// Written By James Hibbard // Modified By Simon Davis /// <summary> /// Sets up a reset password reset request for a given user. /// Throws ArgumentException if username is invalid. /// </summary> /// <param name="Username">The User to set the request for.</param> /// <param name="Email">The User's email to provide an extra layer of security.</param> static public void resetPassword(string Username, string Email) { if (UsernameExists(Username)) { if (Email.ToLower().Equals(getEmail(Username.ToLower()))) { PasswordResetRequestTableAdapter prrAdapter = new PasswordResetRequestTableAdapter(); NuRacingDataSet.PasswordResetRequestDataTable prrTable = prrAdapter.GetData(); NuRacingDataSet.PasswordResetRequestRow prrNewRow = prrTable.NewPasswordResetRequestRow(); byte[] byteCode = getByteString(16); prrNewRow.PasswordRR_ExpiryDate = DateTime.Now.AddDays(2); prrNewRow.User_UserName = Username; prrNewRow.PasswordRR_UID = byteCode; prrTable.AddPasswordResetRequestRow(prrNewRow); prrAdapter.Update(prrTable); EmailManager.sendPasswordResetRequest(byteCode, Username, getEmail(Username)); } else { throw new ArgumentException("Email wasn't correct"); } } else { throw new ArgumentException("Username wasn't valid"); } }
static public bool generateNewPassword(string ResetRequestID) { if (ResetRequestID.Length != 32) { throw new ArgumentException("ResetRequestID should be 32 characters"); } byte[] ByteResetRequestID = new byte[16]; for (int i = 0; i < ResetRequestID.Length / 2; i++) { ByteResetRequestID[i] = (byte)((ResetRequestID[i * 2] - (ResetRequestID[i * 2] < 58 ? 48 : 55)) * 16 + (ResetRequestID[i * 2 + 1] - (ResetRequestID[i * 2 + 1] < 58 ? 48 : 55))); } PasswordResetRequestTableAdapter prrAdapter = new PasswordResetRequestTableAdapter(); NuRacingDataSet.PasswordResetRequestDataTable prrTable = prrAdapter.GetData(); foreach (NuRacingDataSet.PasswordResetRequestRow prrRow in prrTable.Rows) { if (ByteResetRequestID.SequenceEqual(prrRow.PasswordRR_UID)) { if (prrRow.PasswordRR_ExpiryDate < DateTime.Now) { throw new ArgumentException("Request Expired"); } if (generateUserPassword(prrRow.User_UserName)) { prrRow.Delete(); prrAdapter.Update(prrTable); return(true); } else { return(false); } } } throw new ArgumentException("Can't find a matching record"); }