public IActionResult NewPassword([FromQuery] string token, [FromBody] User obj)
{
if (User == null || string.IsNullOrEmpty(token))
{
return(BadRequest());
}
ResetToken resetToken = _tokenHelper.GetObject <ResetToken>(token);
if (!resetToken.IsValid())
{
return(BadRequest());
}
User user = _userRepository.GetById(resetToken.UserId);
if (user == null)
{
return(NotFound());
}
User newUser = (User)user.Clone();
newUser.Password = obj.Password;
_userRepository.Update(user, newUser);
return(new OkResult());
}
public IActionResult NewPassword(string email)
{
if (string.IsNullOrEmpty(email))
{
return(BadRequest());
}
User user = _userRepository.List().FirstOrDefault(x => x.Email.ToLower() == email.ToLower());
if (user == null)
{
return(NotFound());
}
ResetToken resetToken = new ResetToken {
UserId = user.Id, Expirated = DateTimeOffset.Now.AddHours(2)
};
string token = _tokenHelper.Generate <ResetToken>(resetToken);
SmtpClientHelper smtpClientHelper = new SmtpClientHelper("587",
"smtp.sendgrid.net",
_configuration["SMTP_USERNAME"],
_configuration["SMTP_PASSWORD"]);
string body = String.Format("?token=" + token);
string subject = "RESETAR SENHA - CMMG";
smtpClientHelper.Send(new MailAddress(_configuration["EMAIL_SENDER"]),
new MailAddress(email),
body,
subject);
return(new OkResult());
}
public async Task UpdateByUserId(ResetToken resetToken)
{
var resetTokenInDb = await _context.ResetTokens.Where(t => t.UserId == resetToken.UserId).SingleOrDefaultAsync();
if (resetToken != null)
{
resetTokenInDb.Token = resetToken.Token;
resetTokenInDb.TokenExpiry = resetToken.TokenExpiry;
_context.Entry(resetTokenInDb).State = EntityState.Modified;
await _context.SaveChangesAsync();
}
}
public async Task SaveToken(ResetToken resetToken)
{
var userToken = this.FindTokenByUserId(resetToken.UserId);
if (userToken == null)
{
await this.Create(resetToken);
}
else
{
await this.UpdateByUserId(resetToken);
}
}
public bool VerifyIfTokenExpired(ResetToken resetToken)
{
//check for expiry
var currentDateTime = DateTime.Now;
var tokenExipry = resetToken.TokenExpiry;
TimeSpan span = tokenExipry.Subtract(currentDateTime);
if (span.TotalMinutes > 0)
{
return(false);
}
return(true);
}
public ActionResult Reset(ResetToken request)
{
//Todo encode token upon link generation
var model = new ResetPasswordChangeModel();
var response = _userService.GetUserByToken(new ResetPasswordTokenRequest {
Token = request.Token
});
if (response.IsSuccess)
{
model.UserId = response.Profile.Id;
model.Token = response.Token;
}
else
{
ViewBag.Message = "Invalid Token";
}
return(View(model));
}
public ActionResult ResetPassword(string un, string rt)
{
ApplicationUser userProfile = db.Users.FirstOrDefault(x => x.UserName.Equals(un));
ResetToken resetToken = db.ResetToken.FirstOrDefault(x => x.Token.Equals(rt));
if (userProfile == null || resetToken == null || !(resetToken.UserName == userProfile.UserName))
{
return(RedirectToAction("BadLink"));
}
string newpassword = new Random(8).Next(99999999).ToString();
if (!(UserManager.RemovePassword(UserManager.FindByName(un).Id) == IdentityResult.Success))
{
return(RedirectToAction("BadLink"));
}
UserManager.AddPassword(UserManager.FindByName(un).Id, newpassword);
db.ResetToken.Remove(resetToken);
db.SaveChanges();
// send an email with a new password
string subject = "New password";
string body = "New password to access the system: " + newpassword;
try
{
SendEmail(userProfile.Email, subject, body);
ViewBag.Message = "A password letter has been sent.";
}
catch (Exception ex)
{
ViewBag.Message = "An error occurred while sending the email." + ex.Message;
}
return(View());
}
public ActionResult ForgotPassword(string UserName)
{
var user = UserManager.FindByName(UserName);
if (user == null)
{
TempData["Message"] = "User Not exist.";
}
else
{
// генерируем маркер пароля
ResetToken token = new ResetToken()
{
Token = CreateToken(), UserName = UserName
};
db.ResetToken.Add(token);
db.SaveChanges();
// создаем урл с маркером пароля
var resetLink = Url.Action("ResetPassword", "Account", new { un = UserName, rt = token.Token }, "http");
// получим e-mail прользователя
var email = db.Users.Where(x => x.UserName == UserName).Select(x => x.Email).FirstOrDefault();
// отсылаем email
string subject = "Change Password";
