public virtual ActionResult Index(ForgotPasswordViewModel model) { if (!ModelState.IsValid) { return(View("Index")); } var request = new SendInstructionsToResetPasswordRequest() { UserNameOrEmail = model.UserNameOrEmail, IPAddress = Request.UserHostAddress }; var response = _service.SendInstructionsToResetPassword(request); if (!response.IsSuccessful) { ModelState.AddModelError("", response.Message); return(View("Index", model)); } else { return(View("ForgotPasswordSuccessfullyRequested", model)); } }
/// <summary> /// Creates a Password Reset History object recording this reset attempt /// </summary> /// <returns></returns> private SecurityPasswordResetRequest CreateSecurityPasswordResetRequestEntry(SendInstructionsToResetPasswordRequest request, SecurityUser securityUser, ADUser adUser) { string token = Guid.NewGuid().ToString().ToUpper(); var passwordResetRequest = new SecurityPasswordResetRequest() { SecurityUserId = (securityUser == null ? (int?)null : securityUser.SecurityUserId), UserName = (securityUser == null ? adUser.UserName : securityUser.UserName), Token = token, EmailAddress = ((securityUser == null || String.IsNullOrWhiteSpace(securityUser.EmailAddress)) ? adUser.EmailAddress : securityUser.EmailAddress), IPAddress = request.IPAddress, RequestDate = DateTime.Now, ExpirationDate = DateTime.Now.AddHours(24), Processed = false, ProcessDate = null }; _repository.Add <SecurityPasswordResetRequest>(passwordResetRequest); _repository.Commit(); return(passwordResetRequest); }
/// <summary> /// Process the request for a forgotten password from the main forgot password screen. This will lookup the /// user and if found email them a link to reset their password. /// </summary> /// <param name="model"></param> public SendInstructionsToResetPasswordResponse SendInstructionsToResetPassword(SendInstructionsToResetPasswordRequest request) { // //Validate the parameters // if (request == null || String.IsNullOrWhiteSpace(request.UserNameOrEmail)) { return(new SendInstructionsToResetPasswordResponse() { IsSuccessful = false, Message = "An invalid user name or email address was specified." }); } SecurityUser securityUser = null; ADUser adUser = null; // //See if we can reset this users active directory account. We only need to do this //if active directory auth is enabled, if AD users are allowed to reset their password, //and we are not storing the users in the SecurityUser table. // if (ApplicationService.Instance.FormsAuthenticationADEnabled && ApplicationService.Instance.ForgotPasswordResetAllowedForADUser && adUser == null && securityUser == null ) { // //Try to find by username first // adUser = new ADUser(request.UserNameOrEmail); // //If not found, try to find by email address // if (!adUser.ValidUser) { var searchFilter = adUser.GetUserSearchFilterByEmailAddress(request.UserNameOrEmail); adUser.PopulateUserInformation(searchFilter); } //Ensure we clear the record if we dont have a valid AD user if (!adUser.ValidUser) { adUser = null; } // //Get the security user record if we have security user records for AD users // else { if (ApplicationService.Instance.FormsAuthenticationCreateSecurityUserRecordOnADAuth) { securityUser = _repository.GetAll <SecurityUser>() .FirstOrDefault(p => p.ActiveDirectoryGuid == adUser.ObjectGuid); } } } // //Then try to find the user by their SecurityUser table record // if (ApplicationService.Instance.FormsAuthenticationSecurityUserTableEnabled && adUser == null && securityUser == null) { // //First try lookup only by userid //Check the security user table first // var securityUsers = _repository.GetAll <SecurityUser>().Where(p => p.UserName.Equals(request.UserNameOrEmail)); //If no match found, try lookup by email address if (!securityUsers.Any()) { securityUsers = _repository.GetAll <SecurityUser>() .Where(p => p.EmailAddress.Equals(request.UserNameOrEmail)); } // //If there is more than one result, we cannot reset the password // if (securityUsers.Count() > 1) { return(new SendInstructionsToResetPasswordResponse() { IsSuccessful = false, Message = "Multiple records were found with the supplied username or email, your password cannot be reset. Please contact support to have your password reset." }); } securityUser = securityUsers.FirstOrDefault(); } // //Now ensure we can continue with the password reset // // var canUserPasswordBeChangedRequest = new CanUserPasswordBeChangedRequest() { SecurityUser = securityUser, ADUser = adUser }; var canUserPasswordBeChangedResponse = _passwordService.CanUserPasswordBeChanged(canUserPasswordBeChangedRequest); if (!canUserPasswordBeChangedResponse.IsSuccessful) { return(new SendInstructionsToResetPasswordResponse() { IsSuccessful = false, Message = "That username or email address cannot have it's password reset. Please contact support to have your password reset." }); } // //Ensure the user has an email address // if ((securityUser == null || String.IsNullOrWhiteSpace(securityUser.EmailAddress)) && (adUser == null || String.IsNullOrWhiteSpace(adUser.EmailAddress))) { return(new SendInstructionsToResetPasswordResponse() { IsSuccessful = false, Message = "That username or email address cannot have it's password reset as it has no email on file. Please contact support to have your password reset." }); } // //Create the password reset entry // var passwordResetRequest = CreateSecurityPasswordResetRequestEntry(request, securityUser, adUser); // //Send the password reset email // var sendForgotPasswordEmailRequest = new SendForgotPasswordEmailRequest() { SecurityUser = securityUser, ADUser = adUser, SecurityPasswordResetRequest = passwordResetRequest }; var sendForgotPasswordEmailResponse = SendForgotPasswordEmail(sendForgotPasswordEmailRequest); if (!sendForgotPasswordEmailResponse.IsSuccessful) { return(new SendInstructionsToResetPasswordResponse() { IsSuccessful = false, Message = sendForgotPasswordEmailResponse.Message }); } // //Request was successful // return(new SendInstructionsToResetPasswordResponse() { IsSuccessful = true, Message = null }); }