public ActionResult ResetPasswordAuthentication(string userName, string accountEmail)
{
try
{
IWebUserService webUserService = new WebUserService();
string dbPassword = webUserService.GetPassword(userName);
if (string.IsNullOrEmpty(dbPassword))
{
ViewData["ForgotPasswordErrorMessage"] = "No such user name exists.";
}
else
{
Session[UserEmailToSendPassword] = accountEmail;
Response.Redirect("AskSecretQuestion/" + userName, false);
}
}
catch (Exception ex)
{
logger.Error("Excpetion occurred. ", ex);
// Redirect to error page
Response.Redirect("Result/error");
return(null);
}
return(View("ResetPassword"));
}
public ActionResult AskSecretQuestion(FormCollection collection)
{
try
{
IWebUserService webUserService = new WebUserService();
string userName = TempData["username"] as string;
string to = TempData["email"] as string;
string secretQuestion = TempData["secretQuestion"] as string;
string userAnswer = collection["secretAnswer"] as string;
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(to) || string.IsNullOrEmpty(secretQuestion))
{
return(Redirect("ResetPassword"));
}//View("ResetPassword");
bool isValid = webUserService.ConfirmSecretAnswer(userName, userAnswer);
if (isValid)
{
var dbPassword = webUserService.GetPassword(userName);
var emailBody = new StringBuilder();
emailBody.AppendFormat("Dear {0},{1}{1}Your password is:{2}{1}", userName, Environment.NewLine, dbPassword)
.AppendFormat("If you received this as an error or you didn't request your password, please ignore the email and delete it.{0}{0}DiamondD Services.",
Environment.NewLine);
string emailFrom = ConfigurationManager.AppSettings[Email];
string subject = ConfigurationManager.AppSettings[EmailSubject];
var displayName = ConfigurationManager.AppSettings[DisplayName];
SendEmail(displayName, emailFrom, to, subject, emailBody.ToString());
var sb = new StringBuilder();
sb.AppendFormat("Email sent to {0}, with display Name: {1} from email {2} with subject {3}, having body {4}.", to,
displayName, emailFrom, subject, emailBody);
logger.Info(sb.ToString());
ViewData["SecretAnswerSuccessMessage"] = "Password has been sent at your email address";
}
else
{
TempData["username"] = userName;
TempData["email"] = to;
TempData["SecretQuestion"] = secretQuestion;
ViewData["SecretQuestion"] = secretQuestion;
TempData["SecretAnswerErrorMessage"] = "Your answer doesn't match.";
var sb = new StringBuilder();
sb.AppendFormat("Answer doesn't match for userName{0}. Entered answer: {1}", userName, userAnswer);
logger.Info(sb.ToString());
}
}
catch (Exception ex)
{
logger.Error("Exception Occurred while confirming secret answer.", ex);
Response.Redirect(AppHelper.SharedUrl("Result/Error"));
}
return(View());
}
public ActionResult ResetPassword(FormCollection collection)
{
try
{
var userName = collection["userName"];
var accountEmail = collection["accountEmail"];
IWebUserService webUserService = new WebUserService();
string dbPassword = webUserService.GetPassword(userName);
if (string.IsNullOrEmpty(dbPassword))
{
logger.Info("No such user name exsits. UserName: "******", Password: "******"ForgotPasswordErrorMessage"] = "No such user name exists.";
}
else
{
//Session[UserEmailToSendPassword] = accountEmail;
TempData["username"] = userName;
TempData["email"] = accountEmail;
Response.Redirect("AskSecretQuestion?username="******"&email=" + accountEmail);
}
}
catch (Exception ex)
{
var userName = collection["userName"];
var accountEmail = collection["accountEmail"];
var sb = new StringBuilder();
sb.AppendFormat("Excpetion occurred in UserControlle wile resting password for user {0}, email:{1}",
userName, accountEmail);
logger.Error(sb.ToString(), ex);
// Redirect to error page
Response.Redirect(AppHelper.SharedUrl("Result/Error"));
return(null);
}
return(View());
}
public ActionResult SecretQuestionAuthentication(string secretAnswer, string id)
{
IWebUserService webUserService = new WebUserService();
try
{
string userName = id;
bool isValid = webUserService.ConfirmSecretAnswer(userName, secretAnswer);
if (isValid)
{
var smtpPassword = ConfigurationManager.AppSettings[SmtpPassword];
var smtpUserName = ConfigurationManager.AppSettings[SmtpUserName];
var email = ConfigurationManager.AppSettings[Email];
var domain = ConfigurationManager.AppSettings[Domain];
var port = ConfigurationManager.AppSettings[Port];
var displayName = ConfigurationManager.AppSettings[DisplayName];
var emailSubject = ConfigurationManager.AppSettings[EmailSubject];
var mailFrom = email;
var mailTo = Session[UserEmailToSendPassword];
if (mailTo == null)
{
Response.Redirect("ResetPassword");
}
Session.Remove(UserEmailToSendPassword);
var dbPassword = webUserService.GetPassword(userName);
var body = new StringBuilder();
body.AppendFormat("Dear {0},{1}{1}Your password is:{2}{1}", userName, Environment.NewLine, dbPassword)
.AppendFormat("If you received this as an error or you didn't request your password, please ignore the email and delete it.{0}{0}DiamondD Services.",
Environment.NewLine);
var mail = new MailMessage
{
From = new MailAddress(mailFrom, displayName, Encoding.UTF8),
Subject = emailSubject,
SubjectEncoding = Encoding.UTF8,
Body = body.ToString(),
BodyEncoding = Encoding.UTF8,
IsBodyHtml = true,
Priority = MailPriority.Normal
};
mail.To.Add(mailTo.ToString());
var smtpClient = new SmtpClient
{
Credentials = new NetworkCredential(smtpUserName, smtpPassword),
Port = int.Parse(port),
Host = domain
};
smtpClient.Send(mail);
ViewData["SecretAnswerSuccessMessage"] = "Password has been sent at your email address";
}
else
{
ViewData["SecretAnswerErrorMessage"] = "Your answer doesn't match.";
var secretQuestion = webUserService.GetSecretQuestion(userName);
ViewData["SecretQuestion"] = secretQuestion;
Response.Redirect("../AskSecretQuestion/" + id);
}
}
catch (Exception ex)
{
logger.Error("Exception Occurred.", ex);
Response.Redirect("../Result/error");
}
return(View("AskSecretQuestion"));
}