public ActionResult ForgottenPassword(string email)
{
if (string.IsNullOrEmpty(email))
{
TempData["message"] = _stringResourceProvider.GetValue("Login Email Not Recognized",
"Email not recognized.");
return(_uniquePageService.RedirectTo <ForgottenPasswordPage>());
}
var user = _userLookup.GetUserByEmail(email);
if (user != null)
{
_resetPasswordService.SetResetPassword(user);
TempData["message"] =
_stringResourceProvider.GetValue("Login Password Reset",
"We have sent password reset details to you. Please check your spam folder if this is not received shortly.");
}
else
{
TempData["message"] = _stringResourceProvider.GetValue("Login Email Not Recognized",
"Email not recognized.");
}
return(_uniquePageService.RedirectTo <ForgottenPasswordPage>());
}
public EmailRegistrationStatus GetRegistrationStatus(string orderEmail)
{
if (CurrentRequestData.CurrentUser != null)
{
return(EmailRegistrationStatus.LoggedIn);
}
if (_userLookup.GetUserByEmail(orderEmail) != null)
{
return(EmailRegistrationStatus.EmailInUse);
}
return(EmailRegistrationStatus.Available);
}
public void ResetPasswordService_ResetPassword_WhenValidCallsSetPasswordOnTheAuthorisationService()
{
var guid = Guid.NewGuid();
var user = new User
{
ResetPasswordExpiry = CurrentRequestData.Now.AddDays(1),
ResetPasswordGuid = guid,
Email = "*****@*****.**"
};
A.CallTo(() => _userLookup.GetUserByEmail("*****@*****.**")).Returns(user);
const string password = "******";
A.CallTo(() => _passwordManagementService.ValidatePassword(password, password)).Returns(true);
_resetPasswordService.ResetPassword(new ResetPasswordViewModel(guid, user)
{
Password = password,
ConfirmPassword = password,
Email = "*****@*****.**"
});
A.CallTo(() => _passwordManagementService.SetPassword(user, password, password)).MustHaveHappened();
}
public void ResetPassword(ResetPasswordViewModel model)
{
User user = _userLookup.GetUserByEmail(model.Email);
if (user.ResetPasswordGuid == model.Id && user.ResetPasswordExpiry > CurrentRequestData.Now &&
_passwordManagementService.ValidatePassword(model.Password, model.ConfirmPassword))
{
_passwordManagementService.SetPassword(user, model.Password, model.ConfirmPassword);
user.ResetPasswordExpiry = null;
user.ResetPasswordGuid = null;
_userManagementService.SaveUser(user);
}
else
{
throw new InvalidOperationException("Unable to reset password, resend forgotten password email");
}
}
public ActionResult RegistrationWithoutDetails(RegisterWithoutDetailsModel model)
{
if (CurrentRequestData.CurrentUser != null)
{
return(Redirect(UniquePageHelper.GetUrl <ProductSearch>()));
}
if (model != null && ModelState.IsValid)
{
var existingUser = _userLookup.GetUserByEmail(model.Email);
if (existingUser != null)
{
return(Redirect(UniquePageHelper.GetUrl <ProductSearch>()));
}
var user = new User
{
FirstName = String.Empty,
LastName = String.Empty,
Email = model.Email.Trim(),
IsActive = true
};
_passwordManagementService.SetPassword(user, model.Password, model.Password);
_userManagementService.AddUser(user);
_authorisationService.SetAuthCookie(user, false);
CurrentRequestData.CurrentUser = user;
var order = _orderService.AssignUserToOrder(model.OrderId, user);
if (order.BillingAddress != null)
{
user.FirstName = order.BillingAddress.FirstName;
user.LastName = order.BillingAddress.LastName;
_userManagementService.SaveUser(user);
}
return(Redirect(UniquePageHelper.GetUrl <UserAccountPage>()));
}
return(Redirect(UniquePageHelper.GetUrl <RegisterPage>()));
}
public LoginResult AuthenticateUser(LoginModel loginModel)
{
if (string.IsNullOrWhiteSpace(loginModel.ReturnUrl))
{
loginModel.ReturnUrl = null;
}
var user = _userLookup.GetUserByEmail(loginModel.Email);
if (user != null && _passwordManagementService.ValidateUser(user, loginModel.Password))
{
return(_getVerifiedUserResult.GetResult(user, loginModel.ReturnUrl));
}
return(new LoginResult
{
User = user,
Status = LoginStatus.Failure,
Message = "Incorrect email or password."
});
}
public async Task <LoginResult> AuthenticateUser(LoginModel loginModel)
{
if (string.IsNullOrWhiteSpace(loginModel.ReturnUrl))
{
loginModel.ReturnUrl = null;
}
string message = null;
var user = _userLookup.GetUserByEmail(loginModel.Email);
if (user == null)
{
return new LoginResult {
Success = false, Message = "Incorrect email address"
}
}
;
if (_passwordManagementService.ValidateUser(user, loginModel.Password) && user.IsActive)
{
var guid = CurrentRequestData.UserGuid;
await _authorisationService.SetAuthCookie(user, loginModel.RememberMe);
CurrentRequestData.CurrentUser = user;
EventContext.Instance.Publish <IOnUserLoggedIn, UserLoggedInEventArgs>(
new UserLoggedInEventArgs(user, guid));
return(user.IsAdmin
? new LoginResult {
Success = true, RedirectUrl = loginModel.ReturnUrl ?? "~/admin"
}
: new LoginResult {
Success = true, RedirectUrl = loginModel.ReturnUrl ?? "~/"
});
}
return(new LoginResult {
Success = false, Message = "Incorrect email or password."
});
}
}
public async Task <RedirectResult> SetOrderEmailAndLogin(EmailAndLoginModel model)
{
if (model.HavePassword)
{
var user = _userService.GetUserByEmail(model.OrderEmail.Trim());
if (user != null)
{
var authenticated = _loginService.AuthenticateUser(new LoginModel
{
Email = user.Email,
Password = model.Password
});
if (authenticated.Status != LoginStatus.Success)
{
return(Redirect(UniquePageHelper.GetUrl <SetShippingDetails>()));
}
// TODO: 2FA flow
}
TempData.ErrorMessages().Add("There was an error logging in with the provided email and password");
return(Redirect(UniquePageHelper.GetUrl <EnterOrderEmail>()));
}
_cartManager.SetOrderEmail(model.OrderEmail);
return(Redirect(UniquePageHelper.GetUrl <SetShippingDetails>()));
}
public Task <User> FindByNameAsync(string userName)
{
var user = _userLookup.GetUserByEmail(userName);
return(Task.FromResult(user));
}
public bool CheckEmailIsNotRegistered(string email)
{
return(_userLookup.GetUserByEmail(email) == null);
}
public void LoginController_ForgottenPasswordPOST_ShouldCallGetUserByEmailWithPassedEmail()
{
var forgottenPassword = _loginController.ForgottenPassword("*****@*****.**");
A.CallTo(() => _userService.GetUserByEmail("*****@*****.**")).MustHaveHappened();
}