public ResetResult ResetUserPassword(Guid token, string newPassword)
{
var result = new ResetResult();
_session = _session ?? new Session();
var user = GetUserByToken(token);
if (user != null) {
if (PasswordResetIsValid(newPassword)) {
if (ResetWindowIsOpen(user)) {
var hashed = BCryptHelper.HashPassword(newPassword, BCryptHelper.GenerateSalt(10));
user.HashedPassword = hashed;
user.AddLogEntry("Login", "Password was reset");
_session.SaveChanges();
result.Successful = true;
result.Message = Properties.Resources.PasswordResetSuccessful;
result.User = user;
} else {
result.Message = Properties.Resources.PasswordResetExpired;
}
} else {
result.Message = Properties.Resources.InvalidPassword;
}
} else {
result.Message = Properties.Resources.PasswordResetTokenInvalid;
}
_session.Dispose();
return result;
}
public AuthenticationResult AuthenticateUser(Credentials creds)
{
_session = new Session();
var result = new AuthenticationResult();
User user = null;
this.CurrentCredentials = creds;
if (EmailOrPasswordNotPresent()) {
result = InvalidLogin(Properties.Resources.EmailOrPasswordMissing);
} else {
//find the user
user = LocateUser();
//if they're not here, we're done
if (user == null) {
result = InvalidLogin(Properties.Resources.InvalidLogin);
//does the password match?
} else if (HashedPasswordDoesNotMatch(user)) {
result = InvalidLogin(Properties.Resources.InvalidLogin);
//success
} else {
//success!
user.AddLogEntry("Login", "User logged in");
result.Session = CreateSession(user);
SetUserLoginStats(user);
//save changes
UserAuthenticated(user);
result.Authenticated = true;
result.User = user;
result.Message = Properties.Resources.UserAuthenticated;
_session.SaveChanges();
}
}
//dispose of this
_session.Dispose();
return result;
}
public ReminderResult SendReminderTokenToUser(string email)
{
_session = new Session();
var result = new ReminderResult();
result.User = GetUserByEmail(email);
if (result.User != null) {
result.User.ReminderToken = Guid.NewGuid();
result.User.ReminderSentAt = DateTime.Now;
var mailer = GetReminderMailer();
var link = CreateReminderLink(result.User);
var message = UserMailerMessage.CreateFromTemplate(mailer,link);
if (message.Successful) {
result.User.AddLogEntry("Login", "Reminder email sent at " + DateTime.Now.ToShortDateString());
} else {
result.User.AddLogEntry("Login", "Reminder email failed to send " + DateTime.Now.ToShortDateString());
}
result.MailMessage = message.SendTo(result.User);
_session.SaveChanges();
} else {
result.Message = Properties.Resources.EmailNotFound;
}
_session.Dispose();
return result;
}
public AuthenticationResult AuthenticateUserByToken(string token, string ip = "127.0.0.1")
{
var result = new AuthenticationResult();
_session = new Session();
if (String.IsNullOrWhiteSpace(token)) {
result = InvalidLogin("No token provided");
} else {
this.CurrentCredentials = new Credentials { Token = Guid.Parse(token), IP = ip };
var user = FindUserByAuthenticationToken();
if (user == null) {
result = InvalidLogin("Invalid token");
} else {
//success
user.AddLogEntry("Login", "User logged in by token");
result.Session = CreateSession(user);
SetUserLoginStats(user);
UserAuthenticated(user);
result.Authenticated = true;
result.User = user;
result.Message = Properties.Resources.UserAuthenticated;
_session.SaveChanges();
}
}
_session.Dispose();
return result;
}