public ActionResult ForgotPassword(ForgotPasswordModel model)
{
if (ModelState.IsValid)
{
try
{
var account = _userClient.GetAccountByUserName(model.UserName);
if (account == null)
{
TempData[GetMessageTempKey(MessageType.Error)] = new[] { "Such account does not exist in our database".Localize() };
return RedirectToAction("LogOn");
}
if (account.RegisterType == (int)RegisterType.Administrator || account.RegisterType == (int)RegisterType.SiteAdministrator)
{
//The message is tricky in purpose so that no one could guess admins username!!!
TempData[GetMessageTempKey(MessageType.Error)] = new[] { "Such account does not exist in our database".Localize() };
return RedirectToAction("LogOn");
}
//Get reset token
var token = _webSecurity.GeneratePasswordResetToken(model.UserName);
//Collect data
var contact = _userClient.GetCustomer(account.MemberId);
var linkUrl = Url.Action("ResetPassword", "Account", new { token }, Request.Url.Scheme);
var userName = contact != null ? contact.FullName : model.UserName;
//User name can also be an email in most cases
var email = UserHelper.GetCustomerModel(contact).Email ?? model.UserName;
UserHelper.SendEmail(linkUrl, userName, email, "forgot-password",
emailMessage =>
{
//Use default template
emailMessage.Html =
string.Format(
"<b>{0}</b> <br/><br/> To change your password, click on the following link:<br/> <br/> <a href='{1}'>{1}</a> <br/>",
userName,
linkUrl);
emailMessage.Subject = "Reset password";
});
TempData[GetMessageTempKey(MessageType.Success)] = new[] { "The reset password link was generated. Check you email to reset password.".Localize() };
}
catch (Exception ex)
{
TempData[GetMessageTempKey(MessageType.Error)] = new[] { ex.Message };
}
}
return RedirectToAction("LogOn");
}
public ActionResult ForgotPassword(ForgotPasswordModel model)
{
if (ModelState.IsValid)
{
try
{
var account = _userClient.GetAccountByUserName(model.UserName);
if (account == null)
{
TempData[GetMessageTempKey(MessageType.Error)] = new[] { "Such account does not exist in our database".Localize() };
return RedirectToAction("LogOn");
}
if (account.RegisterType == (int)RegisterType.Administrator || account.RegisterType == (int)RegisterType.SiteAdministrator)
{
//The message is tricky in purpose so that no one could guess admins username!!!
TempData[GetMessageTempKey(MessageType.Error)] = new[] { "Such account does not exist in our database".Localize() };
return RedirectToAction("LogOn");
}
//Get reset token
var token = _webSecurity.GeneratePasswordResetToken(model.UserName);
//Collect data
var contact = _userClient.GetCustomer(account.MemberId);
var linkUrl = Url.Action("ResetPassword", "Account", new { token }, Request.Url.Scheme);
var userName = contact != null ? contact.FullName : model.UserName;
//User name can also be an email in most cases
var email = UserHelper.GetCustomerModel(contact).Email ?? model.UserName;
//Get template
var context = new Dictionary<string, object>() { { "ResetPasswordTemplate", new ResetPasswordTemplate { Url = linkUrl, Username = userName } } };
var template = _templateService.ProcessTemplate("forgot-password", context, CultureInfo.CreateSpecificCulture(UserHelper.CustomerSession.Language));
//Create email message
var emailMessage = new EmailMessage();
emailMessage.To.Add(email);
if (template != null)
{
emailMessage.Html = template.Body;
emailMessage.Subject = template.Subject;
}
else
{
//Use default template
emailMessage.Html =
string.Format(
"<b>{0}</b> <br/><br/> To change your password, click on the following link:<br/> <br/> <a href='{1}'>{1}</a> <br/>",
userName,
linkUrl);
emailMessage.Subject = "Reset password";
}
//Send email
_emailService.SendEmail(emailMessage);
TempData[GetMessageTempKey(MessageType.Success)] = new[] { "The reset password link was generated. Check you email to reset password.".Localize() };
}
catch (Exception ex)
{
TempData[GetMessageTempKey(MessageType.Error)] = new[] { ex.Message };
}
}
return RedirectToAction("LogOn");
}