//[ValidateAntiForgeryToken] public ActionResult PasswordReset(UserPasswordReset Reset) { const string PasswordResetSub = "Task Manager - Password Reset"; //if we have a fully valid reset then we are done if (ModelState.IsValid) { //change the password SecurityReturn TempReturn = SecurityHelper.PasswordToSaltedHash(Reset.NewConfirmPassword, CodeLengths); DB.DoPasswordResset(Reset.Email, Reset.ResetCode, TempReturn.SaltedHashedPassword, TempReturn.Salt); return(RedirectToAction("", "Home")); } //if from the email you have gotten the reset code move to next step if (ModelState["ResetCode"].Errors.Count < 1 && ModelState["Email"].Errors.Count < 1) { return(View("PasswordResetStep2", Reset)); } //if we provided a email to work with move to step 2 if (ModelState["Email"].Errors.Count < 1) { //make a code and attempt bind it string Code = SecurityHelper.GetCode(20).CleanURLIllegalChars(); if (DB.CreateThePasswordResset(Reset.Email, Code).First().Value) { string[] Split = Reset.Email.Split(new char[] { '@' }, StringSplitOptions.RemoveEmptyEntries); ViewBag.URL = this.MakeFullURLActionLink("PasswordResetEmailRedirect", "Account", new { Email = Split[0], Domain = Split[1], Code = Code }, false); // if bound send an email to the email SendEmail(Reset.Email, PasswordResetSub, "PasswordResetEmailTemplate"); } //Display to check the email or resend return(View("PasswordResetCheckYourEmail", Reset)); } return(View("PasswordResetStep1", Reset)); }
public ActionResult Register(UserRegEntry Registy) { if (ModelState.IsValid && !DB.IsEmailUsed(Registy.Email).First().Value) { string ErrorMessage = ""; var ErrorMessageParameter = ErrorMessage != null ? new ObjectParameter("ErrorMessage", ErrorMessage) : new ObjectParameter("ErrorMessage", typeof(string)); SecurityReturn PasscodeHasher = SecurityHelper.PasswordToSaltedHash(Registy.Password, CodeLengths); Registy.Salt = PasscodeHasher.Salt; Registy.Password = PasscodeHasher.SaltedHashedPassword; /*InsertNewUser(string firstName, string middleInitial, * string lastName, string email, string password, * string salt, string primaryPhoneNumber, ObjectParameter errorMessage)*/ int Error = DB.InsertNewUser(Registy.FirstName, Registy.MiddleInitial, Registy.LastName, Registy.Email, Registy.Password, Registy.Salt, Registy.PrimaryPhoneNumber, ErrorMessageParameter); ViewBag.ErrorMessage = ErrorMessageParameter.Value as string; if (Error > 0) { return(RedirectToAction("Login")); } } return(View(Registy)); }