Exemplo n.º 1
0
        public ActionResult ForgotPassword(ForgotPasswordViewModel model)
        {
            // Get the userName by the email address
            string userName = Membership.GetUserNameByEmail(model.Email);
            if (String.IsNullOrEmpty(userName))
            {
                ModelState.AddModelError("", ErrorCodeToString(AccountCreateStatus.InvalidUserName));
                return View(model);
            }

            // Get the user by the userName
            MembershipUser user = Membership.GetUser(userName);
            if (user == null)
            {
                ModelState.AddModelError("", ErrorCodeToString(AccountCreateStatus.InvalidUserName));
                return View(model);
            }
            else if (!user.IsApproved)
            {
                ModelState.AddModelError("", ErrorCodeToString(AccountCreateStatus.UserNotYetApproved));
                return View(model);
            }
            else if (user.IsLockedOut)
            {
                ModelState.AddModelError("", ErrorCodeToString(AccountCreateStatus.UserAccountLocked));
                return View(model);
            }
            else
            {
                if (ModelState.IsValid)
                {
                    RegisterPasswordSuccessModel rpsModel = new RegisterPasswordSuccessModel();
                    rpsModel = ResetPassword(userName, model.PasswordAnswer, GetLoginUrl());

                    if (rpsModel.RegisterPasswordSuccess)
                    {
                        return RedirectToAction("ForgotPasswordSuccess", new { userName = userName });
                    }
                    else
                    {
                        ModelState.AddModelError("", rpsModel.ErrorMessage);
                        return View(model);
                    }
                }
            }

            return View(model);
        }
Exemplo n.º 2
0
        public ActionResult QuestionAndAnswer(QuestionAndAnswerModel model, string userName, string PasswordQuestion, string PasswordAnswer)
        {
            if (ModelState.IsValid)
            {
                RegisterPasswordSuccessModel rpsModel = new RegisterPasswordSuccessModel();
                rpsModel = ResetPassword(userName, PasswordAnswer, GetLoginUrl());

                if (rpsModel.RegisterPasswordSuccess)
                {
                    return RedirectToAction("PasswordResetFinal", new { userName = userName });
                }
                else
                {
                    ModelState.AddModelError("", rpsModel.ErrorMessage);
                    return View(model);
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }
Exemplo n.º 3
0
        /// <summary>
        /// ResetPassword
        /// </summary>
        /// <param name="userName">User Name</param>
        /// <param name="passwordAnswer">Password Answer</param>
        /// <param name="loginUrl">Login URL</param>
        /// <returns>RegisterPasswordSuccessModel Model</returns>
        public RegisterPasswordSuccessModel ResetPassword(string userName, string passwordAnswer, string loginUrl)
        {
            bool resetPasswordSucceeded = false;
            bool changePasswordSucceeded = false;
            bool emailPasswordSucceeded = false;
            string errorMsg = ErrorCodeToString(AccountCreateStatus.Default);
            string resetPasswordNew;

            //-- Set initial model values
            RegisterPasswordSuccessModel rpsModel = new RegisterPasswordSuccessModel();
            rpsModel.ErrorMessage = errorMsg;
            rpsModel.RegisterPasswordSuccess = false;

            if (ModelState.IsValid)
            {
                try
                {
                    if (!Membership.EnablePasswordReset)
                    {
                       rpsModel.ErrorMessage = ErrorCodeToString(AccountCreateStatus.PasswordResetDisabled);
                       return rpsModel;
                    }

                    MembershipUser currentUser = Membership.GetUser(userName);

                    if (currentUser == null)
                    {
                        rpsModel.ErrorMessage = ErrorCodeToString(AccountCreateStatus.InvalidUserName);
                        return rpsModel;
                    }
                    else
                    {
                        //-- Attempt to reset password
                        if (String.IsNullOrEmpty(passwordAnswer))
                        {
                            resetPasswordNew = currentUser.ResetPassword();
                        }
                        else
                        {
                            resetPasswordNew = currentUser.ResetPassword(passwordAnswer);
                        }
                        //-- Check to see if a new password was created.
                        if (String.IsNullOrEmpty(resetPasswordNew))
                        {
                            //-- error creating password
                            resetPasswordSucceeded = false;
                            errorMsg = ErrorCodeToString(AccountCreateStatus.PasswordCreateFailed);
                        }
                        else
                        {
                            // At this point the account has a new randomly generated password.
                            // This is typically a very strong password but almost impossible for
                            // user to type correctly.
                            //
                            // The code below changes the new password to a human friendly password
                            // (but also much less secure one.) Use this code at your own risk.
                            string friendlyPassword = General.GenerateHumanFriendlyPassword();

                            //-- Update Password with new friendly password
                            changePasswordSucceeded = currentUser.ChangePassword(resetPasswordNew, friendlyPassword);

                            if (!changePasswordSucceeded)
                            {
                                //-- error creating password
                                resetPasswordSucceeded = false;
                                errorMsg = ErrorCodeToString(AccountCreateStatus.PasswordCreateFailed);

                            }
                            else
                            {
                                //-- E-mail the new password to the user.
                                emailPasswordSucceeded = EmailNewPassword(userName, friendlyPassword, GetLoginUrl());
                                if (!emailPasswordSucceeded)
                                {
                                    //-- error creating password
                                    resetPasswordSucceeded = false;
                                    errorMsg = ErrorCodeToString(AccountCreateStatus.PasswordEmailFailed);
                                }
                                else
                                {
                                    //-- everything has been created successfully
                                    resetPasswordSucceeded = true;
                                }
                            }
                        }
                    }
                }
                catch (MembershipPasswordException)
                {
                    resetPasswordSucceeded = false;
                    errorMsg = ErrorCodeToString(AccountCreateStatus.InvalidPasswordAnswer);
                }
                catch (Exception)
                {
                    resetPasswordSucceeded = false;
                }

                //-- Check Reset Password Success
                if (resetPasswordSucceeded)
                {
                    rpsModel.ErrorMessage = "";
                    rpsModel.RegisterPasswordSuccess = true;
                }
                else
                {
                   rpsModel.ErrorMessage = errorMsg;
                }
            }
            return rpsModel;
        }
Exemplo n.º 4
0
        public ActionResult PasswordReset(PasswordResetModel model, string userName)
        {
            if (!Membership.EnablePasswordReset)
            {
                ModelState.AddModelError("", ErrorCodeToString(AccountCreateStatus.PasswordResetDisabled));
                return View(model);
            }

            MembershipUser currentUser = Membership.GetUser(userName);

            if (currentUser == null)
            {
                ModelState.AddModelError("", ErrorCodeToString(AccountCreateStatus.InvalidUserName));
                return View(model);
            }

            if (ModelState.IsValid)
            {
                if (Membership.RequiresQuestionAndAnswer)
                {
                    return RedirectToAction("QuestionAndAnswer", new { userName = userName });
                }
                else
                {
                    RegisterPasswordSuccessModel rpsModel = new RegisterPasswordSuccessModel();
                    rpsModel = ResetPassword(userName, null, GetLoginUrl());

                    if (rpsModel.RegisterPasswordSuccess)
                    {
                        return RedirectToAction("PasswordResetFinal", new { userName = userName });
                    }
                    else
                    {
                        ModelState.AddModelError("", rpsModel.ErrorMessage);
                        return View(model);
                    }
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }