public ActionResult LoginResetPassword(LoginResetPasswordModel model)
{
// clears the errors from the model
model.ClearToaster();
// check for simple warnings
var isValid = true;
// makes sure we don't have any empty fields
if (String.IsNullOrEmpty(model.Password))
{
model.AddError(GlobalErrors.EmptyFields);
isValid = false;
}
if (!CredentialsHelper.IsPasswordValid(model.Password)) // check password is valid
{
model.AddError(RegistrationErrors.InvalidPassword);
isValid = false;
}
else // if password is valid get warnings
{
model.AddWarnings(CredentialsHelper.GetPasswordWarnings(model.Password));
}
if (isValid && !model.HasWarnings())
{
using (var e2 = new EntityContext()) // db context
{
var currentUser = SessionHelper.GetSessionUser();
if (currentUser == null)
{
model.AddError(GlobalErrors.ServerError);
return(View(model));
}
var success = Authorize.ResetPassword(currentUser.Email, model.Password, e2);
var newUser = Authorize.CredentialsByEmail(currentUser.Email, model.Password, e2);
if (!success || newUser == null)
{
model.AddError(GlobalErrors.ServerError);
return(View(model));
}
else
{
//if username and password is correct, create session and return Success
SessionHelper.SetSessionUser(newUser);
FormsAuthentication.SetAuthCookie(newUser.Username, true);
model = new LoginResetPasswordModel();
model.AddSuccess(ResetPasswordSuccessEnum.PasswordReset);
return(View(model));
}
}
}
// if we got here there was an error
return(View(model));
}
public ActionResult Login(LoginModel model)
{
// clears the errors from the model
model.ClearToaster();
// checks if the user passed in their login data
if (!String.IsNullOrEmpty(model.UsernameOrEmail) && !String.IsNullOrEmpty(model.Password))
{
using (var e = new EntityContext()) // db context
{
//check username and password from database
CachedUser cachedUser = null;
var isEmail = CredentialsHelper.IsEmailValid(model.UsernameOrEmail);
if (isEmail) // is an email
{
cachedUser = Authorize.CredentialsByEmail(model.UsernameOrEmail, model.Password, e);
}
else // is username
{
cachedUser = Authorize.CredentialsByUsername(model.UsernameOrEmail, model.Password, e);
}
if (cachedUser != null)
{
//if username and password is correct, create session and return Success
SessionHelper.SetSessionUser(cachedUser);
FormsAuthentication.SetAuthCookie(cachedUser.Username, true);
// goes to home screen or previous screen
FormsAuthentication.RedirectFromLoginPage(cachedUser.Username, true);
}
// check if we can give any more detail to errors
var errors = Authorize.GetAuthorizeErrors();
if (!errors.Any()) // if no errors, throw unknown error
{
model.AddError(LoginErrors.UnknownError);
}
// if the user does not have the right username and password, don't give any more info
else if (errors.Contains(Authorize.AuthorizeErrorsEnum.PasswordNotVerified) ||
errors.Contains(Authorize.AuthorizeErrorsEnum.NoLoginData))
{
model.AddError(LoginErrors.InvalidUsernameOrPassword);
}
else // checks to see if we can find another issue
{
if (errors.Contains(Authorize.AuthorizeErrorsEnum.EmailNotConfirmed))
{
model.AddError(LoginErrors.EmailNotConfirmed);
}
if (errors.Contains(Authorize.AuthorizeErrorsEnum.LoginSuspended))
{
model.AddError(LoginErrors.Suspended);
}
}
}
}
else
{
// throws a EmptyUsernameOrPassword error
model.AddError(GlobalErrors.EmptyFields);
}
// if we got here there was an error
return(View(model));
}