public ActionResult ResetPassword(ResetPasswordViewModel model, string resetToken = "") { if (ModelState.IsValid) { //first make sure we ahve a valid token before proceeding Boolean badToken = false; if (string.IsNullOrEmpty(resetToken)) { badToken = true; } Guid token = Guid.Empty; if (!Guid.TryParse(resetToken, out token)) { badToken = true; } else if (token == Guid.Empty) { badToken = true; } if (badToken) { model.IsTokenExpired = true; return View(model); } //if we are here, then the token has passed the first test //check to see if the token is valid and not expired ResetPasswordToken tokenMatch = _resetTokenRepo.Tokens.Where(t => t.ResetPasswordTokenID == token).FirstOrDefault(); if (tokenMatch == null || tokenMatch.IsUsed) { model.IsTokenExpired = true; } else { //here means the token is good to go User userMatch = _userRepo.Users.Where(u => u.UserID == tokenMatch.UserID).FirstOrDefault(); if (userMatch != null) { userMatch.Password = BCrypt.Net.BCrypt.HashPassword(model.Password); _userRepo.SaveUser(userMatch); tokenMatch.IsUsed = true; _resetTokenRepo.AddToken(tokenMatch); return RedirectToAction("ResetPasswordThankYou"); } //if we end up here, that means we ran into some issues model.IsTokenExpired = true; } } return View(model); }
public ActionResult ResetPassword(string resetToken = "") { ResetPasswordViewModel model = new ResetPasswordViewModel(); //first make sure we ahve a valid token before proceeding Boolean badToken = false; if (string.IsNullOrEmpty(resetToken)) { badToken = true; } Guid token = Guid.Empty; if (!Guid.TryParse(resetToken, out token)) { badToken = true; } else if (token == Guid.Empty) { badToken = true; } if (badToken) { model.IsTokenExpired = true; return View(model); } //if we are here, then the token has passed the first test //check to see if the token is valid and not expired ResetPasswordToken tokenMatch = _resetTokenRepo.Tokens.Where(t => t.ResetPasswordTokenID == token).FirstOrDefault(); if (tokenMatch == null || tokenMatch.DateExpired < DateTime.Now || tokenMatch.IsUsed) { model.IsTokenExpired = true; } else { //here means the token is good to go model.IsTokenExpired = false; User userMatch = _userRepo.Users.Where(u => u.UserID == tokenMatch.UserID).FirstOrDefault(); if (userMatch != null) { model.Email = userMatch.Email; } } return View(model); }