/*this function check if this user have made request before * if user has alraedy requests ,then check if that request has been expired ot not */ private void checkForPatientRequest(patient patient, string verificationWay) { //add reset password request resetPasswordRequest oldRequest = db.resetPasswordRequests.FirstOrDefault(r => r.userID == patient.id && r.entity == false); if (oldRequest == null) { oldRequest = addPatientResetPasswordRequest(patient, verificationWay); } else { //request is found if (DateTime.Now.Day > oldRequest.requestTime.Day + 3) { //request link is is expired db.Entry(oldRequest).State = System.Data.Entity.EntityState.Deleted; db.SaveChanges(); oldRequest = addPatientResetPasswordRequest(patient, verificationWay); } } if (verificationWay == "email") { string resetLink = Request.getBaseUrl() + "/" + defaultPathForUserSite + "/changePassword?uid=" + oldRequest.id; string body = renderPartialViewToString("mailView", new Tuple <string, string>(patient.username, resetLink)); sendMailTo(patient.mail, Resource1.passwordRecoveryTitleToEmail, body, "async"); } else { //send phone message } }
//change password page public ActionResult changePassword(string userID, string password) { //this function show form that withen user can change his password try { Guid requestID = Guid.Parse(userID); resetPasswordRequest request = db.resetPasswordRequests.FirstOrDefault(r => r.id == requestID); if (request != null) { doctor doctor = db.doctors.FirstOrDefault(d => d.id == request.userID); MembershipUser docMember = Membership.GetUser(doctor.username); var generatedPass = docMember.ResetPassword(); docMember.ChangePassword(generatedPass, password); doctor.password = password; db.Entry(doctor).State = System.Data.Entity.EntityState.Modified; db.Entry(request).State = System.Data.Entity.EntityState.Deleted; Membership.UpdateUser(docMember); db.SaveChanges(); return(View(model: Resource1.passwordChangedSuccessfully)); } else { ViewBag.error = tabeeb.Areas.users.languages.Resource1.linkExpired; return(View(model: userID)); } } catch (Exception) { ViewBag.error = tabeeb.Areas.users.languages.Resource1.problemOnDoingOperationAtServer; return(View(model: userID)); } }
/*submit change password page data*/ public ActionResult changePassword(string userID, string password) { try { Guid requestID = Guid.Parse(userID); resetPasswordRequest request = db.resetPasswordRequests.FirstOrDefault(r => r.id == requestID); if (request != null) { patient patient = db.patients.FirstOrDefault(d => d.id == request.userID); MembershipUser docMember = Membership.GetUser(patient.username); var generatedPass = docMember.ResetPassword(); docMember.ChangePassword(generatedPass, password); patient.password = password; db.Entry(patient).State = System.Data.Entity.EntityState.Modified; db.Entry(request).State = System.Data.Entity.EntityState.Deleted; Membership.UpdateUser(docMember); db.SaveChanges(); return(RedirectToAction("login")); } else { ViewBag.error = Resource1.linkExpired; return(View(model: userID)); } } catch (Exception) { ViewBag.error = Resource1.problemOnDoingOperationAtServer; return(View(model: userID)); } }
//reset password operation public ActionResult resetPassword(string userNameOrEmail) { try { doctor doctor = db.doctors.FirstOrDefault(d => d.username == userNameOrEmail || d.mail == userNameOrEmail); if (doctor != null) { //add reset password request record to database //get old request for that user is founded resetPasswordRequest oldRequest = db.resetPasswordRequests.FirstOrDefault(r => r.userID == doctor.id && r.entity == true); if (oldRequest == null) {//user has no request at databse before //add new request record to database oldRequest = new resetPasswordRequest(); oldRequest.id = Guid.NewGuid(); oldRequest.userID = doctor.id; oldRequest.entity = true; oldRequest.requestTime = DateTime.Now; db.resetPasswordRequests.Add(oldRequest); db.SaveChanges(); } else {//request is already found //request will be expired after 3 days if (DateTime.Now.Day > oldRequest.requestTime.Day + 3) {//request link is is expired db.Entry(oldRequest).State = System.Data.Entity.EntityState.Deleted; db.SaveChanges(); oldRequest = new resetPasswordRequest(); oldRequest.id = Guid.NewGuid(); oldRequest.userID = doctor.id; oldRequest.requestTime = DateTime.Now; db.resetPasswordRequests.Add(oldRequest); db.SaveChanges(); } } //make verification link and send it to user account mail var link = Request.getBaseUrl() + "/" + defaultPathForDoctorsArea + "/changePassword?uid=" + oldRequest.id; string body = renderPartialViewToString("mailView", new Tuple <string, string>(doctor.username, link)); globalController.sendMailTo(doctor.mail, tabeeb.Areas.users.languages.Resource1.passwordRecoveryTitleToEmail, body, "async"); return(View(model: doctor.mail)); } else { ViewBag.error = tabeeb.Areas.users.languages.Resource1.noDataAboutUsernameOrEmail; return(View()); } } catch (Exception) { ViewBag.error = tabeeb.Areas.users.languages.Resource1.problemOnSendingResetLink; return(View()); } }
/*add patient request to remember password*/ private resetPasswordRequest addPatientResetPasswordRequest(patient patient, string verificationWay) { resetPasswordRequest request = new resetPasswordRequest(); request.id = Guid.NewGuid(); request.userID = patient.id; request.entity = false; request.requestTime = DateTime.Now; if (verificationWay == "phone") { Random randNumber = new Random(); byte[] code = new byte[5]; randNumber.NextBytes(code); request.phoneCode = string.Join("", code); } db.resetPasswordRequests.Add(request); db.SaveChanges(); return(request); }