public ActionResult ValidateUsername(ViewModel.AccountRecoveryInfoViewModel accountInfo)
{
try
{
if (!ModelState.IsValid)
{
ModelState.AddModelError("Username", "Username is required");
_logger.Info("User submitted password reset form. But username does not exist in form value. Showing validation message.");
return(View("~/Views/AccountRecovery/ResetPassword.cshtml", accountInfo));
}
//Check user account disabled or not
GenericAjaxResponse <AHP.Core.DTO.ExternalUserInfo> userResponse = _restClient.GetUserDetails(accountInfo.Username);
if (!userResponse.Success || userResponse.Data == null)
{
ModelState.AddModelError("Username", "Account information does not exist");
return(View("~/Views/AccountRecovery/ResetPassword.cshtml", accountInfo));
}
if (!userResponse.Data.IsActive)
{
ModelState.AddModelError("Username", "Your account has been disabled. Please contact your account manager.");
return(View("~/Views/AccountRecovery/ResetPassword.cshtml", accountInfo));
}
//Get security questions for the user.
GenericAjaxResponse <List <AHP.Core.DTO.UserSecurityOption> > apiResponse = _restClient.GetSecurityQuestionsForUser(accountInfo.Username);
//only two questions need to be present and user should also be present
if (apiResponse.Success && apiResponse.Data != null && apiResponse.Data.Count == 3)
{
ViewModel.UserQuestionsViewmodel usrQuestionInfo = new ViewModel.UserQuestionsViewmodel()
{
SecurityQuestions = new List <string>()
};
//Pre fill primary and secondary questions that the user had selected
usrQuestionInfo.PrimarySelectedQuestion = apiResponse.Data[0].Question;
usrQuestionInfo.SecondarySelectedQuestion = apiResponse.Data[1].Question;
usrQuestionInfo.ThirdSelectedQuestion = apiResponse.Data[2].Question;
ViewBag.Username = accountInfo.Username;
_logger.Info("User details exists. Redirecting to answer security question page.");
return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", usrQuestionInfo));
}
else
{
ModelState.AddModelError(string.Empty, "Account information does not exist or you haven't setup your security questions in the system yet.");
return(View("~/Views/AccountRecovery/ResetPassword.cshtml", accountInfo));
}
}
catch (Exception ex)
{
ModelState.AddModelError(string.Empty, "We are sorry. Could not process your request at this time.");
_logger.Error("Error occurred validating username", ex);
return(View("~/Views/AccountRecovery/ResetPassword.cshtml", accountInfo));
}
}
public ActionResult AnswerSecurityQuestions(ViewModel.UserQuestionsViewmodel securityQuestions, string username)
{
try
{
if (string.IsNullOrEmpty(username))
{
return(RedirectToAction("ResetPassword", "AccountRecovery", routeValues: new { id = "user-does-not-exist" }));
}
ViewBag.Username = username;
if (!ModelState.IsValid)
{
if (securityQuestions == null)
{
return(RedirectToAction("ResetPassword", "AccountRecovery", routeValues: new { id = "invalid-user-input" }));
}
else
{
securityQuestions.SecurityQuestions = new List <string>();
//Get security questions for the user.
GenericAjaxResponse <List <AHP.Core.DTO.UserSecurityOption> > apiResponse = _restClient.GetSecurityQuestionsForUser(username);
//only two questions need to be present and user should also be present
if (apiResponse.Success && apiResponse.Data != null && apiResponse.Data.Count == 3)
{
securityQuestions.SecurityQuestions.AddRange(apiResponse.Data.Select(ques => ques.Question));
}
else
{
ModelState.AddModelError(string.Empty, apiResponse.Errors[0]);
}
return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions));
}
}
List <AHP.Core.DTO.UserSecurityOption> usrSecurityQuestions = new List <Core.DTO.UserSecurityOption>();
usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption()
{
Answer = securityQuestions.PrimaryProvidedAnswer,
Question = securityQuestions.PrimarySelectedQuestion
});
usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption()
{
Answer = securityQuestions.SecondaryProvidedAnswer,
Question = securityQuestions.SecondarySelectedQuestion
});
usrSecurityQuestions.Add(new Core.DTO.UserSecurityOption()
{
Answer = securityQuestions.ThirdProvidedAnswer,
Question = securityQuestions.ThirdSelectedQuestion
});
GenericAjaxResponse <bool> resetPwdResponse = _restClient.ResetPassword(username, usrSecurityQuestions);
if (resetPwdResponse.Success && resetPwdResponse.Data)
{
return(View("~/Views/AccountRecovery/PasswordResetSuccess.cshtml"));
}
string errMessage = resetPwdResponse.Errors[0];
if (!string.IsNullOrEmpty(errMessage))
{
errMessage = errMessage.Replace("<<click here>>", "<a href='" + Url.Action("ResetPassword", "AccountRecovery") + "' title='reset password'>click here</a>") + " to try resetting your password again. <br/> <strong>Note:</strong> If you do not remember the answers to your security questions please contact ActiveHealth Management support at (800) 491 - 3464.";
}
ModelState.AddModelError(string.Empty, errMessage);
securityQuestions.SecurityQuestions = new List <string>();
return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions));
}
catch (Exception ex)
{
_logger.Error("An error occurred validating answers to security questions.", ex);
ModelState.AddModelError(string.Empty, "An error occurred validating security answers");
}
return(View("~/Views/AccountRecovery/AnswerSecurityQuestions.cshtml", securityQuestions));
}
