public ActionResult LoadSecurity(string UserName) { ///<summary> /// Loads the Login Security Question and Answer /// Stores the Answer for the corresponding chosen Question /// </summary> LMSDBContext context = new LMSDBContext(); List <SelectListItem> ddSecurityQuestions = new List <SelectListItem>(); LMSLogin login = context.LMSLogins.SingleOrDefault(x => x.UserName == UserName); int questionId = 0; if (login != null) { LMSUserSecurityAnswer answer = context.LMSUserSecurityAnswers.SingleOrDefault(x => x.LMSLoginId == login.UserId); if (answer != null) { questionId = answer.LMSSecurityQuestionId; if (questionId > 0) { IEnumerable <LMSSecurityQuestion> securityQuestions = unitofwork.LMSSecurityQuestionRepository.Get(x => x.LMSSecurityQuestionId == questionId); securityQuestions.ToList().ForEach(x => ddSecurityQuestions.Add(new SelectListItem { Text = x.Question, Value = x.LMSSecurityQuestionId.ToString(), Selected = true })); } } } ViewBag.questionId = questionId; ViewBag.ddSecurityQuestions = ddSecurityQuestions; return(View()); }
public ActionResult ForgotPassword(LMSUserSecurityAnswer model) { ///<summary> /// To recover the forgotten password /// Checks the user name and the Security Answer if it matches and then stores the new password entered by the user ///</summary> bool isSuccess = false; string message = ""; LMSLogin login = null; LMSDBContext context = null; LMSUserSecurityAnswer securityanswer = null; try { context = new LMSDBContext(); login = context.LMSLogins.SingleOrDefault(x => x.UserName == model.UserName); if (login != null) { securityanswer = context.LMSUserSecurityAnswers.SingleOrDefault(x => x.LMSLoginId == login.UserId); if (securityanswer != null) { if (securityanswer.LMSSecurityQuestionId == model.LMSSecurityQuestionId && string.Equals(securityanswer.SecurityAnswer, model.SecurityAnswer, StringComparison.OrdinalIgnoreCase)) { int charaters = CommonConstants.PasswordLength; string newPassword = charaters.RandomString(); string strCurrentDate = DateTime.Now.ToString(); byte[] strSaltTemp = Encryptor.EncryptText(strCurrentDate, login.UserName); string se = Convert.ToBase64String(strSaltTemp); byte[] strPasswordHash = Encryptor.GenerateHash(newPassword, se.ToString()); login.PasswordHash = strPasswordHash; login.PasswordSalt = strSaltTemp; login.LastModifiedBy = login.UserId; login.LastModifiedOn = DateTime.Now; login.IsSecurityApplied = false; context.SaveChanges(); isSuccess = true; message = newPassword; } else { message = "Incorrect answer."; } } else { message = "Security answer does not exists."; } } else { message = "UserName does not exists."; } } catch (Exception ex) { throw ex; } return(Json(new { isSuccess = isSuccess, message = message }, JsonRequestBehavior.AllowGet)); }