/*this function check if this user have made request before
* if user has alraedy requests ,then check if that request has been expired ot not
*/
private void checkForPatientRequest(patient patient, string verificationWay)
{
//add reset password request
resetPasswordRequest oldRequest =
db.resetPasswordRequests.FirstOrDefault(r => r.userID == patient.id && r.entity == false);
if (oldRequest == null)
{
oldRequest = addPatientResetPasswordRequest(patient, verificationWay);
}
else
{ //request is found
if (DateTime.Now.Day > oldRequest.requestTime.Day + 3)
{ //request link is is expired
db.Entry(oldRequest).State = System.Data.Entity.EntityState.Deleted;
db.SaveChanges();
oldRequest = addPatientResetPasswordRequest(patient, verificationWay);
}
}
if (verificationWay == "email")
{
string resetLink = Request.getBaseUrl() + "/" + defaultPathForUserSite + "/changePassword?uid=" + oldRequest.id;
string body = renderPartialViewToString("mailView", new Tuple <string, string>(patient.username, resetLink));
sendMailTo(patient.mail, Resource1.passwordRecoveryTitleToEmail, body, "async");
}
else
{
//send phone message
}
}
//change password page
public ActionResult changePassword(string userID, string password)
{
//this function show form that withen user can change his password
try
{
Guid requestID = Guid.Parse(userID);
resetPasswordRequest request = db.resetPasswordRequests.FirstOrDefault(r => r.id == requestID);
if (request != null)
{
doctor doctor = db.doctors.FirstOrDefault(d => d.id == request.userID);
MembershipUser docMember = Membership.GetUser(doctor.username);
var generatedPass = docMember.ResetPassword();
docMember.ChangePassword(generatedPass, password);
doctor.password = password;
db.Entry(doctor).State = System.Data.Entity.EntityState.Modified;
db.Entry(request).State = System.Data.Entity.EntityState.Deleted;
Membership.UpdateUser(docMember);
db.SaveChanges();
return(View(model: Resource1.passwordChangedSuccessfully));
}
else
{
ViewBag.error = tabeeb.Areas.users.languages.Resource1.linkExpired;
return(View(model: userID));
}
}
catch (Exception)
{
ViewBag.error = tabeeb.Areas.users.languages.Resource1.problemOnDoingOperationAtServer;
return(View(model: userID));
}
}
/*submit change password page data*/
public ActionResult changePassword(string userID, string password)
{
try
{
Guid requestID = Guid.Parse(userID);
resetPasswordRequest request = db.resetPasswordRequests.FirstOrDefault(r => r.id == requestID);
if (request != null)
{
patient patient = db.patients.FirstOrDefault(d => d.id == request.userID);
MembershipUser docMember = Membership.GetUser(patient.username);
var generatedPass = docMember.ResetPassword();
docMember.ChangePassword(generatedPass, password);
patient.password = password;
db.Entry(patient).State = System.Data.Entity.EntityState.Modified;
db.Entry(request).State = System.Data.Entity.EntityState.Deleted;
Membership.UpdateUser(docMember);
db.SaveChanges();
return(RedirectToAction("login"));
}
else
{
ViewBag.error = Resource1.linkExpired;
return(View(model: userID));
}
}
catch (Exception)
{
ViewBag.error = Resource1.problemOnDoingOperationAtServer;
return(View(model: userID));
}
}
//reset password operation
public ActionResult resetPassword(string userNameOrEmail)
{
try
{
doctor doctor = db.doctors.FirstOrDefault(d => d.username == userNameOrEmail || d.mail == userNameOrEmail);
if (doctor != null)
{
//add reset password request record to database
//get old request for that user is founded
resetPasswordRequest oldRequest = db.resetPasswordRequests.FirstOrDefault(r => r.userID == doctor.id && r.entity == true);
if (oldRequest == null)
{//user has no request at databse before
//add new request record to database
oldRequest = new resetPasswordRequest();
oldRequest.id = Guid.NewGuid();
oldRequest.userID = doctor.id;
oldRequest.entity = true;
oldRequest.requestTime = DateTime.Now;
db.resetPasswordRequests.Add(oldRequest);
db.SaveChanges();
}
else
{//request is already found
//request will be expired after 3 days
if (DateTime.Now.Day > oldRequest.requestTime.Day + 3)
{//request link is is expired
db.Entry(oldRequest).State = System.Data.Entity.EntityState.Deleted;
db.SaveChanges();
oldRequest = new resetPasswordRequest();
oldRequest.id = Guid.NewGuid();
oldRequest.userID = doctor.id;
oldRequest.requestTime = DateTime.Now;
db.resetPasswordRequests.Add(oldRequest);
db.SaveChanges();
}
}
//make verification link and send it to user account mail
var link = Request.getBaseUrl() + "/" + defaultPathForDoctorsArea + "/changePassword?uid=" + oldRequest.id;
string body = renderPartialViewToString("mailView", new Tuple <string, string>(doctor.username, link));
globalController.sendMailTo(doctor.mail, tabeeb.Areas.users.languages.Resource1.passwordRecoveryTitleToEmail, body, "async");
return(View(model: doctor.mail));
}
else
{
ViewBag.error = tabeeb.Areas.users.languages.Resource1.noDataAboutUsernameOrEmail;
return(View());
}
}
catch (Exception)
{
ViewBag.error = tabeeb.Areas.users.languages.Resource1.problemOnSendingResetLink;
return(View());
}
}
/*add patient request to remember password*/
private resetPasswordRequest addPatientResetPasswordRequest(patient patient, string verificationWay)
{
resetPasswordRequest request = new resetPasswordRequest();
request.id = Guid.NewGuid();
request.userID = patient.id;
request.entity = false;
request.requestTime = DateTime.Now;
if (verificationWay == "phone")
{
Random randNumber = new Random();
byte[] code = new byte[5];
randNumber.NextBytes(code);
request.phoneCode = string.Join("", code);
}
db.resetPasswordRequests.Add(request);
db.SaveChanges();
return(request);
}
