public async Task <Response> ChangePasswordByToken(string id, [FromBody] ResetPasswordDTO model)
{
var user = _giraf._context.Users.FirstOrDefault(u => u.Id == id);
if (user == null)
{
return(new ErrorResponse(ErrorCode.UserNotFound));
}
if (model == null)
{
return(new ErrorResponse(ErrorCode.MissingProperties, "Token", "Password"));
}
if (model.Token == null || model.Password == null)
{
return(new ErrorResponse(ErrorCode.MissingProperties, "Token", "Password"));
}
var result = await _giraf._userManager.ResetPasswordAsync(user, model.Token, model.Password);
if (!result.Succeeded)
{
return(new ErrorResponse(ErrorCode.InvalidProperties, "Token"));
}
await _signInManager.SignInAsync(user, isPersistent : false);
_giraf._logger.LogInformation("User changed their password successfully.");
return(new Response());
}
public async Task <IActionResult> ChangePassword(ResetPasswordDTO resetPasswordViewModel)
{
try
{
await _profileService.ResetPasswordByTokenAsync(resetPasswordViewModel);
return(Ok());
}
catch (InvalidDataException e)
{
return(BadRequest(e.Message));
}
catch (TokenExpiredException e)
{
return(BadRequest(e.Message));
}
catch (EntityNotExistException e)
{
return(BadRequest(e.Message));
}
catch (Exception e)
{
return(BadRequest(e.Message));
}
}
public async Task <IHttpActionResult> ResetPassword(ResetPasswordDTO resetPasswordDTO)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
//IdentityResult result = await this._authenticationRepository.ResetPasswordAsync(resetPasswordDTO.UserID, resetPasswordDTO.ResetPasswordToken, resetPasswordDTO.NewPassword);
IdentityResult result = await this._authenticationRepository.ResetPasswordAsync(resetPasswordDTO.UserID, resetPasswordDTO.Token, resetPasswordDTO.NewPassword);
if (result.Succeeded == false)
{
return(BadRequest());
}
return(Ok());
}
catch (Exception ex)
{
return(BadRequest());
}
}
private static IEnumerable <string> ValidatePassword(ResetPasswordDTO credentials, User user)
{
var oldPasswordHash = Cryptography.HashPassword(credentials.OldPassword);
var anyUpperCaseLetterPattern = @"[A-Z]+";
var anyDigitPattern = @"\d+";
var anySpecialCharactertPattern = @"[^a-zA-Z0-9]";
if (oldPasswordHash != user.Password)
{
yield return(PasswordValidationMsgsEnum.WRONG_OLD_PASSWORD.Text);
}
if (credentials.NewPassword != credentials.NewPasswordRepeat)
{
yield return(PasswordValidationMsgsEnum.PASSWORDS_CONFIRMATION_DIFF.Text);
}
if (credentials.NewPassword.Length < 8 || !(Regex.IsMatch(credentials.NewPassword, anyUpperCaseLetterPattern) &&
Regex.IsMatch(credentials.NewPassword, anyDigitPattern) &&
Regex.IsMatch(credentials.NewPassword, anySpecialCharactertPattern)))
{
yield return(PasswordValidationMsgsEnum.PASSWORD_INSUFFICIENT_COMPLEXITY.Text);
}
yield break;
}
public static bool ResetSenhaPadrão(ResetPasswordDTO credentials, out IEnumerable <string> validationErrors)
{
using (Data.Contexts.SMEManagementContext db = new Contexts.SMEManagementContext())
{
User user =
(from current in db.Users
where current.Name == credentials.Username
select current).FirstOrDefault();
validationErrors = default;
if (user != null)
{
validationErrors = ValidatePassword(credentials, user);
if (validationErrors.Count() < 1)
{
user.Password = Cryptography.HashPassword(credentials.NewPassword);
return(db.SaveChanges() > 0);
}
}
return(false);
}
}
public async Task <IActionResult> ResetPassword([FromBody] ResetPasswordDTO resetPasswordDTO)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await db.Users.FirstOrDefaultAsync(o => o.UserName == resetPasswordDTO.UserName);
if (user == null)
{
return(BadRequest("Invalid email"));
}
var token = await userManager.GeneratePasswordResetTokenAsync(user);
var text = user.FirstName + Environment.NewLine;
text += Environment.NewLine;
text += "A password reset has been requested. Please use the link below to reset your password." + Environment.NewLine;
text += Environment.NewLine;
text += Settings.RootUrl + "auth/reset?e=" + user.Email + "&t=" + token + Environment.NewLine;
var html = user.FirstName + Environment.NewLine;
html += Environment.NewLine;
html += "A password reset has been requested. Please use the link below to reset your password." + Environment.NewLine;
html += Environment.NewLine;
html += Settings.RootUrl + "auth/reset?e=" + user.Email + "&t=" + WebUtility.UrlEncode(token) + Environment.NewLine;
await emailSender.SendEmailAsync(user.Email, user.FullName, "Password Reset", text, html);
return(Ok());
}
public async Task <Response <string> > ResetPassword(ResetPasswordDTO model)
{
Response <string> response = new Response <string>
{
Success = false
};
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
response.Message = "No user associated with email";
return(response);
}
if (model.NewPassword != model.ConfirmPassword)
{
response.Message = "Password doesn't match its confirmation";
return(response);
}
var decodedToken = WebEncoders.Base64UrlDecode(model.Token);
string normalToken = Encoding.UTF8.GetString(decodedToken);
var result = await _userManager.ResetPasswordAsync(user, normalToken, model.NewPassword);
if (result.Succeeded)
{
response.Success = true;
response.Message = "Password has been reset successfully!";
return(response);
}
response.Message = "Something went wrong";
return(response);
}
public async Task <IActionResult> ForgotPassword(ForgotPasswordDTO forgotPassword)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _userManager.FindByEmailAsync(forgotPassword.Email);
if (user == null)
{
return(NotFound($"Usuário '{forgotPassword.Email}' não encontrado."));
}
else
{
var code = await _userManager.GeneratePasswordResetTokenAsync(user);
var resetPassword = new ResetPasswordDTO();
resetPassword.Code = code;
resetPassword.Email = user.Email;
resetPassword.UserId = user.Id;
return(Ok(resetPassword));
// Comentando o trecho de codigo de envio de email
//var forgot = await ForgotMainPassword(user);
//if (forgot.Enviado)
//return Ok();
//return Unauthorized(forgot.error);
}
}
public async Task <IActionResult> ResetPasswordToken(ResetPasswordDTO model)
{
try
{
await _userService.ResetPasswordTokenAsync(model);
return(Ok());
}
catch (DbUpdateConcurrencyException)
{
return(BadRequest(new
{
Message =
"The record you attempted to edit was modified by another user after you got the original value"
}));
}
catch (SqlNullValueException e)
{
return(NotFound(new { e.Message }));
}
catch (SecurityTokenInvalidLifetimeException e)
{
return(BadRequest(new { e.Message }));
}
catch (FormatException)
{
return(BadRequest(new { Message = "Token is not valid" }));
}
catch (Exception e)
{
return(BadRequest(new { e.Message }));
}
}
public async Task <ActionResult> ChangePassword([FromBody] ResetPasswordDTO model)
{
var user = await _userManager.FindByEmailAsync(model.Email);
user.ShouldGetPassword = false;
IdentityResult result = await _userManager.ChangePasswordAsync(user, model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
var res = await _signInManager.PasswordSignInAsync(model.Email, model.NewPassword, false, false);
if (res.Succeeded)
{
var appUser = _userManager.Users.Include(u => u.UserRoles).FirstOrDefault(r => r.Email == model.Email);
crtUser = appUser;
using (DatabaseContext dbc = new DatabaseContext())
