/// <summary> /// Changes the user password. /// </summary> /// <param name="username"> /// The user username /// </param> /// <param name="tokenId"> /// The token. /// </param> /// <param name="newPassword"> /// The new password the user wants /// </param> /// <returns> /// True if the password is changed, false otherwise /// </returns> /// <remarks> /// </remarks> public override bool ChangePassword(string username, Guid tokenId, string newPassword) { using (var entities = new AppleseedMembershipEntities(ConfigurationManager.ConnectionStrings["AppleseedMembershipEntities"].ConnectionString)) { var token = entities.aspnet_ResetPasswordTokens.Include("aspnet_Membership").FirstOrDefault( t => t.TokenId == tokenId && t.aspnet_Membership.aspnet_Users.LoweredUserName == username.ToLower() && t.aspnet_Membership.aspnet_Applications.LoweredApplicationName == this.ApplicationName.ToLower()); if (token == null) { return false; } var result = this.ChangeUserPassword(this.ApplicationName, username, newPassword); entities.aspnet_ResetPasswordTokens.DeleteObject(token); entities.SaveChanges(); return result; } }
/// <summary> /// Create a reset password token for the user in order to allow him to change his password if he lost it. /// </summary> /// <param name="userId"> /// The user id /// </param> /// <returns> /// The token created. /// </returns> /// <remarks> /// </remarks> public override Guid CreateResetPasswordToken(Guid userId) { var newTokenId = Guid.NewGuid(); using (var entities = new AppleseedMembershipEntities(ConfigurationManager.ConnectionStrings["AppleseedMembershipEntities"].ConnectionString)) { var newToken = new aspnet_ResetPasswordTokens { TokenId = newTokenId, UserId = userId, CreationDate = DateTime.UtcNow }; entities.aspnet_ResetPasswordTokens.AddObject(newToken); entities.SaveChanges(); } return newTokenId; }
/// <summary> /// Checks if the users has that token associated. /// </summary> /// <param name="userId"> /// The user id /// </param> /// <param name="tokenId"> /// The token /// </param> /// <returns> /// True if the user has the token specified or false otherwise /// </returns> /// <remarks> /// </remarks> public override bool VerifyTokenForUser(Guid userId, Guid tokenId) { using (var entities = new AppleseedMembershipEntities(ConfigurationManager.ConnectionStrings["AppleseedMembershipEntities"].ConnectionString)) { var maxDays = 7; try{ maxDays = int.Parse(ConfigurationManager.AppSettings["MaxTokenDays"]); } catch(Exception){ maxDays = 7; } try { var token = entities.aspnet_ResetPasswordTokens.Include("aspnet_Membership").Single(t => t.UserId == userId && t.TokenId == tokenId && t.aspnet_Membership.aspnet_Applications.ApplicationName.ToLower() == this.ApplicationName.ToLower()); if (token.CreationDate >= DateTime.Now.AddDays(-maxDays)) { return true; } else { // The token is old entities.aspnet_ResetPasswordTokens.DeleteObject(token); entities.SaveChanges(); return false; } } catch (Exception e) { ErrorHandler.Publish(LogLevel.Error, e); return false; } } }