public ActionResult ChangePassword(string oldPassword, string newPassword, string confirmNewPassword)
        {
            if (AuthTokens == null)
            {
                return(RedirectToAction("LogIn"));
            }
            if (AuthTokens[0] == "demo")
            {
                ViewBag.Response = "You cannot change password in demo";
                return(View());
            }
            string            email   = AuthTokens[1];
            UserAccountClient uac     = new UserAccountClient();
            UserAccount       account = uac.GetByPartitionAndRowKey(UserAccountClient.GetPartitionKeyForEmail(email), email);

            if (account == null)
            {
                return(RedirectToAction("LogIn"));
            }
            else if (account.Password == oldPassword && Password.checkPassword(newPassword) && newPassword == confirmNewPassword)
            {
                account.Password = newPassword;
                uac.Update(account);
                SendPasswordChangeEmail(email);
                ViewBag.PasswordUpdated = true;
            }
            else if (account.Password != oldPassword)
            {
                ViewBag.InvalidPassword = true;
            }
            return(View());
        }
        public ActionResult ConfirmEmail(string id)
        {
            if (id != null)
            {
                SimpleAES         aes     = new SimpleAES();
                string            email   = aes.DecryptString(id);
                UserAccountClient uac     = new UserAccountClient();
                UserAccount       account = uac.GetByPartitionAndRowKey(UserAccountClient.GetPartitionKeyForEmail(email), email);
                if (account != null)
                {
                    account.EmailConfirmed = true;
                    uac.Update(account);
                    if (account.ProfileType == "student")
                    {
                        StudentAccountClient sac     = new StudentAccountClient();
                        StudentAccount       student = sac.GetByPartitionAndRowKey(StudentAccountClient.GetPartitionKeyForEmail(account.Email), account.Email);

                        //StudentProfileClient spc = new StudentProfileClient();
                        //StudentProfile student = spc.GetByPartitionAndRowKey(UserAccountClient.GetPartitionKeyForEmail(account.Email), account.Email);
                        string sessionkey = ClientSession.GetClientSessionKey("user", account.Email, account.FirstName + " " + account.LastName, "student");
                        Response.Cookies["sessionkey"].Value        = sessionkey;
                        Response.Cookies["sessionkey"].Expires      = DateTime.UtcNow.AddDays(7);
                        Response.Cookies["sessionusername"].Value   = account.Email;
                        Response.Cookies["sessionusername"].Expires = DateTime.UtcNow.AddDays(7);
                        Response.Cookies["firstname"].Value         = account.FirstName;
                        Response.Cookies["firstname"].Expires       = DateTime.UtcNow.AddDays(7);
                        Response.Cookies["lastname"].Value          = account.LastName;
                        Response.Cookies["lastname"].Expires        = DateTime.UtcNow.AddDays(7);
                        Response.Cookies["email"].Value             = account.Email;
                        Response.Cookies["email"].Expires           = DateTime.UtcNow.AddDays(7);
                        Response.Cookies["gender"].Value            = student.Gender;
                        Response.Cookies["gender"].Expires          = DateTime.UtcNow.AddDays(7);
                        Response.Cookies["cbnvm"].Value             = "1";
                        Response.Cookies["cbnvm"].Expires           = DateTime.UtcNow.AddDays(7);
                        SendCongratulationsEmailToStudent(account.Email, account.FirstName);
                        return(RedirectToAction("Index", "StudentPortal"));
                    }
                    else if (account.ProfileType == "administrator")
                    {
                        string sessionkey = ClientSession.GetClientSessionKey("user", account.Email, account.FirstName + " " + account.LastName, "administrator");
                        Response.Cookies["sessionkey"].Value        = sessionkey;
                        Response.Cookies["sessionkey"].Expires      = DateTime.UtcNow.AddDays(7);
                        Response.Cookies["sessionusername"].Value   = account.Email;
                        Response.Cookies["sessionusername"].Expires = DateTime.UtcNow.AddDays(7);
                        Response.Cookies["cbnvm"].Value             = "1";
                        Response.Cookies["cbnvm"].Expires           = DateTime.UtcNow.AddDays(7);
                        SendCongratulationsEmailToAdmin(account.Email, account.FirstName + " " + account.LastName);
                        return(RedirectToAction("AddSchool", "AdminPortal"));
                    }
                    return(View());
                }
                else
                {
                    ViewBag.ErrorMessage = "No account found";
                }
            }
            return(RedirectToAction("LogIn"));
        }
        public ActionResult ChangeRole(string counselor)
        {
            if (AuthTokens[0] == "demo")
            {
                return(RedirectToAction("Index", "AdminPortal"));;
            }
            string currentAdminEmail = AuthTokens[1];

            AdminAccountClient     aac = new AdminAccountClient();
            CounselorAccountClient cac = new CounselorAccountClient();
            UserAccountClient      uac = new UserAccountClient();
            SchoolAccountClient    sac = new SchoolAccountClient();

            AdminAccount     admin            = aac.GetByPartitionAndRowKey("admin", currentAdminEmail);
            CounselorAccount counselorAccount = cac.GetByPartitionAndRowKey("counselor", counselor);
            UserAccount      currentAdmin     = uac.GetByPartitionAndRowKey(UserAccountClient.GetPartitionKeyForEmail(currentAdminEmail), currentAdminEmail);
            UserAccount      newAdmin         = uac.GetByPartitionAndRowKey(UserAccountClient.GetPartitionKeyForEmail(counselor), counselor);
            SchoolAccount    school           = sac.GetByPartitionAndRowKey("school", admin.School);

            if (admin != null && counselorAccount != null && currentAdmin != null && newAdmin != null && school != null)
            {
                aac.AddNewItem(new AdminAccount {
                    RowKey = counselor, PhoneNumber = counselorAccount.PhoneNumber, PhoneExtension = counselorAccount.PhoneExtension, School = school.RowKey, SchoolSelected = true, ConnectionToSchoolConfirmed = true
                });
                cac.AddNewItem(new CounselorAccount {
                    RowKey = currentAdminEmail, PhoneNumber = admin.PhoneNumber, PhoneExtension = admin.PhoneExtension, School = school.RowKey
                });
                currentAdmin.ProfileType = "counselor";
                uac.Update(currentAdmin);
                newAdmin.ProfileType = "administrator";
                uac.Update(newAdmin);
                school.Admin = counselor;
                sac.Update(school);
                aac.Delete(admin);
                cac.Delete(counselorAccount);
            }
            return(RedirectToAction("LogOut", "Account"));
        }
        public ActionResult ResetPassword(string email)
        {
            if (email.ToLower() == "*****@*****.**")
            {
                return(View());
            }
            UserAccountClient uac     = new UserAccountClient();
            UserAccount       account = uac.GetByPartitionAndRowKey(UserAccountClient.GetPartitionKeyForEmail(email), email);

            if (account != null)
            {
                string password = Password.TempPassword();
                account.Password = password;
                uac.Update(account);
                SendResetPasswordEmail(email, password, account.FirstName);
                TempData["Reset"] = true;
                return(RedirectToAction("LogIn"));
            }
            ViewBag.Response = "Account not found";
            return(View());
        }