public bool VerifySecurity(ResetPasswordModelStepTwo stepTwoModel)
{
bool isCorrectAnswer = false;
if (null == stepTwoModel)
{
throw new ArgumentNullException("Password Reset");
}
Security security = null;
using (var db = new LocalNewsDBEntities())
{
User user = db.Users.Where(u => u.username == stepTwoModel.Username).FirstOrDefault();
security = db.Securities.Where(s => s.user_id == user.user_id).FirstOrDefault();
}
if (null != security)
isCorrectAnswer = CryptoUtil.ComputeHash(stepTwoModel.Answer) == security.answer ? true : false;
return isCorrectAnswer;
}
public ResetPasswordModelStepTwo GetSecurityQuestion(string username)
{
if (string.IsNullOrEmpty(username))
{
throw new ArgumentNullException("username");
}
Security security = null;
using (var db = new LocalNewsDBEntities())
{
User user = db.Users.Where(u => u.username == username).FirstOrDefault();
security = db.Securities.Where(s => s.user_id == user.user_id).FirstOrDefault();
}
ResetPasswordModelStepTwo stepTwoModel = null;
if (null != security)
{
stepTwoModel = new ResetPasswordModelStepTwo();
stepTwoModel.Username = username;
stepTwoModel.Question = security.Question.question1;
}
return stepTwoModel;
}
public ActionResult PasswordResetStepTwo(ResetPasswordModelStepTwo stepTwoModel)
{
if (ModelState.IsValid)
{
FormsAuthentication.SetAuthCookie(stepTwoModel.Username, false);
return RedirectToAction("Account", "_SetPasswordPartial");
}
//// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The username and answer provided is incorrect.");
return View(stepTwoModel);
}
