public static User ResetPassword(string email, string actUrl, string conStr = "")
{
const int MAXIMUM_PASSWORD_ATTEMPTS = 10000;
bool includeLowercase = true;
bool includeUppercase = true;
bool includeNumeric = true;
bool includeSpecial = false;
int lengthOfPassword = 16;
PasswordGeneratorSettings settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, lengthOfPassword);
string password;
if (!settings.IsValidLength())
{
password = settings.LengthErrorMessage();
}
else
{
int passwordAttempts = 0;
do
{
password = PasswordGenerator.GeneratePassword(settings);
passwordAttempts++;
}while (passwordAttempts < MAXIMUM_PASSWORD_ATTEMPTS && !PasswordGenerator.PasswordIsValid(settings, password));
password = PasswordGenerator.PasswordIsValid(settings, password) ? password : "******";
}
User user = new User {
Email = email, ActivationCode = password
};
using (SqlConnection con = new SqlConnection(conStr))
{
using (SqlCommand cmd = new SqlCommand("sp_ManageUsers", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode",
Value = "PreparePwdReset"
});
cmd.Parameters.Add("@Email", SqlDbType.VarChar).Value = user.Email;
cmd.Parameters.Add("@ActivationCode", SqlDbType.VarChar).Value = user.ActivationCode;
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
bool success = false;
if (rdr.HasRows)
{
while (rdr.Read())
{
user = new User(rdr);
}
//TODO: Notify SecondaryEmail first if any.
string htmlString = "<html><body><h1>Dear " + user.FirstName + ",</h1><br/>" +
"<h6>Please click on the link below and follow the procedure to reset your password:</h6><br/><br/>" +
"<a href=\"" + actUrl + "/" + user.UserId + "?rcode=" + user.ActivationCode + "\">Reset Password</a></body></html>";
success = new EmailNotifier
{
From = "*****@*****.**",
Password = "******",
To = new string[] { user.Email },
Subject = "INTO Login Infos",
Body = htmlString,
IsBodyHtml = true,
SmtpServer = "smtp.gmail.com",
SmtpPort = 587,
IsSSL = true
}.Notify();
}
if (success)
{
return(user);
}
}
}
return(user);
}
public static TutorType PrepareForConfirmation(long userId, int objEntityId, int stepId, string actUrl = "", int? lang = 1, string conStr = "")
{
const int MAXIMUM_PASSWORD_ATTEMPTS = 10000;
bool includeLowercase = true;
bool includeUppercase = true;
bool includeNumeric = true;
bool includeSpecial = false;
int lengthOfPassword = 16;
PasswordGeneratorSettings settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, lengthOfPassword);
string actCode;
if (!settings.IsValidLength())
{
actCode = settings.LengthErrorMessage();
}
else
{
int passwordAttempts = 0;
do
{
actCode = PasswordGenerator.GeneratePassword(settings);
passwordAttempts++;
}
while (passwordAttempts < MAXIMUM_PASSWORD_ATTEMPTS && !PasswordGenerator.PasswordIsValid(settings, actCode));
actCode = PasswordGenerator.PasswordIsValid(settings, actCode) ? actCode : "Try again";
}
using (SqlConnection con = new SqlConnection(conStr))
{
SqlCommand cmd = new SqlCommand("sp_ManageTutor", con);
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode",
Value = "CheckAgreement"
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@UId",
Value = userId
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@ObjEntityId",
Value = objEntityId
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@RegistrationStepId",
Value = stepId
});
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@ActivationCode",
Value = actCode
});
con.Open();
SqlDataReader rdr = cmd.ExecuteReader();
TutorType tutor = null;
if (rdr.HasRows)
{
rdr.Read();
tutor = new TutorType(rdr);
}
bool success = false;
if (tutor != null)
{
//TODO: Notify SecondaryEmail first if any.
