private string NewMemberMustAwaitActivation(Umbraco.Core.Models.IMember member)
{
var(token, expires) = _verificationToken.TokenFor(member.Id);
member.SetValue("approvalToken", token);
member.SetValue("approvalTokenExpires", expires);
member.SetValue("totalLogins", 0);
member.IsApproved = false;
Services.MemberService.Save(member);
return(token);
}
private string SaveConfirmationTokenForMember(string email, int memberId)
{
var(token, expires) = _verificationToken.TokenFor(memberId);
var editableMember = Services.MemberService.GetById(memberId);
#pragma warning disable CA1308 // Normalize strings to uppercase
editableMember.SetValue("requestedEmail", email?.Trim().ToLowerInvariant());
#pragma warning restore CA1308 // Normalize strings to uppercase
editableMember.SetValue("requestedEmailToken", token);
editableMember.SetValue("requestedEmailTokenExpires", expires);
Services.MemberService.Save(editableMember);
return(token);
}
private void SendEmailIfNotActivatedOrLockedOut(IMember member)
{
string tokenField = string.Empty, tokenExpiryField = string.Empty, emailSubjectField = string.Empty, emailBodyField = string.Empty;
var loginPage = Umbraco.ContentSingleAtXPath("//loginMember");
if (loginPage == null)
{
// We can't send emails if we don't have the content, so just return.
return;
}
if (!member.IsApproved)
{
// The member has not yet activated their account and is trying to login.
tokenField = "approvalToken";
tokenExpiryField = "approvalTokenExpires";
emailSubjectField = "approveMemberSubject";
emailBodyField = "approveMemberBody";
}
else if (member.IsLockedOut)
{
// Approved member, OK to reset their password.
tokenField = "passwordResetToken";
tokenExpiryField = "passwordResetTokenExpires";
emailSubjectField = "resetPasswordSubject";
emailBodyField = "resetPasswordBody";
}
// Create a password reset / approval token including the id so we can find the member
var(token, expires) = _verificationToken.TokenFor(member.Id);
member.SetValue(tokenField, token);
member.SetValue(tokenExpiryField, expires);
Services.MemberService.Save(member);
// Send the password reset / member approval email
var(sender, body) = _emailFormatter.FormatEmailContent(loginPage.Value <string>(emailSubjectField),
loginPage.Value <string>(emailBodyField),
new Dictionary <string, string>
{
{ "name", member.Name },
{ "email", member.Email },
{ "token", token },
{ "domain", GetRequestUrlAuthority() }
});
_emailSender.SendEmail(member.Email, sender, body);
}
public ActionResult RequestPasswordReset([Bind(Prefix = "resetPasswordRequest")] ResetPasswordRequestFormData model)
{
var contentModel = new ResetPassword(CurrentPage);
contentModel.Metadata = new ViewMetadata
{
PageTitle = contentModel.Name,
Description = contentModel.Description
};
contentModel.Email = model?.Email;
if (!ModelState.IsValid || model == null)
{
ModelState.AddModelError("Email", "Please enter a valid email address.");
return(View("ResetPasswordRequest", contentModel));
}
// Get the matching member, if there is one
var memberService = Services.MemberService;
var member = memberService.GetByEmail(model.Email);
if (member != null)
{
string tokenField, tokenExpiryField, emailSubjectField, emailBodyField;
if (member.IsApproved)
{
// Approved member, OK to reset their password.
tokenField = "passwordResetToken";
tokenExpiryField = "passwordResetTokenExpires";
emailSubjectField = "resetPasswordSubject";
emailBodyField = "resetPasswordBody";
}
else
{
// The member has not yet activated their account and is trying to reset the password.
tokenField = "approvalToken";
tokenExpiryField = "approvalTokenExpires";
emailSubjectField = "approveMemberSubject";
emailBodyField = "approveMemberBody";
}
// Create a password reset / approval token including the id so we can find the member
var(token, expires) = _verificationToken.TokenFor(member.Id);
member.SetValue(tokenField, token);
member.SetValue(tokenExpiryField, expires);
memberService.Save(member);
// Send the password reset / member approval email
var(subject, body) = _emailFormatter.FormatEmailContent(CurrentPage.Value <string>(emailSubjectField),
CurrentPage.Value <string>(emailBodyField),
new Dictionary <string, string>
{
{ "name", member.Name },
{ "email", model.Email },
{ "token", token },
{ "domain", GetRequestUrlAuthority() }
});
_emailSender.SendEmail(model.Email, subject, body);
Logger.Info(typeof(ResetPasswordRequestSurfaceController), LoggingTemplates.MemberPasswordResetRequested, member.Username, member.Key, typeof(ResetPasswordRequestSurfaceController), nameof(RequestPasswordReset));
contentModel.ShowPasswordResetRequested = true;
return(View("ResetPasswordRequest", contentModel));
}
else
{
// Same result as if a member was found, since password reset should not reveal a valid email address
// However we can prompt them to create an account. Since it sends an email either way this also guards
// against detecting the result by timing the response.
var(sender, body) = _emailFormatter.FormatEmailContent(CurrentPage.Value <string>("createMemberSubject"),
CurrentPage.Value <string>("createMemberBody"),
new Dictionary <string, string>
{
{ "email", model.Email },
{ "domain", GetRequestUrlAuthority() }
});
_emailSender.SendEmail(model.Email, sender, body);
contentModel.ShowPasswordResetRequested = true;
return(View("ResetPasswordRequest", contentModel));
}
}