string body = "To change the password, follow the link " + resetLink;
try
{
SendEmail(email, subject, body);
TempData["Message"] = "A message with a password reset link has been sent by e-mail.";
}
catch (Exception ex)
{
TempData["Message"] = "Error occured while sending email." + ex.Message;
}
}
return(View());
}
public async Task <StatusResult> ConfirmEmail(ResetToken token)
{
StatusResult c = new Models.StatusResult();
if (!ModelState.IsValid)
{
c.Status = Status.Fail.ToString();
c.Result = false;
return(c);
}
var result = await UserManager.ConfirmEmailAsync(token.UserId, token.Code);
if (result.Succeeded)
{
c.Status = Status.Success.ToString();
c.Result = true;
}
else
{
c.Status = Status.Fail.ToString();
c.Result = result.Errors.First();
}
return(c);
}
public async Task Create(ResetToken resetToken)
{
_context.ResetTokens.Add(resetToken);
await _context.SaveChangesAsync();
}
public async Task <ResetRequestResultDTO> SendResetToken(string email)
{
// => Check if account exist
ApplicationUser user = await _userManager.FindByEmailAsync(email);
// => Send error response
if (user == null)
{
return(new ResetRequestResultDTO
{
Status = "failed",
ResponseMessage = "Account doesn't exist",
ResponseCode = "01"
});
}
//, On existing
//=> Generate reset token, 4 digit
Random rnd = new Random();
var token = Helper.RandomString(4, Helper.Mode.Numeric);
var expiry = DateTime.Now.AddMinutes(15);
// => Add 15minutes to current time,
// and set as PasswordTokenExpiryTime
var resetToken = new ResetToken
{
Token = token,
TokenExpiry = expiry,
UserId = user.Id
};
try
{
//refactor to reset token respository
await _resetTokenRepository.SaveToken(resetToken);
//=> Send reset email
var subject = "Password Reset Request";
string message = "";
string htmlMessage = @"<!DOCTYPE html>
<html>
<head>
<style>
</style>
</head>
<body>
<img style='display:block;' align='right' src='https://www.dropbox.com/s/0p1flnq0voo7hn9/oftcoftlogosmall.jpg?raw=1' alt = 'felt lucky'></a>" +
"<h3 style = 'font-family: Arial, sans-serif; font-size: 250%; color:#9370DB;'> Account Recovery </h3>" +
"<h5 style = 'font-family: Arial, sans-serif; font-size: 250%; color:#9370DB;'> Dear User </h5>" +
"<p style = 'font-family: Gill Sans, sans-serif; font-size: 160%; color:#666666;'> You recently requested to reset your password. Use the below 4 digit OTP. This token is only valid for the next 15 minutes. </p>" +
"<p style = 'font-family: Gill Sans, sans-serif; font-size: 160%; color:#666666;'> Token : " + resetToken.Token + "</p>" +
"<p></p>" +
"<a href='https://www.nationalgiveaway.com'><img style='display:block; width:100%;height:100%;' src='https://www.dropbox.com/s/medm6f3npfr4gh5/freegift.jpg?raw=1' alt = 'feeling lucky'></a>" +
"</body>" +
"</html>";
//=> Send response
await _emailService.ExecuteAsync(email, subject, message, htmlMessage);
return(new ResetRequestResultDTO
{
Status = "success",
ResponseMessage = "Password reset token sent",
ResponseCode = "00"
});
}
catch (Exception ex)
{
return(new ResetRequestResultDTO
{
Status = "failed",
ResponseMessage = ex.Message,
ResponseCode = "01"
});
}
}
public ResetToken GenerateResetToken(int userId) => _resetTokens[userId] = new ResetToken(DateTime.UtcNow, GetResetCode(5));
public ActionResult ForgotPassword(string UserName)
{
// проверяем существование пользователя
var user = UserManager.FindByName(UserName);
if (user == null)
{
TempData["Message"] = "User Not exist.";
}
else
{
// генерируем маркер пароля
ResetToken token = new ResetToken() { Token = CreateToken(), UserName = UserName };
db.ResetToken.Add(token);
db.SaveChanges();
// создаем урл с маркером пароля
var resetLink = Url.Action("ResetPassword", "Account", new { un = UserName, rt = token.Token }, "http");
// получим e-mail прользователя
var email = db.Users.Where(x => x.UserName == UserName).Select(x => x.Email).FirstOrDefault();
// отсылаем email
string subject = "Смена пароля";
string body = "Для смены пароля перейдите по ссылке " + resetLink;
try
{
SendEmail(email, subject, body);
TempData["Message"] = "Сообщение со ссылкой для восстановления пароля выслано на электронную почту.";
}
catch (Exception ex)
{
TempData["Message"] = "Error occured while sending email." + ex.Message;
}
}
return View();
}
