public ActionResult AskSecretQuestion()
{
try
{
IWebUserService webUserService = new WebUserService();
string username = Request.Params["username"];
string email = Request.Params["email"];
logger.Info("(AskSecretQuestion case) username:"******", email:" + email);
if (string.IsNullOrEmpty(username))
{
logger.Warn("username was null or empty userName: "******"ResetPassword");
}
string secretQuestion = webUserService.GetSecretQuestion(username);
if (secretQuestion == null)
{
logger.Warn("secretQuestion was null for userName: "******"username"] = username;
TempData["email"] = email;
TempData["secretQuestion"] = secretQuestion;
ViewData["secretQuestion"] = secretQuestion;
}
catch (Exception ex)
{
logger.Error("Exception occurred while getting secret question.", ex);
Response.Redirect(AppHelper.SharedUrl("Result/Error"));
}
return(View());
}
public ActionResult AskSecretQuestion(string id)
{
string secretQuestion = "";
IWebUserService webUserService = new WebUserService();
if (string.IsNullOrEmpty(id))
{
Response.Redirect("ResetPassword");
}
try
{
secretQuestion = webUserService.GetSecretQuestion(id);
ViewData["SecretQuestion"] = secretQuestion;
ViewData["UserName"] = id;
}
catch (Exception ex)
{
logger.Error("Exception occurred while getting secret question.", ex);
Response.Redirect("Result/error");
}
return(View());
}
public ActionResult SecretQuestionAuthentication(string secretAnswer, string id)
{
IWebUserService webUserService = new WebUserService();
try
{
string userName = id;
bool isValid = webUserService.ConfirmSecretAnswer(userName, secretAnswer);
if (isValid)
{
var smtpPassword = ConfigurationManager.AppSettings[SmtpPassword];
var smtpUserName = ConfigurationManager.AppSettings[SmtpUserName];
var email = ConfigurationManager.AppSettings[Email];
var domain = ConfigurationManager.AppSettings[Domain];
var port = ConfigurationManager.AppSettings[Port];
var displayName = ConfigurationManager.AppSettings[DisplayName];
var emailSubject = ConfigurationManager.AppSettings[EmailSubject];
var mailFrom = email;
var mailTo = Session[UserEmailToSendPassword];
if (mailTo == null)
{
Response.Redirect("ResetPassword");
}
Session.Remove(UserEmailToSendPassword);
var dbPassword = webUserService.GetPassword(userName);
var body = new StringBuilder();
body.AppendFormat("Dear {0},{1}{1}Your password is:{2}{1}", userName, Environment.NewLine, dbPassword)
.AppendFormat("If you received this as an error or you didn't request your password, please ignore the email and delete it.{0}{0}DiamondD Services.",
Environment.NewLine);
var mail = new MailMessage
{
From = new MailAddress(mailFrom, displayName, Encoding.UTF8),
Subject = emailSubject,
SubjectEncoding = Encoding.UTF8,
Body = body.ToString(),
BodyEncoding = Encoding.UTF8,
IsBodyHtml = true,
Priority = MailPriority.Normal
};
mail.To.Add(mailTo.ToString());
var smtpClient = new SmtpClient
{
Credentials = new NetworkCredential(smtpUserName, smtpPassword),
Port = int.Parse(port),
Host = domain
};
smtpClient.Send(mail);
ViewData["SecretAnswerSuccessMessage"] = "Password has been sent at your email address";
}
else
{
ViewData["SecretAnswerErrorMessage"] = "Your answer doesn't match.";
var secretQuestion = webUserService.GetSecretQuestion(userName);
ViewData["SecretQuestion"] = secretQuestion;
Response.Redirect("../AskSecretQuestion/" + id);
}
}
catch (Exception ex)
{
logger.Error("Exception Occurred.", ex);
Response.Redirect("../Result/error");
}
return(View("AskSecretQuestion"));
}
