Exemplo n.º 1
0
        public async Task<IHttpActionResult> ForgotPassword(string email)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return BadRequest(ModelState);
                }

                using (AuthRepository _repo = new AuthRepository())
                {
                    ApplicationUser initialUser = await _repo.FindUserByName(email);
                    if (initialUser == null)
                    {
                        // Don't reveal that the user does not exist
                        ModelState.AddModelError(ModelStateType.ErrorList, "Sorry, there was an error.");
                        return BadRequest(ModelState);
                    }
                    var confirmed = await _repo.VerifyEmailConfirmed(initialUser.Id);
                    if (!confirmed)
                    {
                        ModelState.AddModelError(ModelStateType.ErrorList, "eMailNotConfirmed");
                        return BadRequest(ModelState);
                    }

                    await _repo.SendChangePasswordConfirmation(initialUser.Id, email);

                    return Ok();
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }
Exemplo n.º 2
0
        public async Task<IHttpActionResult> ResetPassword(string email, string password, string code)
        {
            try
            {
                using (AuthRepository _repo = new AuthRepository())
                {
                    code = code.Replace(" ", "+");

                    ApplicationUser user = await _repo.FindUserByName(email);
                    if (user == null)
                    {
                        // Don't reveal that the user does not exist
                        ModelState.AddModelError(string.Empty, "Sorry, there was an error.");
                        return BadRequest(ModelState);
                    }
                    IdentityResult result = await _repo.ResetPasswordAsync(user.Id, code, password);
                    if (!result.Succeeded)
                    {
                        foreach (string error in result.Errors)
                            ModelState.AddModelError(ModelStateType.ErrorList, error);
                        return BadRequest(ModelState);
                    }

                    return Ok();
                }
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }
Exemplo n.º 3
0
        public async Task<IHttpActionResult> Verify2FACode(string userName, string pinCode)
        {
            try
            {
                using (AuthRepository repo = new AuthRepository())
                {
                    ApplicationUser user = await repo.FindUserByName(userName);
                    bool isCodeValid = await repo.VerifyTwoFactorToken(user.Id, pinCode);

                    ClaimsIdentity userIdentity = await user.GenerateUserIdentityAsync(UserManager);

                    if (isCodeValid)
                    {
                        var rememberBrowserIdentity = repo.authManager.CreateTwoFactorRememberBrowserIdentity(user.Id);
                        repo.authManager.SignIn(new AuthenticationProperties { IsPersistent = true }, userIdentity, rememberBrowserIdentity);
                    }
                    else
                    {
                        return BadRequest("Sorry, that is not a valid code.");
                    }

                }
                return Ok();
            }
            catch (Exception ex)
            {
                Helper.ErrorLogging.LogError(ex);
                return InternalServerError(ex);
            }
        }