public ActionResult ForgotPassword(LostPasswordModel model)
{
//Boolean ErrorFlag = false; //unused
if (TryValidateModel(model))
{
var messageService = new AuthMessageSender();
var userService = new User.UserService();
var newPassword = userService.ResetUserPassword(model.Email);
var sentmessage = messageService.SendEmailAsync(model.Email, "Reset IRIS Password", "Hello " + model.Email + " your temporary password is " + newPassword);
if (!sentmessage)
{
//ErrorFlag = true;
ModelState.AddModelError(string.Empty, "SMTP server is down, unable to send temporary password at this time.");
return(View("ForgotPassword", model));
}
else
{
Session["ExpirationTime"] = DateTime.Now.AddHours(4);
return(View("ForgotPasswordConfirmation"));
}
//return RedirectToAction("ForgotPasswordConfirmation"); //unreachable
}
else
{
return(View("Login"));
}
}
public ActionResult ChangePassword(ChangePasswordViewModel model, string userMessage)
{
var userInfo = _coreService.LoadModel <IRISUserModel>().FirstOrDefault(u => u.UserName == model.UserName);
// PasswordScore score;
//score = CheckStrength(model.PasswordOne);
int minLen = 8;
int maxLen = 30;
int minDigit = 1;
int minSpChar = 1;
int minCapLetters = 1;
Boolean ErrorFlag = false;
//Check for password length
if (model.PasswordOne.Length < minLen)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must be at least " + minLen + " characters long.");
}
if (model.PasswordOne.Length > maxLen)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must not exceed " + maxLen + " characters long.");
}
//Check for Digits and Special Characters
int digitCount = 0;
int splCharCount = 0;
int capLetterCount = 0;
bool excludedSpcCharacter = false;
foreach (char c in model.PasswordOne)
{
if (char.IsDigit(c))
{
digitCount++;
}
if (Regex.IsMatch(c.ToString(), @"[!#$%&*+-:<>?\\^_`|~]"))
{
splCharCount++;
}
if (Regex.IsMatch(c.ToString(), @"[A-Z]"))
{
capLetterCount++;
}
if (Regex.IsMatch(c.ToString(), @"^[.;\@`']") && !excludedSpcCharacter)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "The following special characters cannot be used in a password." + "." + ";" + "`" + "'" + "@");
excludedSpcCharacter = true;
}
}
if (capLetterCount < minCapLetters)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must have at least " + minCapLetters + " capital letter.");
}
if (digitCount < minDigit)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must have at least " + minDigit + " digit(s).");
}
if (splCharCount < minSpChar)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password must have at least " + minSpChar + " special character(s).");
}
if (model.PasswordOne.Contains("abcdef") || model.PasswordTwo.Contains("123456"))
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password cannot be a squence of numbers or letters");
}
if (model.PasswordOne == model.UserName || model.PasswordTwo == model.UserName)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Password cannot be the same as User Name");
}
if (model.PasswordOne != model.PasswordTwo)
{
ErrorFlag = true;
ModelState.AddModelError(string.Empty, "Passwords do not match.");
}
else if (ErrorFlag)
{
return(View(model));
}
else
{
var userService = new User.UserService();
var newPassword = userService.ResetUserPassword(model.UserName, model.PasswordOne);
if (newPassword != "")
{
return(RedirectToAction("Login", new AuthStartRequestModel()));
}
else
{
ModelState.AddModelError(string.Empty, "Error Updating Password.");
return(View(model));
}
}
return(View(model));
}