{
return(Ok(await GenerateJwtToken(model.Email, appUser)));
}
}
return(Unauthorized());
}
else
{
return(BadRequest(result.Errors));
}
}
public async Task <IActionResult> ActivePassword([FromBody] ResetPasswordDTO resetPasswordDTO)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest(new
{
error = "Không được để trống"
}));
}
if (!resetPasswordDTO.ConfirmPassword.Equals(resetPasswordDTO.NewPassword))
{
return(BadRequest(new
{
error = "Mật khẩu mới và xác nhận mật khẩu không chính xác"
}));
}
var accountFromDb = await _repo.GetAccount(resetPasswordDTO.Email);
if (accountFromDb == null)
{
return(BadRequest(new
{
error = "Tài khoản không tồn tại"
}));
}
var accountOTP = await _cRUDRepo.GetOneWithConditionTracking <AccountOTP>(ao => ao.AccountId == accountFromDb.Id && ao.ValidUntil > DateTime.Now);
if (accountOTP == null)
{
return(BadRequest(new
{
Error = "OTP đã hết hạn"
}));
}
if (resetPasswordDTO.OTP != accountOTP.OTP)
{
return(BadRequest(new
{
Error = "OTP không đúng"
}));
}
var result = await _repo.ResetPassword(accountFromDb, accountOTP.Token, resetPasswordDTO.NewPassword);
if (result)
{
_cRUDRepo.Delete(accountOTP);
if (await _repo.SaveAll())
{
return(Ok());
}
}
return(BadRequest());
}
catch (System.Exception e)
{
throw e;
}
}
public async Task <IActionResult> Resetpassword([FromBody] ResetPasswordDTO model)
{
try
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(StatusCode(404, "User not found"));
}
var result = await _userManager.ResetPasswordAsync(user, model.Token, model.Email);
if (!result.Succeeded)
{
foreach (var item in result.Errors)
{
ModelState.AddModelError("", item.Description);
}
return(StatusCode(400, ModelState));
}
return(StatusCode(204, "Password Changed"));
}
catch (Exception e)
{
return(StatusCode(500, e.Message));
}
}
public override SubmitResult RequestPasswordReset(ResetPasswordDTO dto)
{
if (SecurityUnit.UserRepository.EmailExists(dto.Email))
{
User u = AuthUnit.AuthUserRepository.FindSingle(d => d.Email == dto.Email);
var mails = SecurityUnit.ServiceProvider.GetService <IAuthenticationMailService>();
dto.NewPassword = Utils.RandomAlphaNumeric(8, CharType.Small);
dto.ServerUrl = Shell.GetConfigAs <string>("ServerUrl", false);
dto.LogonName = u.LogonName;
dto.UserFullName = u.Name;
var res = mails.SendResetEmail(dto);
if (res.IsSuccess)
{
u.Password = dto.NewPassword.ToMD5();
AuthUnit.AuthUserRepository.Update(u);
var sRes = AuthUnit.SaveChanges();
sRes.Data["EmailRes"] = res;
return(sRes);
}
else
{
var sRes = res.MapToResult <SubmitResult>();
sRes.Message = SecurityUnit.TranslateIfMobile("mail_sending_failed");
return(sRes);
}
}
else
{
return(new SubmitResult(1, SecurityUnit.TranslateIfMobile("no_such_email")));
}
}
public async Task ResetPasswordByTokenAsync(ResetPasswordDTO model)
{
var decryptedToken =
Encrypting.Decrypt(HttpUtility.UrlDecode(model.Token), _configuration["EncryptionKey"], true);
var tokenParts = decryptedToken.Split("|");
if (tokenParts.Length < 2)
{
throw new InvalidDataException("TokenViewModel is not valid");
}
var email = tokenParts[0];
var expireTime = tokenParts[1];
if (DateTime.Compare(DateTime.UtcNow, DateTime.Parse(expireTime)) == 1)
{
throw new TokenExpiredException("TokenViewModel is expired");
}
var user = await(await _userRepository.GetAllAsync(u => u.Email == email)).FirstOrDefaultAsync();
if (user == null)
{
throw new EntityNotExistException("This user is not exist");
}
user.Password = _hashMd5Service.GetMd5Hash(model.Password);
await _userRepository.UpdateAsync(user);
}
public async Task ResetPasswordTokenAsync(ResetPasswordDTO model)
{
