public override async Task <PasswordResetCode> CreatePasswordResetCode(UserKey userKey) { this.CreatePasswordResetCode_InputUserKey = userKey; this.CreatePasswordResetCode_Output = await base.CreatePasswordResetCode(userKey); return(this.CreatePasswordResetCode_Output); }
protected void btnSendPasswordReset_Click(object sender, EventArgs e) { if (Data.Rows.Count > 0) { PasswordResetCode result = ResetPassword.SendResetEmail(Data.Rows[0]["Email"].ToString()); switch (result) { case PasswordResetCode.Success: //Success TopMessage.SuccessMessage = "A message was sent to the email address containing a link to reset the user's password."; break; case PasswordResetCode.InvalidEmail: //Invalid email TopMessage.ErrorMessage = "Invalid email address."; break; case PasswordResetCode.GuidUpdateFailure: //Failed updating GUID TopMessage.ErrorMessage = "Invalid user information."; break; case PasswordResetCode.CriticalError: //Critical error default: TopMessage.ErrorMessage = "It looks like there was an error sending the password reset email. Please try again."; break; } } else { TopMessage.ErrorMessage = "Unable to verify the user's email address. Please try again. (EUE102)"; } }
public virtual Task <bool> ValidatePasswordResetCode(UserKey userKey, PasswordResetCode code) { Guard.Null(nameof(userKey), userKey); Guard.Null(nameof(code), code); return(this.SingleUseTokenService.Validate( CreateSingleUseToken("pw", userKey, code))); }
public override Task <bool> ValidatePasswordResetCode(UserKey userKey, PasswordResetCode code) { this.ValidatePasswordResetCode_InputUserKey = userKey; this.ValidatePasswordResetCode_InputCode = code; return(!this.ValidatePasswordResetCode_OutputOverride.HasValue ? base.ValidatePasswordResetCode(userKey, code) : Task.FromResult(this.ValidatePasswordResetCode_OutputOverride.Value)); }
public virtual async Task <PasswordResetCode> CreatePasswordResetCode(UserKey userKey) { Guard.Null(nameof(userKey), userKey); var code = new PasswordResetCode((int)this._random.GenerateNumber(6)); await this.SingleUseTokenService.Create( CreateSingleUseToken("pw", userKey, code), expiration : new UtcDateTime(this.Clock.UtcNow.ToOffset().AddDays(1))) .ConfigureAwait(false); return(code); }
public static async Task <Result <UserMessage> > UpdatePassword <TUser>( this IIdentityService <TUser> identity, TUser user, PasswordResetCode code, Password password) where TUser : IUserKey, IUserPasswordHash, IUserSecurityStamp { Guard.Null(nameof(identity), identity); Guard.Null(nameof(user), user); Guard.Null(nameof(code), code); Guard.Null(nameof(password), password); var key = user.Key(); if (key == null) { throw new ArgumentException( paramName: nameof(user), message: $"The {nameof(user)} argument's {nameof(user.Key)}() method cannot return null."); } var validCode = await identity.Helper.ValidatePasswordResetCode(key, code) .ConfigureAwait(false); if (!validCode) { return(identity.Helper.InvalidPasswordResetCode); } var result = await identity.Helper.SetPasswordHash(user, password) .ConfigureAwait(false); if (result.Success) { await identity.Helper.RefreshSecurityStamp(user).ConfigureAwait(false); await identity.Update(user).ConfigureAwait(false); } return(result); }
public IActionResult ResetPasswordAction(string email, string code, string password, string confirm_pw) { if (email != null && code != null && password != null && confirm_pw != null) { Console.WriteLine("we're in"); if (password == confirm_pw) { User returnedUser = _context.users.Where(p => p.email == email).FirstOrDefault(); if (returnedUser != null) { PasswordResetCode codeToMatch = _context.password_reset_codes.Where(p => p.user_id == returnedUser.user_id) .OrderByDescending(p => p.created_at) .Take(1) .FirstOrDefault(); if (code == codeToMatch.code) { //hash and save new password PasswordHasher <User> Hasher = new PasswordHasher <User>(); password = Hasher.HashPassword(returnedUser, password); returnedUser.password = password; _context.Update(returnedUser); _context.SaveChanges(); //log user in HttpContext.Session.SetInt32("loggedUser", returnedUser.user_id); return(RedirectToAction("Homepage")); } } TempData["error"] = "Email not registered"; return(View("confirmresetcode")); } TempData["error"] = "Passwords dont match"; return(View("confirmresetcode")); } TempData["error"] = "Can't be blank"; return(View("confirmresetcode")); }
