Exemplo n.º 1
0
        public ActionResult ChangePassword(AccountModel model)
        {
            if (!_permissionService.Authorize(StandardPermissionProvider.ManageAccounts))
                return AccessDeniedView();

            var account = _accountService.GetAccountById(model.Id);
            if (account == null)
                //No account found with the specified id
                return RedirectToAction("List");

            if (ModelState.IsValid)
            {
                var changePassRequest = new ChangePasswordRequest(model.Email,
                    false, _accountSettings.DefaultPasswordFormat, model.Password);
                var changePassResult = _accountRegistrationService.ChangePassword(changePassRequest);
                if (changePassResult.Success)
                    SuccessNotification(_localizationService.GetResource("Admin.Accounts.Accounts.PasswordChanged"));
                else
                    foreach (var error in changePassResult.Errors)
                        ErrorNotification(error);
            }

            return RedirectToAction("Edit", account.Id);
        }
Exemplo n.º 2
0
        public virtual ActionResult Create(AccountModel model)
        {
            if (!_permissionService.Authorize(StandardPermissionProvider.ManageAccounts))
                return AccessDeniedView();

            if (!String.IsNullOrWhiteSpace(model.Email))
            {
                var acc = _accountService.GetAccountByEmail(model.Email);
                if (acc != null)
                    ModelState.AddModelError("", "Email đã được đăng ký!");
            }
            else
                ModelState.AddModelError("", "Email không được bỏ trống!");

            if (!CommonHelper.IsValidEmail(model.Email))
            {
                ModelState.AddModelError("", "Email không hợp lệ!");
            }
            if(String.IsNullOrWhiteSpace(model.Password))
                ModelState.AddModelError("", "Mật khẩu không được bỏ trống!");

            var allAccountRoles = _accountService.GetAllAccountRoles(true);
            var newAccountRoles = new List<AccountRole>();
            foreach (var accountRole in allAccountRoles)
                if (model.SelectedAccountRoleIds != null && model.SelectedAccountRoleIds.Contains(accountRole.Id))
                    newAccountRoles.Add(accountRole);
            bool allowManagingAccountRole = _permissionService.Authorize(StandardPermissionProvider.ManageAccountRoles);

            if (ModelState.IsValid)
            {
                var account = new Account()
                {
                    AccountGuid = Guid.NewGuid(),
                    Email = model.Email,
                    Username = model.Email,
                    Active = model.Active,
                    CreatedOnUtc = DateTime.UtcNow,
                    LastActivityDateUtc = DateTime.UtcNow,
                };

                _accountService.InsertAccount(account);

                if (!String.IsNullOrWhiteSpace(model.Password))
                {
                    var changePasswordRequest = new ChangePasswordRequest(model.Email, false, PasswordFormat.Hashed, model.Password);
                    var changPasswordResult = _accountRegistrationService.ChangePassword(changePasswordRequest);

                }

                if (allowManagingAccountRole)
                {
                    foreach (var accountRole in newAccountRoles)
                        account.AccountRoles.Add(accountRole);
                    _accountService.UpdateAccount(account);
                }
                return RedirectToAction("List");
            }

            model.AvailableAccountRoles = _accountService
               .GetAllAccountRoles(true)
               .Select(entity => new AccountRoleModel()
               {
                   Id = entity.Id,
                   Active = entity.Active,
                   IsSystemRole = entity.IsSystemRole,
                   Name = entity.Name,
                   SystemName = entity.SystemName
               })
               .ToList();
            return View(model);
        }
        /// <summary>
        /// Change password
        /// </summary>
        /// <param name="request">Request</param>
        /// <returns>Result</returns>
        public virtual PasswordChangeResult ChangePassword(ChangePasswordRequest request)
        {
            if (request == null)
                throw new ArgumentNullException("request");

            var result = new PasswordChangeResult();
            if (String.IsNullOrWhiteSpace(request.Email))
            {
                result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailIsNotProvided"));
                return result;
            }
            if (String.IsNullOrWhiteSpace(request.NewPassword))
            {
                result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.PasswordIsNotProvided"));
                return result;
            }

            var account = _accountService.GetAccountByEmail(request.Email);
            if (account == null)
            {
                result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.EmailNotFound"));
                return result;
            }

            var requestIsValid = false;
            if (request.ValidateRequest)
            {
                //password
                string oldPwd = "";
                switch (account.PasswordFormat)
                {
                    case PasswordFormat.Encrypted:
                        oldPwd = _encryptionService.EncryptText(request.OldPassword);
                        break;
                    case PasswordFormat.Hashed:
                        oldPwd = _encryptionService.CreatePasswordHash(request.OldPassword, account.PasswordSalt, _accountSettings.HashedPasswordFormat);
                        break;
                    default:
                        oldPwd = request.OldPassword;
                        break;
                }

                bool oldPasswordIsValid = oldPwd == account.Password;
                if (!oldPasswordIsValid)
                    result.AddError(_localizationService.GetResource("Account.ChangePassword.Errors.OldPasswordDoesntMatch"));

                if (oldPasswordIsValid)
                    requestIsValid = true;
            }
            else
                requestIsValid = true;

            //at this point request is valid
            if (requestIsValid)
            {
                switch (request.NewPasswordFormat)
                {
                    case PasswordFormat.Clear:
                        {
                            account.Password = request.NewPassword;
                        }
                        break;
                    case PasswordFormat.Encrypted:
                        {
                            account.Password = _encryptionService.EncryptText(request.NewPassword);
                        }
                        break;
                    case PasswordFormat.Hashed:
                        {
                            string saltKey = _encryptionService.CreateSaltKey(5);
                            account.PasswordSalt = saltKey;
                            account.Password = _encryptionService.CreatePasswordHash(request.NewPassword, saltKey, _accountSettings.HashedPasswordFormat);
                        }
                        break;
                    default:
                        break;
                }
                account.PasswordFormat = request.NewPasswordFormat;
                _accountService.UpdateAccount(account);
            }

            return result;
        }