptcha.OnActionExecuting();
if (responseFromServer.StartsWith("true", StringComparison.Ordinal))
{
if (registerUser != null && ModelState.IsValid)
{
var userByUsername = DatabaseContext.RegisteredUsers.Find(new BsonDocument {
{ "Account.UserName", registerUser.Account.UserName }
}).ToList();
var userByEmail = DatabaseContext.RegisteredUsers.Find(new BsonDocument {
{ "Account.Email", registerUser.Account.Email }
}).ToList();
if (userByUsername.Count == 0)
{
if (userByEmail.Count == 0)
{
var passwordEncryption = new PasswordHashAndSalt();
registerUser.Id = Guid.NewGuid().ToString();
registerUser.Account.Password = passwordEncryption.getHashedPassword(registerUser.Account.Password);
registerUser.Account.ConfirmPassword = passwordEncryption.getHashedPassword(registerUser.Account.ConfirmPassword);
registerUser.Account.ImageId = "586a7d67cf43d7340cb54670";
var tradingDetails = new LetsTradingDetails {
Id = registerUser.Id, Credit = 100
};
DatabaseContext.RegisteredUsers.InsertOne(registerUser);
DatabaseContext.LetsTradingDetails.InsertOne(tradingDetails);
using (var mail = new MailMessage())
{
mail.To.Add(registerUser.Account.Email);
mail.Subject = "Welcome to Royal Holloway LETS";
mail.Body = "<p>Hello " + registerUser.About.FirstName + ",</p><h3>Thanks for joining Royal Holloway LETS</h3><p>Please find your account details below</p><p>Title : <b>" + registerUser.About.Title + "</b></p><p>First Name : <b>" + registerUser.About.FirstName + "</b></p><p>Last Name : <b>" + registerUser.About.LastName + "</b></p><p>Gender : <b>" + registerUser.About.Gender + "</b></p><p>User Name : <b>" + registerUser.Account.UserName + "</b></p><p>Kind Regards,<br/>Royal Holloway LETS</p>";
SendEmail(mail);
TempData.Add("Registered", "You have successfully signed up for Royal Holloway LETS, We have also sent you can email with your account details for your future reference.");
}
return(RedirectToAction("Login"));
}
else
{
registerUser.Account.Password = null;
registerUser.Account.ConfirmPassword = null;
ModelState.AddModelError("Account.Email", "Sorry, The following email already exists in our system.");
return(View(registerUser));
}
}
else
{
registerUser.Account.Password = null;
registerUser.Account.ConfirmPassword = null;
ModelState.AddModelError("Account.UserName", "Sorry, This username is not available.");
if (userByEmail.Count > 0)
{
ModelState.AddModelError("Account.Email", "Sorry, The following email already exists in our system.");
}
return(View(registerUser));
}
}
}
else
{
registerUser.Account.Password = null;
registerUser.Account.ConfirmPassword = null;
ModelState.AddModelError("ReCaptcha", "Incorrect CAPTCHA entered.");
return(View(registerUser));
}
return(View());
}