public ActionResult ResetPassword(PhysicianResetPasswordViewModel model) { if (!ModelState.IsValid) { return View(model); } ApplicationUser user = UserManager.FindByName(model.Username); // Find patient user in the database string pwToken = UserManager.GeneratePasswordResetToken(user.Id); // Generate password reset token var result = UserManager.ResetPassword(user.Id, pwToken, model.Password); // Reset the patient's password if (result.Succeeded) { return Redirect("/Account/LoginRedirect"); } foreach (string errorMsg in result.Errors) { ModelState.AddModelError("", "Error changing password: " + errorMsg); } return View(model); }
/// <summary> /// This function resets the password for a patient /// </summary> /// <param name="username">Username of the patient</param> /// <returns></returns> public ActionResult ResetPassword(string username) { PhysicianResetPasswordViewModel model = new PhysicianResetPasswordViewModel(); if (username == null) { model.Username = "******"; ModelState.AddModelError("", "ERROR: Username is null."); return View(model); } model.Username = username; Patient patient = _patientService.GetPatient(UserManager.FindByName(username).PatientId); Physician physician = _physicianService.GetPhysician(UserManager.FindByName(User.Identity.Name).PhysicianId); if (!PatientBelongsToPhysician(patient, physician)) { ModelState.AddModelError("", "ERROR: You do not have permission to reset this patient's password."); return View(model); } return View(model); }