/// <summary> /// Returns Both the answer and the QuestionID of the answer /// </summary> /// <param name="obj">UserName</param> /// <returns> /// Dictionary of Answers and thier corresponding QuestionIDs via LoginDTO /// </returns> public ResetPasswordResponseDTO GetSecurityQandAs(LoginDTO loginDTO) { var foundcredential = (from credential in db.Credentials where credential.UserName == loginDTO.UserName select credential).FirstOrDefault(); ResetPasswordResponseDTO response = new ResetPasswordResponseDTO(); if (foundcredential == null) { // fail response response.isSuccessful = false; } else { var answers = db.SecurityAccounts.Where(a => a.UserID == foundcredential.UserID).ToList(); var answersDictionary = new Dictionary <int, string>(); foreach (var a in answers) { answersDictionary.Add(a.SecurityQuestionID, a.Answer); } // Creates the response response.Answers = answersDictionary; response.isSuccessful = true; } return(response); }
public void InCorrectAnswers() { LoginDTO username = new LoginDTO() { UserName = "******" }; ResetPasswordResponseDTO incommingAnswers = new ResetPasswordResponseDTO() { Answers = new Dictionary <int, string>() { { 2, "asdf" }, { 6, "Lakers" }, { 9, "Huntington Beach" } } }; CheckAnswers correct = new CheckAnswers() { username = username, incommingAnswers = incommingAnswers }; var response = (ResetPasswordResponseDTO)correct.Execute().Result; Assert.False(response.isSuccessful); }
public IHttpActionResult GetQuestions([FromBody] UserCredential userCredentials) { ResetPasswordResponseDTO response = service.GetQuestions(userCredentials); response.Messages = new List <string>(); if (response.isSuccessful == false) { response.Messages.Add("User not found"); return(Content(HttpStatusCode.NotFound, response.Messages)); } response.Messages.Add("Success!"); return(Ok(response)); }
/// <summary> /// checks answers /// </summary> /// <param name="incommingAnswers">incomming answers </param> /// <param name="username">username</param> /// <returns>true if answers are correct else false</returns> public ResetPasswordResponseDTO CheckAnswers(ResetPasswordResponseDTO incommingAnswers, UserCredential username) { LoginDTO user = new LoginDTO() { UserName = username.Username }; CheckAnswers checkAnswers = new CheckAnswers() { incommingAnswers = incommingAnswers, username = user }; return((ResetPasswordResponseDTO)checkAnswers.Execute().Result); }
public IHttpActionResult GetAnswers([FromBody] IncommingAnswersDTO incommingAnswers) { ResetPasswordResponseDTO response = service.CheckAnswers(incommingAnswers.resetPasswordResponseDTO, incommingAnswers.userCredential); response.Messages = new List <string>(); if (response.isSuccessful == false) { response.Messages.Add("Incorrect Answers"); return(Content(HttpStatusCode.Unauthorized, response)); } response.Messages.Add("Success!"); return(Ok(response)); }
public IHttpActionResult SetPassword([FromBody] UserCredential usernewCredentials) { ResetPasswordResponseDTO response = service.ReplaceOldPassword(usernewCredentials); //response.Messages = new List<string>(); if (response.isSuccessful == false) { if (response.Messages.Contains("Bad Password")) { return(Content(HttpStatusCode.Unauthorized, response)); } return(Content(HttpStatusCode.NotFound, response)); } return(Ok(response)); }
/// <summary> /// Get questions for user /// </summary> /// <param name="loginDTO">user</param> /// <returns>user's security questions</returns> public ResetPasswordResponseDTO GetQuestions(UserCredential userCredential) { LoginDTO loginDTO = new LoginDTO() { UserName = userCredential.Username }; ResetPasswordResponseDTO response = new ResetPasswordResponseDTO(); GetQuestions getQuestions = new GetQuestions() { loginDTO = loginDTO }; response = (ResetPasswordResponseDTO)getQuestions.Execute().Result; return(response); }
public ResetPasswordResponseDTO SetNewPass(LoginDTO newCredentials) { var foundcredentials = (from credential in db.Credentials where credential.UserName == newCredentials.UserName select credential).FirstOrDefault(); var newSalt = (from salt in db.Salts where salt.UserID == foundcredentials.UserID select salt).FirstOrDefault(); ResetPasswordResponseDTO response = new ResetPasswordResponseDTO(); if (foundcredentials == null) { // faile response response.isSuccessful = false; } else { using (var dbTransaction = db.Database.BeginTransaction()) { try { foundcredentials.Password = newCredentials.Password; newSalt.SaltValue = newCredentials.SaltValue; db.SaveChanges(); dbTransaction.Commit(); // Creates the response response.isSuccessful = true; } catch (SqlException) { response.isSuccessful = false; response.Messages.Add("Your request could not be made. Please try again."); } catch (DataException) { response.isSuccessful = false; response.Messages.Add("Your request could not be made. Please try again."); } } } return(response); }
public async Task <IActionResult> ResetPassword( [FromBody] ResetPasswordDTO resetPasswordDTO) { var errorResponse = new ResetPasswordResponseDTO { Errors = new string[] { "Reset Password Failed" } }; if (!ModelState.IsValid) { return(BadRequest(errorResponse)); } //finds the email of the users account var user = await _userManager.FindByEmailAsync(resetPasswordDTO.Email); if (user == null) { return(BadRequest(errorResponse)); } var resetPassResult = await _userManager.ResetPasswordAsync(user, resetPasswordDTO.Token, resetPasswordDTO.Password); if (!resetPassResult.Succeeded) { var errors = resetPassResult.Errors.Select(e => e.Description); return(BadRequest(new ResetPasswordResponseDTO { Errors = errors })); } await _userManager.SetLockoutEndDateAsync(user, null); return(Ok(new ResetPasswordResponseDTO { IsResetPasswordSuccessful = true })); }
/// <summary> /// Set nw password for user /// </summary> /// <returns>return true if successful else false</returns> public Outcome Execute() { var response = new Outcome(); var messages = new List <string>(); ResetPasswordResponseDTO validResponse = new ResetPasswordResponseDTO(); // Returns error if user credentials are null if (incommingCredentials == null) { validResponse.isSuccessful = false; messages.Add(AccountConstants.REGISTRATION_INVALID); validResponse.Messages = messages; response.Result = validResponse; return(response); } var validator = new UserCredValidator(); var results = validator.Validate(incommingCredentials); IList <ValidationFailure> failures = results.Errors; // Returns any error messages if there was any when validating if (failures.Any()) { foreach (ValidationFailure failure in failures) { messages.Add(failure.ErrorMessage); } validResponse.isSuccessful = false; validResponse.Messages = messages; response.Result = validResponse; return(response); } if (new BadPasswordService().BadPassword(incommingCredentials.Password) == true) { validResponse.isSuccessful = false; messages.Add("Bad Password"); validResponse.Messages = messages; response.Result = validResponse; return(response); } HMAC256 hashPassword = new HMAC256(); string newSALT = hashPassword.GenerateSalt(); HashDTO hashDTO = new HashDTO() { Original = incommingCredentials.Password + newSALT }; string newPassword = hashPassword.Hash(hashDTO); LoginDTO newCredentials = new LoginDTO() { UserName = incommingCredentials.Username, Password = newPassword, SaltValue = newSALT }; LoginGateway loginGateway = new LoginGateway(); response.Result = loginGateway.SetNewPass(newCredentials); return(response); }