string htmlString = "<html><body><h1>Dear " + tutor.FirstName + ",</h1><br/>" +
"<h6>Please click on the link below to confirm our business agreement:</h6><br/><br/>" +
"<a href='" + actUrl + "/" + tutor.UserId + "/" + actCode + "/" + stepId + "/" + lang + "'>Ready For The Interview</a></body></html>";
success = new EmailNotifier
{
From = "*****@*****.**",//TODO: Read from DB
Password = "******",//TODO: Read from DB
To = new string[] { tutor.Email },
Subject = "INTO Tutoring Agreement",
Body = htmlString,
IsBodyHtml = true,
SmtpServer = "smtp.gmail.com",
SmtpPort = 587,
IsSSL = true
}.Notify();
}
return tutor;
}
}
//To be discussed !! (What to return)
public static TutorType UserSignUp(User user, string actUrl, string conStr = "")
{
TutorType tutor = null;
const int MAXIMUM_PASSWORD_ATTEMPTS = 10000;
bool includeLowercase = true;
bool includeUppercase = true;
bool includeNumeric = true;
bool includeSpecial = false;
int lengthOfPassword = 16;
PasswordGeneratorSettings settings = new PasswordGeneratorSettings(includeLowercase, includeUppercase, includeNumeric, includeSpecial, lengthOfPassword);
string password;
if (!settings.IsValidLength())
{
password = settings.LengthErrorMessage();
}
else
{
int passwordAttempts = 0;
do
{
password = PasswordGenerator.GeneratePassword(settings);
passwordAttempts++;
}while (passwordAttempts < MAXIMUM_PASSWORD_ATTEMPTS && !PasswordGenerator.PasswordIsValid(settings, password));
password = PasswordGenerator.PasswordIsValid(settings, password) ? password : "******";
}
user.ActivationCode = password;
using (SqlConnection con = new SqlConnection(conStr))
{
using (SqlCommand cmd = new SqlCommand("sp_ManageUsers", con))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.Add(new SqlParameter()
{
ParameterName = "@Mode",
Value = "Insert"
});
cmd.Parameters.Add("@FirstName", SqlDbType.VarChar).Value = user.FirstName;
cmd.Parameters.Add("@LastName", SqlDbType.VarChar).Value = user.LastName;
cmd.Parameters.Add("@Email", SqlDbType.VarChar).Value = user.Email;
cmd.Parameters.Add("@Password", SqlDbType.VarChar).Value = user.Password;
cmd.Parameters.Add("@ActivationCode", SqlDbType.VarChar).Value = user.ActivationCode;
cmd.Parameters.Add("@CountryId", SqlDbType.Int).Value = user.LocationSettings.Country.Id;
cmd.Parameters.Add("@ObjEntityId", SqlDbType.Int).Value = (Byte)user.Type;
cmd.Parameters.Add("@TimeZoneOffset", SqlDbType.Int).Value = user.TimezoneOffset;
con.Open();
int rows = cmd.ExecuteNonQuery();
bool success = false;
if (rows > 0)
{
//TODO: Notify SecondaryEmail first if any.
string htmlString = "<html><body><h1>Dear " + user.FirstName + ",</h1><br/>" +
"<h6>Please click on the link below to activate your account:</h6><br/><br/>" +
"<a href=\"" + actUrl + "/" + user.UserId + "/" + user.ActivationCode + "\">Activate</a></body></html>";
success = new EmailNotifier
{
From = "*****@*****.**", //TODO: Read from DB
Password = "******", //TODO: Read from DB
To = new string[] { user.Email },
Subject = "INTO Account",
Body = htmlString,
IsBodyHtml = true,
SmtpServer = "smtp.gmail.com",
SmtpPort = 587,
IsSSL = true
}.Notify();
}
if (success)
{
tutor = new TutorType {
FirstName = user.FirstName, LastName = user.LastName, Active = false, LocationSettings = user.LocationSettings, Phone = user.Phone, Email = user.Email, Password = user.Password
};
}
}
return(tutor);
}
}