public ActionResult ForgotPassword(ForgotPasswordModel forgotPassword) { var userAccount = this.db.Accounts.Where(a => a.EmailAddress == forgotPassword.EmailAddress); if(userAccount.Count() == 0) { ModelState.AddModelError(string.Empty, "Email address not found"); } if(ModelState.IsValid) { string newPassword = GetRandomHexPassword(); this.account = userAccount.Single(); this.account.Password = account.GetPasswordHash(newPassword); this.db.Entry(this.account).State = EntityState.Modified; this.db.SaveChanges(); // Send email notification this.emailNotificationHelper.SendPasswordResetNotification(newPassword, forgotPassword, "ResetPassword"); return RedirectToAction("ResetPasswordSuccess"); } else { return View(); } }
public ActionResult _ChangePassword(ChangePasswordModel passwordModel) { Account account = new Account(); var loggedInUserId = this.account.GetLoggedInUserId(); account = this.db.Accounts.Find(loggedInUserId); if(this.account.ValidateUser(account.EmailAddress, passwordModel.OldPassword) == false) { ModelState.AddModelError(string.Empty, "Please enter the correct current password."); } if(ModelState.IsValid) { if(passwordModel.NewPassword == passwordModel.ConfirmPassword) { this.account = this.db.Accounts.Find(account.GetLoggedInUserId()); this.account.Password = account.GetPasswordHash(passwordModel.NewPassword); this.db.Entry(this.account).State = EntityState.Modified; this.db.SaveChanges(); } return RedirectToAction("ChangePasswordSuccess"); } else { var viewModel = new ChangePasswordModel { OldPassword = string.Empty, NewPassword = string.Empty, ConfirmPassword = string.Empty }; return View(viewModel); // return RedirectToAction("MyAccount"); } }