Inheritance: INotifyPropertyChanging, INotifyPropertyChanged
示例#1
0
        public ActionResult SendRecovery(string email)
        {
            IPBanner.AttemptedToSendRecoveryEmail(Current.RemoteIP);

            var user = Models.User.FindUserByEmail(email);

            if (user == null) return RecoverableError("No account with that email was found", new { email });

            var now = Current.Now;
            var token = Current.UniqueId().ToString();
            var toInsert =
                new PasswordReset
                {
                    CreationDate = now,
                    TokenHash = Current.WeakHash(token),
                    UserId = user.Id
                };

            Current.WriteDB.PasswordResets.InsertOnSubmit(toInsert);
            Current.WriteDB.SubmitChanges();

            var toReset =
                SafeRedirect(
                    (Func<string, string, string, ActionResult>)NewPassword,
                    new { token }
                );

            var resetLink = Current.Url(toReset.Url);

            if (!Current.Email.SendEmail(email, Email.Template.ResetPassword, new { RecoveryLink = resetLink.AsLink() }))
            {
                return IrrecoverableError("An error occurred sending the email", "This has been recorded, and will be looked into shortly");
            }

            return SuccessEmail("Password Recovery Email Sent to " + email, "Check your email for the link to reset your password.");
        }
示例#2
0
        /// <summary>
        /// Repeated logic from SetNewPassword.
        /// 
        /// Pass it a resetToken to destroy on success (if user is anonymous).
        /// 
        /// Returns null if everything is OK, and an ActionResult if an error occurred.
        /// </summary>
        private ActionResult ChangePasswordAndSendEmail(string password, string password2, string token, PasswordReset resetToken, User user, DateTime now)
        {
            string message;
            if (!Password.CheckPassword(password, password2, user.Email, user.VanityProviderId, user.ProviderId, out message))
                return RecoverableError(message, new { token });

            user.ChangePassword(now, password);

            if (resetToken != null)
            {
                Current.WriteDB.PasswordResets.DeleteOnSubmit(resetToken);
            }

            Current.WriteDB.SubmitChanges();

            var account = SafeRedirect((Func<ActionResult>)(new UserController()).ViewUser);

            if (!Current.Email.SendEmail(user.Email, Email.Template.PasswordChanged, new { AccountLink = Current.Url(account.Url).AsLink() }))
            {
                return IrrecoverableError("An error occurred sending the email", "This has been recorded, and will be looked into shortly");
            }

            return null;
        }
示例#3
0
 partial void DeletePasswordReset(PasswordReset instance);
示例#4
0
 partial void UpdatePasswordReset(PasswordReset instance);
示例#5
0
 partial void InsertPasswordReset(PasswordReset instance);
        public ActionResult TrustedPasswordRecovery(string email, string emailTemplate, string emailSubject, string callback)
        {
            if (!CurrentAffiliate.IsTrusted) return NotFound();

            if (!Models.User.IsValidEmail(ref email))
            {
                return ApiFailure("Invalid email [" + email + "]");
            }

            var user = Models.User.FindUserByEmail(email);

            if (user == null)
            {
                return ApiFailure("No user found with email [" + email + "]", (int)HttpStatusCode.NotFound);
            }

            var now = Current.Now;
            var token = Current.UniqueId().ToString();
            var toInsert =
                new PasswordReset
                {
                    CreationDate = now,
                    TokenHash = Current.WeakHash(token),
                    UserId = user.Id
                };

            Current.WriteDB.PasswordResets.InsertOnSubmit(toInsert);
            Current.WriteDB.SubmitChanges();

            var toReset = callback;

            if (toReset.Contains("?"))
            {
                toReset += "&resetToken=" + HttpUtility.UrlEncode(token);
            }
            else
            {
                toReset += "?resetToken=" + HttpUtility.UrlEncode(token);
            }

            if (!Current.Email.SendEmail(email, emailTemplate, emailSubject, new { RecoveryLink = toReset }))
            {
                return ApiFailure("An error occurred sending the email");
            }

            return ApiSuccess();
        }
        public ActionResult AccountRecovery(string callback, string email)
        {
            if (!CurrentAffiliate.IsValidCallback(callback)) return GenericSecurityError();

            Uri callbackUri;
            if(!Uri.TryCreate(callback, UriKind.Absolute, out callbackUri)) return GenericSecurityError();

            var user = Models.User.FindUserByEmail(email);

            if (user == null) return UnexpectedState("Recovering an account that does not exist");

            // Don't allow just any affiliate to send these e-mails, only those that the user has
            //   auth'd to sometime in the past.
            if (!user.HasGrantedAuthorization(callbackUri.Host)) return GenericSecurityError();

            var now = Current.Now;
            var token = Current.UniqueId().ToString();
            var toInsert =
                new PasswordReset
                {
                    CreationDate = now,
                    TokenHash = Current.WeakHash(token),
                    UserId = user.Id
                };

            Current.WriteDB.PasswordResets.InsertOnSubmit(toInsert);
            Current.WriteDB.SubmitChanges();

            var authCode = Current.MakeAuthCode(new { token, callback });

            var toReset =
                SafeRedirect
                (
                    (Func<string, string, string, ActionResult>)(new AccountController()).NewPassword,
                    new
                    {
                        token,
                        authCode,
                        callback
                    }
                );

            var resetLink = Current.Url(toReset.Url);

            var affiliateLink = callbackUri.Scheme + "://" + callbackUri.Host;
            var affiliateName = callbackUri.Host;

            var deAuthCode = Current.MakeAuthCode(new { email, affHost = callbackUri.Host });

            var toDeAuth =
                SafeRedirect
                (
                    (Func<string, string, string, ActionResult>)(new AccountController()).DeAuthAffiliate,
                    new
                    {
                        email,
                        affHost = callbackUri.Host,
                        authCode = deAuthCode
                    }
                );

            var deAuthLink = Current.Url(toDeAuth.Url);

            if (!Current.Email.SendEmail(email, Email.Template.ResetPasswordAffiliate, new { RecoveryLink = resetLink.AsLink(), AffiliateLink = affiliateLink.AsLink(), AffiliateName = affiliateName, DeAuthLink = deAuthLink.AsLink() }))
            {
                return IrrecoverableError("Could not send email", "This error has been logged");
            }

            return SuccessEmail("Email sent to " + email, "Check your email and follow the link to recover your account");
        }