public ActionResult ChangePassword(string zi)
{
DateTime now = DateTime.Now;
DateTime sentTime;
string userName = "";
try
{
//read the parameters from url
string dec = EncryptionHelper.DecryptAes(zi);
string[] separator = { "&&" };
string[] data = dec.Split(separator, StringSplitOptions.RemoveEmptyEntries);
//get the information
userName = data[0];
sentTime = new DateTime(Convert.ToInt32(data[1]), Convert.ToInt32(data[2]), Convert.ToInt32(data[3]), Convert.ToInt32(data[4]), Convert.ToInt32(data[5]), 0);
//validate if is valid
TimeSpan t = now - sentTime;
if (t.TotalDays > 3)
return View("Expired");
if (VerifyResetPassword(sentTime, userName))
return View("Expired");
//if all is ok, the system shows change password view
ChangePasswordModel model = new ChangePasswordModel();
model.UserName = userName;
return View("ChangePassword", model);
}
catch (Exception)
{
return View("Unavailable");
}
}
private void ValidateChangePassword(ChangePasswordModel model)
{
RegexUtilities util = new RegexUtilities();
//the system validates old password
if (string.IsNullOrEmpty(model.OldPassword))
ModelState.AddModelError("OldPassRequired", Resources.Common.OldPassRequired);
if (model.OldPassword.Length < model.MinLenghtPassword)
ModelState.AddModelError("", Resources.Common.MinLegthPassword);
//The system validates new password
if (string.IsNullOrEmpty(model.NewPassword))
ModelState.AddModelError("NewPassRequired", Resources.Common.NewPassRequired);
if (model.NewPassword.Length < model.MinLenghtPassword)
ModelState.AddModelError("", Resources.Common.MinLegthPassword);
//the system validates new password
if (string.IsNullOrEmpty(model.ReNewPassword))
ModelState.AddModelError("ReNewPassWordRequired", Resources.Common.ReNewPassWordRequired);
if (model.ReNewPassword.Length < model.MinLenghtPassword)
ModelState.AddModelError("", Resources.Common.MinLegthPassword);
//the system validates if the new password and the ReNewPassword are equals
if (model.NewPassword != model.ReNewPassword)
ModelState.AddModelError("", Resources.Common.NotIqualPasswordValidation);
//validate the temporary password
if (!CompareTemporalPassword(model.UserName, model.OldPassword))
ModelState.AddModelError("", "The temporary password is not correct");
if (!util.IsValidCotecnaPasswordFormat(model.NewPassword))
ModelState.AddModelError("", Resources.Common.FormatPasswordValidation);
if (!util.IsValidCotecnaPasswordFormat(model.ReNewPassword))
ModelState.AddModelError("", Resources.Common.FormatPasswordValidation);
}
public ActionResult ChangePassword()
{
ChangePasswordModel model = new ChangePasswordModel();
return View(model);
}
public ActionResult SaveChangePassword(ChangePasswordModel model)
{
ValidateChangePassword(model);
//if there are no errors, the system will continue with the process
if (ModelState.IsValid)
{
//change the password.
if (ResetPassword(model.UserName, model.ReNewPassword))
{
string userEmail = model.UserName;
//the system reads the template
string messageBody = System.IO.File.ReadAllText(Server.MapPath("~/Templates/PasswordChangedConfirmationTemplate.html"));
//the system send an email to the user, with the necessary information for reset the password
EmailManagement.SendEmail(userEmail, messageBody, Resources.Common.ForgetPasswordSubjectConfirEmail, Settings.Default.EmailSupport, Settings.Default.NameEmailSupport);
return View("ChangePasswordConfirmation");
}
else
{
ModelState.AddModelError("", Resources.Common.ForgetPasswordGeneralError);
return View("ChangePassword", model);
}
}
else
{
//if exist errors, the system will display the errors.
return View("ChangePassword", model);
}
}
public ActionResult SaveChangePassword(ChangePasswordModel model)
{
ValidateChangePassword(model);
if (ModelState.IsValid)
{
bool result = WebSecurity.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword);
if (result)
{
string userEmail = User.Identity.Name;
//the system reads the template
string messageBody = System.IO.File.ReadAllText(Server.MapPath("~/Templates/PasswordChangedConfirmationTemplate.html"));
//the system send an email to the user, with the necessary information for reset the password
EmailManagement.SendEmail(userEmail, messageBody, Resources.Common.ForgetPasswordSubjectConfirEmail, Settings.Default.EmailSupport, Settings.Default.NameEmailSupport);
return RedirectToAction("Index", "Certificate");
}
else
{
ModelState.AddModelError("", Resources.Common.ForgetPasswordGeneralError);
return View("ChangePassword", model);
}
}
else
{
return View(model);
}
}