public IActionResult GetPasswordCode(string email) { if (email != null) { User returnedUser = _context.users.Where(p => p.email == email).FirstOrDefault(); if (returnedUser != null) { //generate random alphanumeric string var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; var randomString = new char[8]; Random rand = new Random(); for (int i = 0; i < randomString.Length; i++) { randomString[i] = chars[rand.Next(chars.Length)]; } string resetCode = new string(randomString); //convert string phone number to int Int64 phone_num = Int64.Parse(returnedUser.phone); SendText(phone_num, $"Hello, {returnedUser.name}! Your password reset code is: {resetCode}"); //save reset code to DB PasswordResetCode newCode = new PasswordResetCode(); newCode.user_id = returnedUser.user_id; newCode.code = resetCode; _context.password_reset_codes.Add(newCode); _context.SaveChanges(); return(RedirectToAction("ConfirmResetCode", new { user_id = returnedUser.user_id })); } Console.WriteLine("User not found"); } return(RedirectToAction("ResetPassword")); }
/// <summary> /// <para>Generates a new GUID in the database and sends a reset password email to the user.</para> /// <para>Return codes are as follows:</para> /// <para>0 - Success.</para> /// <para>1 - Invalid email address.</para> /// <para>2 - Failed updating GUID. Either there was a database error or a user doesn't exist with that email.</para> /// <para>3 - Critical error when attempting to send email.</para> /// </summary> /// <param name="email">The user's email.</param> /// <returns></returns> public static PasswordResetCode SendResetEmail(string email) { //Ensure we have a valid email. string link; string GCCPortalUrl = ConfigurationManager.AppSettings["GCCPortalURL"].ToString(); bool isValid = Validation.RegExCheck(email, ValidationType.Email); if (!isValid) { return(PasswordResetCode.InvalidEmail); } //Get new GUID for password reset string newGuid = UserInfo.ResetPassword(email); if (string.IsNullOrEmpty(newGuid)) { return(PasswordResetCode.InvalidEmail); } if (System.Diagnostics.Debugger.IsAttached) { Uri uri = HttpContext.Current.Request.Url; link = uri.Scheme + "://" + uri.Host + ":" + uri.Port + "/PasswordChange?id=" + newGuid; } else { link = GCCPortalUrl + "PasswordChange?id=" + newGuid; } //Send email here. #region Create and send email MailMessage msg = new MailMessage { Subject = "Reporting Portal Password Recovery" }; //Set subject //To address msg.To.Add(new MailAddress(email, email)); //From [email protected] msg.From = new MailAddress("*****@*****.**", "Forum Research"); //Set the reply-to email so it goes back to the help desk msg.ReplyToList.Add(new MailAddress("*****@*****.**", "Forum Research")); AlternateView plainView = AlternateView.CreateAlternateViewFromString(String.Format( @"We have received your request to reset your password for the GCGC Reporting Portal website. To complete this request, simply click on the following link or paste it into your browser to reset your password. {0} Note: This link will only be active for 12 hours. Regards, Great Canadian Gaming Corporation", link), null, "text/plain"); msg.AlternateViews.Add(plainView); AlternateView htmlView = AlternateView.CreateAlternateViewFromString(String.Format( @"<p>We have received your request to reset your password for the GCGC Reporting Portal website. To complete this request, simply click on the following link or paste it into your browser to reset your password.<br /> {0}<br /> Note: This link will only be active for 12 hours.</p> <p>Regards,</p> <p>Great Canadian Gaming Corporation</p>", "<a href='" + link + "'>" + link + "</a>"), null, "text/html"); msg.AlternateViews.Add(htmlView); #endregion Create and send email // ReSharper disable RedundantAssignment PasswordResetCode response = PasswordResetCode.Success; // ReSharper restore RedundantAssignment try { //Settings in web.config SmtpClient smtp = new SmtpClient(); smtp.Send(msg); response = PasswordResetCode.Success; //Success } catch (Exception ex) { ErrorHandler.WriteLog("GCGCReportingPortal.ResetPassword", String.Format("There was an error sending the password recovery email to: {0}", email), ErrorHandler.ErrorEventID.General, ex); response = PasswordResetCode.CriticalError; //Critical error! } finally { msg.Dispose(); } return(response); }