public ActionResult ChangePasswordUnauthenticated(ResetPasswordViewModel model)
{
if (!ModelState.IsValid)
{
return View();
}
var goodUid = db.ResetPasswordRequests.Where(u => u.Guid == model.Code).FirstOrDefault();
if (goodUid.Guid != model.Code)
{
return View(model);
}
var valid = db.ValidateUser(model.Username, model.Email).FirstOrDefault();
if ((model.Password == model.ConfirmPassword) && (valid.Valid != 0))
{
RNGCryptoServiceProvider csprng = new RNGCryptoServiceProvider();
byte[] salt = new byte[SALT_BYTE_SIZE];
csprng.GetBytes(salt);
var hashedPassword = Hash.CreateHash(model.Password, salt);
db.ChangePassword(model.Username, hashedPassword, salt);
return RedirectToAction("Login");
}
else {
ViewBag.Error = "Incorrect Information!";
return View();
}
}
public ActionResult ChangePasswordUnauthenticated(Guid uid)
{
ResetPasswordViewModel model = new ResetPasswordViewModel{
Code = uid
};
var valid = db.ResetPasswordRequests.Where(u => u.Guid == uid).FirstOrDefault();
if (valid.Guid == uid)
{
return View(model);
}
else
{
return RedirectToAction("Login");
}
}