public ActionResult Create([Bind(Include = "GiftItemId,Name,Price,Description,LastUpdated,GiftTypeId")] GiftItem giftItem) { if (ModelState.IsValid) { db.GiftItems.Add(giftItem); db.SaveChanges(); return(RedirectToAction("Index")); } ViewBag.GiftTypeId = new SelectList(db.GiftTypes, "GiftTypeId", "Name", giftItem.GiftTypeId); return(View(giftItem)); }
public async Task <ActionResult> ResetPassword(User user) { // check if modelstate is valid before proceeding //if (ModelState.IsValid) //{ /* * Note(bryanstephens): when the user requests a password reset, a unique key is generated and sent to the requested user's email. * This is done in order to validate the user. A reset password token must be unique, as well as only be valid for request for a * password reset. If the user attempts to to reuse a reset password token, they will encounter an error. */ // #1 ==> generate encrpyt key // RNG ==> cryptographic Random Number Generator RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); //// byte ==> integral type; stores values (8-bit integer) byte[] data = new byte[4]; //// store in byte to then call GetBytes() ==> fills byte array with result of rng rng.GetBytes(data); //// user BitConverter to change byte array into integer int value = BitConverter.ToInt32(data, 0); // #2 ==> assign encrpyt key to database // LINQ ==> SELECT email FROM Password WHERE email = :email var update = (from p in db.Passwords where p.email == user.Password.email select p).FirstOrDefault(); update.passwordReset = value.ToString(); // set reset token // #3 ==> save token to database db.SaveChanges(); /* * Note(bryanstephens): Once a password reset token has been requested, the must be notified of the change. B/c they are unable to log into their account, they will be sent a email (one that is registered in the system) in order to reset their password. Within the email, a link is also sent with the user, which contains a redirect to reset.cs, along with a reset token to authenticate the user's request */ var firstname = db.Users.Where(x => x.Password.email == user.Password.email).FirstOrDefault().firstName; var resetToken = db.Users.Where(x => x.Password.email == user.Password.email).FirstOrDefault().Password.passwordReset; // body of email message var emailBody = "<h3>Password Reset</h3> <p> Sorry to hear you forgot your password " + firstname + ". <a href=http://http5204b-stephensbryan.azurewebsites.net/account/reset?token=" + resetToken + "> click here to reset your password</a>"; // new instance of MailMessage var msg = new MailMessage(); // receipient address msg.To.Add(new MailAddress(user.Password.email)); msg.Subject = "Password Reset"; msg.Body = string.Format(emailBody); // format body of email as html msg.IsBodyHtml = true; // smtp credentials // ***credentials are stored in web.config file under system.net/mailSettings*** using (var smtp = new SmtpClient()) { await smtp.SendMailAsync(msg); ViewBag.Sent = "Please check your email inbox for link to reset your password"; } //} return(View()); }