public async Task <ActionResult> ResetPassword(UserViewModel userViewModel) { if (ModelState.IsValid) { var user = await UserManager.FindByNameAsync(userViewModel.Email); if (user == null || !(await UserManager.IsEmailConfirmedAsync(user.Id))) { // Don't reveal that the user does not exist or is not confirmed return(View(userViewModel)); } var code = await UserManager.GeneratePasswordResetTokenAsync(user.Id); var callbackUrl = Url.Action("ResetPassword", "Account", new { UserId = user.Id, code = code }, protocol: Request.Url.Scheme); string tempPwd = Membership.GeneratePassword(8, 2); SHA256PasswordHasher pwdHasher = new SHA256PasswordHasher(); user.TempPassword = pwdHasher.HashPassword(tempPwd); IdentityResult result = await UserManager.UpdateAsync(user); await UserManager.SendEmailAsync( user.Id, "Reset Password By Admin", string.Format(EmailTemplates.ResetPasswordTemplate, userViewModel.FirstName + " " + userViewModel.LastName, tempPwd, "<a href=\"" + callbackUrl + "\">link</a>")); return(RedirectToAction("Index")); } return(View(userViewModel)); }
public async Task <ActionResult> ResetPassword(ResetPasswordViewModel model) { if (!ModelState.IsValid) { return(View(model)); } var user = await UserManager.FindByNameAsync(model.Email); if (user == null) { // Don't reveal that the user does not exist return(RedirectToAction("ResetPasswordConfirmation", "Account")); } SHA256PasswordHasher hasher = new SHA256PasswordHasher(); if (hasher.VerifyHashedPassword(user.TempPassword, model.TemporaryPassword) == PasswordVerificationResult.Failed) { return(View()); } var result = await UserManager.ResetPasswordAsync(user.Id, model.Code, model.Password); if (result.Succeeded) { user = db.Users.Find(user.Id); user.TempPassword = null; db.Entry(user).State = EntityState.Modified; db.SaveChanges(); return(RedirectToAction("ResetPasswordConfirmation", "Account")); } AddErrors(result); return(View()); }
public async Task<ActionResult> ResetPassword(UserViewModel userViewModel) { if (ModelState.IsValid) { var user = await UserManager.FindByNameAsync(userViewModel.Email); if (user == null || !(await UserManager.IsEmailConfirmedAsync(user.Id))) { // Don't reveal that the user does not exist or is not confirmed return View(userViewModel); } var code = await UserManager.GeneratePasswordResetTokenAsync(user.Id); var callbackUrl = Url.Action("ResetPassword", "Account", new { UserId = user.Id, code = code }, protocol: Request.Url.Scheme); string tempPwd = Membership.GeneratePassword(8, 2); SHA256PasswordHasher pwdHasher = new SHA256PasswordHasher(); user.TempPassword = pwdHasher.HashPassword(tempPwd); IdentityResult result = await UserManager.UpdateAsync(user); await UserManager.SendEmailAsync( user.Id, "Reset Password By Admin", string.Format(EmailTemplates.ResetPasswordTemplate, userViewModel.FirstName + " " + userViewModel.LastName, tempPwd, "<a href=\"" + callbackUrl + "\">link</a>")); return RedirectToAction("Index"); } return View(userViewModel); }
public async Task<ActionResult> ResetPassword(ResetPasswordViewModel model) { if (!ModelState.IsValid) { return View(model); } var user = await UserManager.FindByNameAsync(model.Email); if (user == null) { // Don't reveal that the user does not exist return RedirectToAction("ResetPasswordConfirmation", "Account"); } SHA256PasswordHasher hasher = new SHA256PasswordHasher(); if(hasher.VerifyHashedPassword(user.TempPassword,model.TemporaryPassword) == PasswordVerificationResult.Failed) { return View(); } var result = await UserManager.ResetPasswordAsync(user.Id, model.Code, model.Password); if (result.Succeeded) { user = db.Users.Find(user.Id); user.TempPassword = null; db.Entry(user).State = EntityState.Modified; db.SaveChanges(); return RedirectToAction("ResetPasswordConfirmation", "Account"); } AddErrors(result); return View(); }