public ActionResult ForgotPassword(ForgotPasswordModel forgotPassword)
{
var userAccount = this.db.Accounts.Where(a => a.EmailAddress == forgotPassword.EmailAddress);
if(userAccount.Count() == 0)
{
ModelState.AddModelError(string.Empty, "Email address not found");
}
if(ModelState.IsValid)
{
string newPassword = GetRandomHexPassword();
this.account = userAccount.Single();
this.account.Password = account.GetPasswordHash(newPassword);
this.db.Entry(this.account).State = EntityState.Modified;
this.db.SaveChanges();
// Send email notification
this.emailNotificationHelper.SendPasswordResetNotification(newPassword, forgotPassword, "ResetPassword");
return RedirectToAction("ResetPasswordSuccess");
}
else
{
return View();
}
}
public ActionResult _ChangePassword(ChangePasswordModel passwordModel)
{
Account account = new Account();
var loggedInUserId = this.account.GetLoggedInUserId();
account = this.db.Accounts.Find(loggedInUserId);
if(this.account.ValidateUser(account.EmailAddress, passwordModel.OldPassword) == false)
{
ModelState.AddModelError(string.Empty, "Please enter the correct current password.");
}
if(ModelState.IsValid)
{
if(passwordModel.NewPassword == passwordModel.ConfirmPassword)
{
this.account = this.db.Accounts.Find(account.GetLoggedInUserId());
this.account.Password = account.GetPasswordHash(passwordModel.NewPassword);
this.db.Entry(this.account).State = EntityState.Modified;
this.db.SaveChanges();
}
return RedirectToAction("ChangePasswordSuccess");
}
else
{
var viewModel = new ChangePasswordModel
{
OldPassword = string.Empty,
NewPassword = string.Empty,
ConfirmPassword = string.Empty
};
return View(viewModel);
// return RedirectToAction("MyAccount");
}
}