var passwordReset =
await _passwordResetRepository.GetFirstAsync(
reset => reset.VerificationToken == model.Token && !reset.Used,
reset => reset.User);
if (passwordReset == null || passwordReset.Used)
{
throw new SecurityTokenException("Token is not valid");
}
if (passwordReset.ExpirationTime < DateTime.UtcNow)
{
throw new SecurityTokenInvalidLifetimeException("The token has expired");
}
if (passwordReset.User == null)
{
throw new SqlNullValueException("No users found with this email address");
}
await _emailService.SendEmailAsync(passwordReset.User.Email, "Password changed",
"Your password was reset. If you didn't reset your password, please, contact us.");
passwordReset.User.Password = model.Password.CreateMd5();
await _userRepository.UpdateAsync(passwordReset.User);
passwordReset.Used = true;
passwordReset.ResetDate = DateTime.UtcNow;
await _passwordResetRepository.UpdateAsync(passwordReset);
}
public async Task <IActionResult> ResetPassword(ResetPasswordDTO model)
{
var user = await userManager.FindByNameAsync(model.UserName);
if (user is null)
{
return(BadRequest());
}
if (ModelState.IsValid)
{
var result = await userManager.ResetPasswordAsync(user, model.Token, model.Password);
if (result.Succeeded)
{
return(RedirectToAction("Login", new { UCB = model.UCB }));
}
else
{
ModelState.AddModelError("", "خطایی رخ داد");
}
}
return(View(model));
}
public async Task <IActionResult> ResetPassword([FromBody] ResetPasswordDTO resetPasswordDto)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
var user = await userManager.FindByEmailAsync(resetPasswordDto.Email);
if (user == null)
{
return(BadRequest("Invalid Request"));
}
var resetPassResult = await userManager.ResetPasswordAsync(user, resetPasswordDto.Token, resetPasswordDto.Password);
if (!resetPassResult.Succeeded)
{
var errors = resetPassResult.Errors.Select(e => e.Description);
return(BadRequest(new { Errors = errors }));
}
return(Ok());
}
public async Task <IActionResult> ResetPassword(
[FromBody] ResetPasswordDTO resetPasswordModel)
{
if (string.IsNullOrWhiteSpace(resetPasswordModel.Token) ||
string.IsNullOrWhiteSpace(resetPasswordModel.Email))
{
return(BadRequest("Can not reset password, invalid token or email"));
}
var user = await accountBusiness.FindUserAsync(resetPasswordModel.Email);
if (user is null)
{
return(BadRequest("Can not reset password for invalid user."));
}
// reset password
var response =
await accountBusiness.ResetPasswordAsync(resetPasswordModel.NewPassword,
resetPasswordModel.Token,
user);
if (!response.Succeeded)
{
var errors = response.Errors.Select(x => x.Description).ToList();
return(BadRequest(errors));
}
return(Ok());
}
public HttpResponseMessage ResetPassword(ResetPasswordDTO resetPasswordDTO)
{
var userProfile = db.UserProfiles.FirstOrDefault(Usr => Usr.Email == resetPasswordDTO.Email);
if (userProfile != null && userProfile.Membership.IsConfirmed.GetValueOrDefault(false))
{
if (userProfile.Membership.PasswordVerificationToken == resetPasswordDTO.Code &&
userProfile.Membership.PasswordVerificationTokenExpirationDate >= WebUI.Common.Common.DateTimeNowLocal())
{
userProfile.Membership.PasswordVerificationToken = null;
userProfile.Membership.PasswordVerificationTokenExpirationDate = null;
userProfile.Membership.Password = Crypto.Hash(resetPasswordDTO.Password);
userProfile.Membership.PasswordFailuresSinceLastSuccess = 0;
userProfile.Membership.PasswordChangedDate = WebUI.Common.Common.DateTimeNowLocal();
db.SaveChanges();
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Token invalid or expired. You can request a new token by using the forgotten password link again."));
