public static PasswordResetToken Create(User user) { PasswordResetToken resetToken = new PasswordResetToken(); resetToken.User = user; resetToken.Token = Guid.NewGuid().ToString(); resetToken.IsActive = true; return(resetToken); }
public bool ResetPasswordFromToken(PasswordResetRequest resetRequest) { bool isPasswordReset = false; Debug.WriteLine("Attempt to reset password for token {0}", resetRequest.Token); if (resetRequest.IsValid()) { Debug.WriteLine("Token is verified to be valid {0}", resetRequest.Token); var exp = PredicateBuilder.Create <PasswordResetToken>(t => t.Token.ToLower() == resetRequest.Token.ToLower() && t.IsActive == true); PasswordResetToken token = Repository.Get <PasswordResetToken>(exp); if (token != null) { if (DateTime.UtcNow.Subtract(token.CreatedDate).TotalHours <= 24) { User user = token.User; user.Salt = Guid.NewGuid().ToString().Substring(0, 5); user.Password = HashProvider.CreateHash(user.Salt + resetRequest.NewPassword); Util.SetCredentials(user); Repository.Save <User>(user); //Make the token inactive to prevent repate usage token.IsActive = false; Repository.Save <PasswordResetToken>(token); Log.Info(String.Format("Password reset successfully for token {0}/userid:{1}", token.Token, user.Id)); } else { Log.Error(String.Format("Attempt to reset password using expired token {0}", resetRequest.Token)); throw new Exception("Expired reset token"); } } else { var excp = new Exception("Invalid token or token has already expired"); Log.Fatal("Invalid Password Reset Token", excp); throw excp; } } return(isPasswordReset); }
public bool IsPasswordRequestTokenValid(string token) { bool isPasswordRequestValid = false; var exp = PredicateBuilder.Create <PasswordResetToken>(t => t.Token.ToLower() == token.ToLower() && t.IsActive == true); PasswordResetToken resetToken = Repository.Get <PasswordResetToken>(exp); if (resetToken != null) { if (DateTime.UtcNow.Subtract(resetToken.CreatedDate).TotalHours <= 24) { isPasswordRequestValid = true; } } return(isPasswordRequestValid); }
public bool RequestPasswordReset(string email) { bool isPasswordResetLinkSent = false; Util.SetAnonymousCredentials(); var emailExp = PredicateBuilder.Create <User>(d => d.IsActive == true && d.DeletedDate == null && d.DeletedUser == null && d.Email.ToLower() == email.ToLower()); var user = Repository.Get <User>(emailExp); if (user != null) { PasswordResetToken token = PasswordResetToken.Create(user); token = Repository.Save <PasswordResetToken>(token); //Sent confirmation mail to the suer string subject = "Action required: Reset your password"; emailService.Sent("PasswordReset", subject, user.Email, new { User = user, Token = token, Domain = Application.GetSettings(SettingType.GENERAL).RootDomain.ToString(), AppName = Application.GetSettings(SettingType.GENERAL).ApplicationName.ToString() }); isPasswordResetLinkSent = true; } else { throw new Exception("Sorry, But we could not find any records for the given email address."); } return(isPasswordResetLinkSent); }