public ActionResult ResetPassword() {
HttpContext ctx = System.Web.HttpContext.Current;
Customer cust = new Customer();
cust.GetFromStorage(ctx);
if (!cust.LoggedIn(ctx)) {
return RedirectToAction("Index", "Authenticate");
}
string message = "";
try {
string current = Request.Form["current"];
string newpw = Request.Form["new"];
string confirm = Request.Form["confirm"];
if (String.IsNullOrEmpty(current) || String.IsNullOrEmpty(newpw) || String.IsNullOrEmpty(confirm)) {
throw new Exception("You must enter all password fields. Try Again");
}
cust.ValidateCurrentPassword(current);
cust.ValidatePasswords(newpw, confirm);
cust.UpdatePassword();
message = "Your password was successfully updated.";
} catch (Exception e) {
message = e.Message;
}
return RedirectToAction("Password", new { message = message });
}
