public async Task <IActionResult> ChangeUserPassword(ChangeUserPasswordViewModel model)
        {
            if (!_uiOptions.AllowAdminsToChangeUserPasswords)
            {
                return(RedirectToAction("Index"));
            }

            if (model.UserId == Guid.Empty)
            {
                return(RedirectToAction("Index"));
            }


            var selectedSite = await _siteManager.GetSiteForDataOperations(model.SiteId);

            // only server admin site can edit other sites users
            if (selectedSite.Id != _siteManager.CurrentSite.Id)
            {
                ViewData["Title"] = string.Format(CultureInfo.CurrentUICulture, _sr["{0} - Change User Password"], selectedSite.SiteName);
            }
            else
            {
                ViewData["Title"] = _sr["Change User Password"];
            }

            var user = await _userManager.Fetch(selectedSite.Id, model.UserId);

            if (user == null)
            {
                return(RedirectToAction("Index"));
            }

            if (!ModelState.IsValid)
            {
                return(View(model));
            }
            user.MustChangePwd = model.MustChangePwd;

            var result = await _userManager.ChangeUserPassword(user as SiteUser, model.NewPassword, true);

            if (result.Succeeded)
            {
                this.AlertSuccess(_sr["The user password has been changed."]);
                return(RedirectToAction("Index"));
            }
            else
            {
                this.AlertDanger(_sr["oops something went wrong please try again"]);
            }
            AddErrors(result);

            return(View(model));
        }
Exemplo n.º 2
0
        //public bool IsValidPassowrd(string password)
        //{
        //    return passwordValidator.
        //}

        public virtual async Task <UserLoginResult> TryLogin(LoginViewModel model)
        {
            var          template    = new LoginResultTemplate();
            IUserContext userContext = null;

            if (_userManager.Site.UseEmailForLogin)
            {
                template.User = await _userManager.FindByNameAsync(model.Email);
            }
            else
            {
                template.User = await _userManager.FindByNameAsync(model.UserName);
            }

            if (template.User != null)
            {
                await _loginRulesProcessor.ProcessAccountLoginRules(template);
            }

            if (template.User != null)
            {
                userContext = new UserContext(template.User);
            }

            if (userContext != null &&
                template.SignInResult == SignInResult.Failed &&
                template.RejectReasons.Count == 0)
            {
                var persistent = false;
                if (_userManager.Site.AllowPersistentLogin)
                {
                    persistent = model.RememberMe;
                }

                if (_userManager.Site.UseEmailForLogin)
                {
                    template.SignInResult = await _signInManager.PasswordSignInAsync(
                        model.Email,
                        model.Password,
                        persistent,
                        lockoutOnFailure : false);
                }
                else
                {
                    template.SignInResult = await _signInManager.PasswordSignInAsync(
                        model.UserName,
                        model.Password,
                        persistent,
                        lockoutOnFailure : false);
                }

                if (template.SignInResult.Succeeded)
                {
                    //update last login time
                    template.User.LastLoginUtc = DateTime.UtcNow;

                    if (string.IsNullOrEmpty(template.User.SecurityStamp))
                    {
                        // if security stamp is empty then the securitystamp validation
                        // fails when it checks after 30 minutes
                        // users created via usermanager this gets populated but not
                        // populated for the admin user created by seeding data
                        // changes to the user such as password change also will populate it
                        // but we can go ahead and check here and populate it if it is empty
                        await _userManager.UpdateSecurityStampAsync(template.User);

                        if (template.User.PasswordHash == "admin||0")
                        {
                            // initial admin user has not updated the password, need to hash it
                            await _userManager.ChangeUserPassword(template.User, "admin", false);

                            await _signInManager.SignOutAsync();

                            // security stamp needs to be there before authentication to avoid the problem
                            if (_userManager.Site.UseEmailForLogin)
                            {
                                template.SignInResult = await _signInManager.PasswordSignInAsync(
                                    model.Email,
                                    model.Password,
                                    persistent,
                                    lockoutOnFailure : false);
                            }
                            else
                            {
                                template.SignInResult = await _signInManager.PasswordSignInAsync(
                                    model.UserName,
                                    model.Password,
                                    persistent,
                                    lockoutOnFailure : false);
                            }
                        }
                    }

                    //if (template.User.PasswordHash == "admin||0")
                    //{
                    //    // initial admin user has not updated the password, need to hash it
                    //    await _userManager.ChangeUserPassword(template.User, "admin", false);

                    //    if (string.IsNullOrEmpty(template.User.SecurityStamp))
                    //    {
                    //        // if security stamp is empty then the securitystamp validation
                    //        // fails when it checks after 30 minutes
                    //        // users created via usermanager this gets populated but not
                    //        // populated for the admin user created by seeding data
                    //        // changes to the user such as password change also will populate it
                    //        // but we can go ahead and check here and populate it if it is empty
                    //        await _userManager.UpdateSecurityStampAsync(template.User);
                    //        await _signInManager.SignOutAsync();
                    //        // security stamp needs to be there before authentication to avoid the problem
                    //        if (_userManager.Site.UseEmailForLogin)
                    //        {
                    //            template.SignInResult = await _signInManager.PasswordSignInAsync(
                    //                model.Email,
                    //                model.Password,
                    //                persistent,
                    //                lockoutOnFailure: false);
                    //        }
                    //        else
                    //        {
                    //            template.SignInResult = await _signInManager.PasswordSignInAsync(
                    //                model.UserName,
                    //                model.Password,
                    //                persistent,
                    //                lockoutOnFailure: false);
                    //        }
                    //    }

                    //}
                    //else
                    //{
                    //    // the above also updates
                    //    await _userManager.UpdateAsync(template.User);
                    //}
                }
            }

            return(new UserLoginResult(
                       template.SignInResult,
                       template.RejectReasons,
                       userContext,
                       template.IsNewUserRegistration,
                       template.MustAcceptTerms,
                       template.NeedsAccountApproval,
                       template.NeedsEmailConfirmation,
                       template.EmailConfirmationToken,
                       template.NeedsPhoneConfirmation
                       ));
        }