public void ResetPassword(ResetPasswordRequestViewModel request)
{
//var username = string.Format("{0}.{1}", request.FirstName, request.LastName);
var usr = Context.Users.FirstOrDefault(user => user.Email == request.Email);
if (usr == null)
{
throw new Exception("Nie istnieje użytkownik o podanym mailu.");
}
var pwdString = GetRandomPassword(8);
usr.Salt = _hashHelper.GetSalt();
usr.Password = _hashHelper.Compute(pwdString, usr.Salt);
usr.PasswordCreated = DateTime.Now;
EmailHelper.SendEmail(new EmailAccount
{
Email = usr.Email,
Subject = "Generacja nowego hasła",
Request = string.Format("Witam, <br/><br/> " +
"Na prośbę <b>{0} {1}</b> wygenerowano nowe hasło do aplikacji. <br/>" +
"Login: <b>{2}</b> <br/>" +
"Hasło: <b>{3}</b> <br/>" +
"Jeśli nie składałeś prośby o nowe hasło proszę zignoruj tę wiadomość.<br/><br/>" +
"Pozdrawiam, <br/>" +
"Administrator aplikacji \"MTAB\" <br/><br/>" +
"Odpowiedź wygenerowano automatycznie, proszę na nią nie odpowiadać.",
usr.FirstName, usr.LastName, usr.Login, pwdString)
});
}
public ActionResult ResetPasswordRequest(ResetPasswordRequestViewModel resetPassword)
{
if (ModelState.IsValid)
{
string email = resetPassword.Email;
Member _member = rpMember.FindFirst(m => m.email == email);
if (_member != null)
{
string today = DateTime.Today.ToString();
string resetPasswordString = _member.email + today;
string md5ResetPasswordHashed = Security.GenerateMd5("OMAR" + email.Length + resetPasswordString.Length + resetPasswordString);
//Save Reset Token to DB
_member.reset_token = md5ResetPasswordHashed;
rpMember.Edit(_member);
string resetPasswordUrl = Url.Action("ResetPassword", "Member", new { email = email, token = md5ResetPasswordHashed }, "http");
NotifyMember.ResetPassword(email, resetPasswordUrl);
return(View("Success", new MessageView()
{
Message = "An e-mail has been sent to " + email + " to recover the password."
}));
}
else
{
ModelState.AddModelError("EmailNotFound", "Email is not registered.");
}
}
return(View());
}
public async Task <ActionResult> ResetPasswordRequest(ResetPasswordRequestViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
using (var client = apiClient())
{
ResetPasswordRoute route = externalRouteService.InternalUserResetPasswordRoute;
PasswordResetRequest apiModel = new PasswordResetRequest(model.Email, route);
var token = await apiClientCredential().GetClientCredentialsAsync();
var result = await client.User.ResetPasswordRequestAsync(apiModel, token.AccessToken);
if (!result.ValidEmail)
{
ModelState.AddModelError("Email", "Email address not recognised.");
return(View(model));
}
ViewBag.Email = model.Email;
return(View("ResetPasswordInstruction"));
}
}
public ActionResult ResetPassword(ResetPasswordRequestViewModel resetRequest)
{
try
{
resetRequest.Date = DateTime.Now;
_unitOfWork.UserRepository.ResetPassword(resetRequest);
_unitOfWork.SaveChanges();
return(PartialView("~/Views/Login/Index.cshtml"));
}
catch (Exception e)
{
logger.Error(e, e.Message);
Response.StatusCode = (int)HttpStatusCode.BadRequest;
return(PartialView("~/Views/PartialViews/Error.cshtml", e.Message));
}
}
public async void HttpPost_ResetPasswordRequest_EmailNotInDatabase_ReturnsError()
{
var model = new ResetPasswordRequestViewModel
{
Email = "[email protected]"
};
A.CallTo(() => apiClient.User.ResetPasswordRequestAsync(A <string> ._)).Returns(false);
var controller = AccountController();
var result = await controller.ResetPasswordRequest(model);
Assert.IsType <ViewResult>(result);
Assert.Equal(model, ((ViewResult)(result)).Model);
Assert.False(controller.ModelState.IsValid);
}
public void ResetPassword(ResetPasswordRequestViewModel model)
{
var account = _userDataMgr.GetUserByResetToken(model.Token);
if (account == null)
{
throw new AppException("Invalid token");
}
// update password and remove reset token
account.PasswordHash = BC.HashPassword(model.Password);
account.PasswordReset = DateTime.UtcNow;
account.ResetToken = null;
account.ResetTokenExpires = null;
_userDataMgr.UpdateUser(account);
}
public async void HttpPost_ResetPasswordRequest_EmailNotInDatabase_ReturnsResetPasswordInstructionView()
{
var model = new ResetPasswordRequestViewModel
{
Email = "[email protected]"
};
A.CallTo(() => apiClient.User.ResetPasswordRequestAsync(A <string> ._)).Returns(true);
var controller = AccountController();
var result = await controller.ResetPasswordRequest(model);
var viewResult = (ViewResult)result;
Assert.Equal("ResetPasswordInstruction", viewResult.ViewName);
Assert.Equal(model.Email, viewResult.ViewBag.Email);
}
public async Task <ActionResult> Post([FromBody] ResetPasswordRequestViewModel model)
{
if (!CheckResult(model.Name, model.Username, model.Email))
{
return(new UnauthorizedResult());
}
var user = await userManager.FindByNameAsync(model.Username);
if (user != null)
{
// Check user creditentals
if (model.Name.Trim().Equals(user.Name) && model.Email.Trim().Equals(user.Email))
{
await AServices.SendPasswordResetAsync(user);
return(new OkResult());
}
}
return(new UnauthorizedResult());
}
public async Task <IActionResult> ResetPasswordRequest(ResetPasswordRequestViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(RedirectToAction(nameof(ResetPasswordEmailSent)));
}
var passwordResetToken = await _userManager.GeneratePasswordResetTokenAsync(user);
passwordResetToken = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(passwordResetToken));
await _emailService.SendFromDoNotReplyAsync(
user.Email,
"Stack Underflow - Reset Password Request",
Url.ActionLink("ResetPasswordConfirmation", "Account", new { email = model.Email, token = passwordResetToken }));
return(RedirectToAction(nameof(ResetPasswordEmailSent)));
}
public async Task<ActionResult> ResetPasswordRequest(ResetPasswordRequestViewModel model)
{
if (!ModelState.IsValid)
{
return View(model);
}
using (var client = apiClient())
{
ResetPasswordRoute route = externalRouteService.InternalUserResetPasswordRoute;
PasswordResetRequest apiModel = new PasswordResetRequest(model.Email, route);
var result = await client.User.ResetPasswordRequestAsync(apiModel);
if (!result.ValidEmail)
{
ModelState.AddModelError("Email", "Email address not recognised.");
return View(model);
}
ViewBag.Email = model.Email;
return View("ResetPasswordInstruction");
}
}
public IActionResult ResetPassword(ResetPasswordRequestViewModel model)
{
_accountService.ResetPassword(model);
return(Ok(new { message = "Password reset successful, you can now login" }));
}
public IActionResult ResetPasswordRequest()
{
var model = new ResetPasswordRequestViewModel();
return(View(model));
}