}
}
else
{
return(Request.CreateErrorResponse(HttpStatusCode.ExpectationFailed, "Invalid request"));
}
return(Request.CreateResponse(HttpStatusCode.OK));
}
public async Task <bool> ResetPasswordAsync(ResetPasswordDTO model)
{
var result = await TheUnitOfWork.AccountRepo.ResetPasswordAsync(model);
TheUnitOfWork.SaveChanges();
return(result);
}
public async Task NewPassword(ResetPasswordDTO resetPasswordDTO)
{
var token = resetPasswordDTO.ResetToken.Replace("\\", "").Replace("\"", "");
var userId = _context.RefreshTokens
.Where(RefreshToken => RefreshToken.Token == token)
.Select(RefreshToken => RefreshToken.UserId).First();
var userEntity = await GetUserByIdInternal(userId);
if (userEntity == null)
{
throw new NotFoundException(nameof(User));
}
var timeNow = DateTime.Now;
//byte[] salt = new byte[] { };
//foreach(char i in userEntity.Salt.ToCharArray())
//{
// salt.Append(Convert.ToByte(i));
//}
userEntity.Password = SecurityHelper.HashPassword(resetPasswordDTO.Password, Convert.FromBase64String(userEntity.Salt));
userEntity.UpdatedAt = timeNow;
_context.Users.Update(userEntity);
await _context.SaveChangesAsync();
await _authService.RevokeRefreshToken(token, userId);
}
public async Task <IActionResult> ResetPassword(ResetPasswordDTO model)
{
if (ModelState.IsValid)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user != null)
{
var result = await _userManager.ResetPasswordAsync(user, model.Token, model.Password);
if (result.Succeeded)
{
return(View("ResetPasswordConfirmation"));
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
return(View(model));
}
return(View("ResetPasswordConfirmation"));
}
return(View(model));
}
public virtual Result SendResetEmail(ResetPasswordDTO dto)
{
var body = Writer.FillStringParameters(ResetPasswordHTMLTemplate, dto);
var c = CreateClient();
var mess = CreateMessage(dto.Email, "Your Password was Reset", body, true, Config.SenderName ?? "no-reply");
return(SendEmail(c, mess));
}
public IActionResult ResetPassword(string token, string email)
{
var model = new ResetPasswordDTO {
Token = token, Email = email
};
return(View(model));
}
public async Task ResetPasswordAsync(ResetPasswordDTO resetPasswordModel)
{
var user = await _userManager.FindByEmailAsync(resetPasswordModel.Email);
var identityResult = await _userManager.ResetPasswordAsync(user, resetPasswordModel.ResetToken, resetPasswordModel.Password);
identityResult.ThrowExceptionOnFailure();
}
public async Task <ActionResult> ResetPassword([FromBody] ResetPasswordDTO dto)
{
var isAdministrator = User.IsInRole("ADMINISTRATOR");
var userLogin = User.FindFirst(ClaimTypes.NameIdentifier).Value;
await _accountService.ResetPassword(dto, isAdministrator, userLogin);
return(NoContent());
}
public ActionResult ResetPassword(string id)
{
ResetPasswordDTO model = new ResetPasswordDTO()
{
Code = id
};
return(id == null?View("Error") : View(model));
}
public void ValidateResetPassword_FailWithShortPassword()
{
ResetPasswordDTO resetPassword = new ResetPasswordDTO()
{
Username = "******",
NewPassword = "******"
};
Assert.IsNotNull(Validations.ValidateResetPassword(resetPassword));
}
public void ValidateResetPassword_seccssededWithValidData()
{
ResetPasswordDTO resetPassword = new ResetPasswordDTO()
{
Username = "******",
NewPassword = "******"
};
Assert.IsNull(Validations.ValidateResetPassword(resetPassword));
}
public void ValidateResetPassword_FailWithEmptyUserName()
{
ResetPasswordDTO resetPassword = new ResetPasswordDTO()
{
Username = "",
NewPassword = "******"
};
Assert.IsNotNull(Validations.ValidateResetPassword(resetPassword));
}
