public ActionStatus UpdatePassword(User inUserDto) { ActionStatus status = new ActionStatus(); try { UserDalc userDalc = new UserDalc(GetTransaction()); //Start tran Start(); User outUserDto = userDalc.GetUser(inUserDto); inUserDto.PasswordHash = Authentication.GenerateSaltedHash(inUserDto.Password, outUserDto.PasswordSalt); inUserDto.AccountStatus = Constants.Account_Status_Active; userDalc.UpdateUserPasswordHash(inUserDto); //commit tran SetComplete(); status.IsSuccessful = true; status.Messages.Add(new ActionMessage("Your password has been successfully changed.")); } catch (MNException mnEx) { //TODO: Log error //abort tran SetAbort(); throw mnEx; } catch (Exception ex) { //TODO: Log error //abort tran SetAbort(); throw ex; } if (!status.IsSuccessful) { status.Messages.Add( new ActionMessage("Could not change your password. Please contact the system administrator.")); } return(status); }
public ActionStatus ResetPassword(User inUserDto) { ActionStatus status = new ActionStatus(); try { UserDalc userDalc = new UserDalc(GetTransaction()); //Start tran Start(); //Get the password salt User outUserDto = userDalc.GetUser(inUserDto); //Generate a new password string newPassword = Membership.GeneratePassword(10, 0); //Generate a hash from the new password and salt inUserDto.PasswordHash = Authentication.GenerateSaltedHash(newPassword, outUserDto.PasswordSalt); //Set the account status to stale so that users have to change the password inUserDto.AccountStatus = Constants.Account_Status_Stale; //Update the password userDalc.UpdateUserPasswordHash(inUserDto); //Create a new mail message MailMessage msg = new MailMessage(); //Set the subject msg.Subject = string.Format(ConfigurationManager.AppSettings["EmailSubject"], "Password Reset"); //Set the to address msg.To.Add(inUserDto.EmailAddress); string msgBody = ConfigurationManager.AppSettings["ResetPassEmail"]; msg.IsBodyHtml = true; //set the message body msg.Body = string.Format(msgBody, inUserDto.EmailAddress, newPassword); //Init a new smtpclient SmtpClient client = new SmtpClient(); //Use the client to send the message client.Send(msg); //commit tran SetComplete(); status.IsSuccessful = true; status.Messages.Add( new ActionMessage( string.Format("Password was successfully reset and emailed to {0}", inUserDto.EmailAddress))); } catch (MNException mnEx) { //TODO: Log error //abort tran SetAbort(); throw mnEx; } catch (Exception ex) { //TODO: Log error //abort tran SetAbort(); throw ex; } if (!status.IsSuccessful) { status.Messages.Add(new ActionMessage("Failed to reset password.")); } return(status); }