public void SaveAccountConfirmation(AccountConfirmationInfo accountConfirmationInfo) { Data.AccountConfirmation accountConfirmation = ConvertToDb(accountConfirmationInfo); _context.AccountConfirmations.Add(accountConfirmation); _context.SaveChanges(); }
public Data.AccountConfirmation ConvertToDb(AccountConfirmationInfo accountConfirmationInfo) { return(new Data.AccountConfirmation { Id = accountConfirmationInfo.Id, Token = accountConfirmationInfo.Token, AccountId = accountConfirmationInfo.AccountId }); }
public ActionResult ResetPassword(ResetNewPasswordViewModel passwordInfo) { try { if (TempData["AccountId"] == null) { return(RedirectToAction("Login", "Auth")); } if (!ModelState.IsValid) { return(View()); } int _accountId = (int)TempData["AccountId"]; var _accountInfo = new AccountInfo(); _accountInfo.Id = _accountId; _accountInfo.Salt = RandomPassword.Generate(18, 20); _accountInfo.PasswordHash = RijndaelCrypt.EncryptPassword(passwordInfo.NewPassword, _accountInfo.Salt); _accountInfo.IsFirstTimeLogin = false; using (AccountRepository Repo = new AccountRepository()) { Repo.ChangeNewPassword(_accountInfo); } using (AccountConfirmationRepository Repo = new AccountConfirmationRepository()) { AccountConfirmationInfo _accountConfirmation = null; _accountConfirmation = Repo.GetAccountConfirmationByAccountId(_accountId); if (_accountConfirmation != null) { Repo.DeleteAccountConfirmation(_accountConfirmation.Id); } } TempData["Msg"] = "<span style='color:green; text-align:center;'>Password has been reset successfully.</span>"; return(RedirectToAction("Login", "Auth")); } catch (Exception ex) { TempData["Msg"] = "<span style='color:red; text-align:center;'>" + ex.Message.ToString() + ".</span>"; return(View()); } }
// GET: Auth/Verify public ActionResult Verify(string t) { try { AccountConfirmationInfo _accountConfirmation = null; string _token = RijndaelCrypt.DecryptString(t); using (AccountConfirmationRepository Repo = new AccountConfirmationRepository()) { _accountConfirmation = Repo.GetAccountConfirmationByToken(_token); } if (_accountConfirmation == null) { TempData["Msg"] = "Link has been already used or invalid."; return(View()); // invalid token } byte[] data = Convert.FromBase64String(_token); DateTime when = DateTime.FromBinary(BitConverter.ToInt64(data, 0)); if (when < DateTime.UtcNow.AddHours(-24)) { TempData["Msg"] = "Link has been expired."; return(View()); // expired token } else { TempData["AccountId"] = _accountConfirmation.AccountId; TempData["IsVerified"] = true; return(RedirectToAction("ResetPassword")); // valid token } } catch (Exception ex) { TempData["Msg"] = "<span style='color:red; text-align:center;'>" + ex.Message.ToString() + ".</span>"; return(View()); } }
public ActionResult ForgotPassword(ForgotPasswordViewModel forgotInfo) { try { if (!ModelState.IsValid) { return(View()); } AccountInfo _account = null; string _token; using (AccountRepository Repo = new AccountRepository()) { _account = Repo.GetEmployeeAccountByCompanyEmail(forgotInfo.CompanyEmail); } if (_account == null) { TempData["Msg"] = "<span style='color:red; text-align:center;'>Account does not associate with this email.</span>"; return(RedirectToAction("ForgotPassword", "Auth")); } if (_account.IsFirstTimeLogin == true) { TempData["Msg"] = "<span style='color:red; text-align:center;'>You cannot reset password right now, please check your account creation email.</span>"; return(RedirectToAction("ForgotPassword", "Auth")); } byte[] time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary()); byte[] key = Guid.NewGuid().ToByteArray(); _token = Convert.ToBase64String(time.Concat(key).ToArray()); using (AccountConfirmationRepository Repo = new AccountConfirmationRepository()) { AccountConfirmationInfo _accountConfirmation = null; _accountConfirmation = Repo.GetAccountConfirmationByAccountId(_account.Id); if (_accountConfirmation != null) { Repo.DeleteAccountConfirmation(_accountConfirmation.Id); } _accountConfirmation = new AccountConfirmationInfo(); _accountConfirmation.Token = _token; _accountConfirmation.AccountId = _account.Id; Repo.SaveAccountConfirmation(_accountConfirmation); } List <string> To = new List <string>() { _account.CompanyEmail }; string Subject = "Password Reset Link"; var resetPasswordUrl = Url.Action("Verify", "Auth", new { t = RijndaelCrypt.EncryptString(_token) }, protocol: Request.Url.Scheme); var forgotPasswordUrl = Url.Action("ForgotPassword", "Auth", null, protocol: Request.Url.Scheme); string Body = "Dear " + _account.EmployeeFullName + ", <br/><br/>" + "We heard that you lost your LPS online account password. Sorry about that! <br/><br/>" + "But don’t worry! You can use the following link within the next day to reset your password: <br/><br/>" + "<a href='" + resetPasswordUrl + "' target='_blank'>" + resetPasswordUrl + "</a> <br/><br/>" + "If you don’t use this link within 24 hours, it will expire. To get a new password reset link, visit<br/>" + "<a href='" + forgotPasswordUrl + "' target='_blank'>" + forgotPasswordUrl + " </a> <br/><br/>" + "Thanks,<br/>" + "Logic Powered Solutions"; bool result = EmailSender.Send(Subject, Body, To); if (result) { TempData["Msg"] = "<span style='color:green; text-align:center;'>Request launched, for further processing please check your email.</span>"; } else { TempData["Msg"] = "<span style='color:red; text-align:center;'>Something went wrong! email not sent, please try again later.</span>"; } return(RedirectToAction("ForgotPassword", "Auth")); } catch (Exception ex) { TempData["Msg"] = "<span style='color:red; text-align:center;'>" + ex.Message.ToString() + ".</span>"; return(View()); } }