public ActionResult ForgetPassword(string email, string checkCode) { var result = FCJsonResult.UnknowFail; var cacheKey = CacheKey.USER_RESEND_ACTIVE_EMAIL + email.ToLower(); if (!email.NullSafe().Trim().IsEmail()) { return Json(FCJsonResult.CreateFailResult(this.Lang("Unable to locate an account with that email address"))); } if (!Config.Debug) { DateTime lastSendEmailTime; if (Cache.TryGet<DateTime>(cacheKey, out lastSendEmailTime)) { if (lastSendEmailTime.AddMinutes(15) > DateTime.Now) return Json(FCJsonResult.CreateFailResult(this.Lang("Send email too frequently, please try again 15 minutes later."))); } } var user = IoC.Resolve<IUserQuery>().GetUserByEmail(email.NullSafe().Trim()); if (!this.CheckImageCode(checkCode, CaptchaType.ForgetPassword)) result = FCJsonResult.CreateFailResult(this.Lang("Cpatcha error.")); else if (user == null) return Json(FCJsonResult.CreateFailResult(this.Lang("Unable to locate an account with that email address"))); else if (user.IsBindGA || !string.IsNullOrEmpty(user.Mobile)) { var hash = Guid.NewGuid().Shrink(); Session["resetLoginPwdHash"] = hash; Session["resetUserID"] = user.UserID; ViewData["resetPwdHash"] = hash; this.KeepCurrentUserInfoInTmpAndReturnHash(user); return Json(new { Code = 2, Hash = hash }); } else { try { var cmd = new UserForgetPassword(user.UserID); this.CommandBus.Send(cmd); Cache.Add(cacheKey, DateTime.Now); result = FCJsonResult.CreateSuccessResult(this.Lang("Please confirm the password reset via email.")); } catch (CommandExecutionException ex) { Cache.Remove(cacheKey); Log.Error("Action forgetPassword Error", ex); } } return Json(result); }
public ActionResult ForgetTradePassword() { var result = FCJsonResult.UnknowFail; if (/*this.CurrentUser.IsBindGA ||*/ !string.IsNullOrEmpty(this.CurrentUser.Mobile)) { var hash = Guid.NewGuid().Shrink(); Session["resetTradePwdHash"] = hash; ViewData["resetTradePwdHash"] = hash; return Json(new { Code = 2, Hash = hash }); } else if (this.CurrentUser.IsVerifyEmail) { var cacheKey = CacheKey.USER_RESEND_ACTIVE_EMAIL + this.CurrentUser.Email.ToLower(); if (!Config.Debug) { DateTime lastSendEmailTime; if (Cache.TryGet<DateTime>(cacheKey, out lastSendEmailTime)) { if (lastSendEmailTime.AddMinutes(15) > DateTime.Now) return Json(FCJsonResult.CreateFailResult(this.Lang("Send email too frequently, please try again 15 minutes later."))); } } try { var cmd = new UserForgetPassword(this.CurrentUser.UserID); this.CommandBus.Send(cmd); Cache.Add(cacheKey, DateTime.Now); result = FCJsonResult.CreateSuccessResult(this.Lang("Please confirm the trade password reset via email.")); } catch (CommandExecutionException ex) { Cache.Remove(cacheKey); Log.Error("Action forgetPassword Error", ex); } } else result = FCJsonResult.CreateFailResult(this.Lang("Please verify your email or enable Google/Sms Authenticator first.")); return Json(result); }
public void TestTokenUse() { #region 生成token var userID = new Random().Next(1, 10); var email = "email" + userID + "@11.com"; var resetPasswordCmd = new UserForgetPassword(userID); var resetTradePasswordCmd = new UserForgetTradePassword(userID); var user = IoC.Resolve<IUserRepository>().FindById<User>(userID); var oldPasswordToken = user.Membership.PasswordResetToken; var oldTradePasswordToken = user.Membership.TradePasswordResetToken; Assert.DoesNotThrow(delegate { this.commandBus.Send(resetPasswordCmd); }); Assert.DoesNotThrow(delegate { this.commandBus.Send(resetTradePasswordCmd); }); Assert.DoesNotThrow(delegate { this.commandBus.Send(resetPasswordCmd); }); Assert.DoesNotThrow(delegate { this.commandBus.Send(resetTradePasswordCmd); }); #endregion bool exist = false; var tokenID = 0; while (!exist) { tokenID = new Random().Next(1, 10); var existToken = IoC.Resolve<IRepository>().FindById<Token>(tokenID); exist = existToken != null && !existToken.IsUsed; } var tokenUse = new TokenUse(tokenID); Assert.DoesNotThrow(delegate { this.commandBus.Send(tokenUse); }); var ex = Assert.Throws<CommandExecutionException>(delegate { this.commandBus.Send(tokenUse); }); Assert.Equal(ex.ErrorCode, (int)ErrorCode.TokenIsUsedOrTimeOut); var token = IoC.Resolve<IRepository>().FindById<Token>(tokenID); Assert.True(token.IsUsed); }
public void TestUserResetPasswordAndTradePassword() { var userID = new Random().Next(1, 10); var email = "email" + userID + "@11.com"; var resetPasswordCmd = new UserForgetPassword(userID); var resetTradePasswordCmd = new UserForgetTradePassword(userID); var user = IoC.Resolve<IUserRepository>().FindById<User>(userID); var oldPasswordToken = user.Membership.PasswordResetToken; var oldTradePasswordToken = user.Membership.TradePasswordResetToken; Assert.DoesNotThrow(delegate { this.commandBus.Send(resetPasswordCmd); }); Assert.DoesNotThrow(delegate { this.commandBus.Send(resetTradePasswordCmd); }); Assert.DoesNotThrow(delegate { this.commandBus.Send(resetPasswordCmd); }); Assert.DoesNotThrow(delegate { this.commandBus.Send(resetTradePasswordCmd); }); var userSaved = IoC.Resolve<IUserRepository>().FindById<User>(userID); Assert.NotEqual(oldPasswordToken, userSaved.Membership.PasswordResetToken); Assert.NotEqual(oldTradePasswordToken, userSaved.Membership.TradePasswordResetToken); }