Password reset
This commit is contained in:
@@ -1,4 +1,8 @@
|
||||
using System.Web.Mvc;
|
||||
using Hangfire;
|
||||
using LeafWeb.WebCms.Models;
|
||||
using LeafWeb.WebCms.Services;
|
||||
using MlkPwgen;
|
||||
using Umbraco.Core;
|
||||
|
||||
namespace LeafWeb.WebCms.Controllers
|
||||
@@ -23,7 +27,7 @@ namespace LeafWeb.WebCms.Controllers
|
||||
}
|
||||
else
|
||||
{
|
||||
var storedToken = member.GetValue("VerificationToken") as string;
|
||||
var storedToken = member.GetValue<string>(LeafWebMemberProperties.VerificationToken);
|
||||
|
||||
if (string.IsNullOrEmpty(storedToken))
|
||||
{
|
||||
@@ -41,7 +45,7 @@ namespace LeafWeb.WebCms.Controllers
|
||||
member.IsApproved = true;
|
||||
|
||||
// remove the verification
|
||||
member.SetValue("VerificationToken", string.Empty);
|
||||
member.SetValue(LeafWebMemberProperties.VerificationToken, string.Empty);
|
||||
memberService.Save(member);
|
||||
|
||||
TempData["StatusMessage"] = "Thank you! Your email is now verified at " + member.Email;
|
||||
@@ -53,5 +57,137 @@ namespace LeafWeb.WebCms.Controllers
|
||||
|
||||
return Redirect(redirectUrl);
|
||||
}
|
||||
|
||||
public ActionResult PasswordResetRequest()
|
||||
{
|
||||
var viewModel = new PasswordResetRequestForm();
|
||||
return PartialView("PasswordResetRequest", viewModel);
|
||||
}
|
||||
|
||||
[HttpPost]
|
||||
public ActionResult PasswordResetRequest(PasswordResetRequestForm requestForm)
|
||||
{
|
||||
if (!ModelState.IsValid)
|
||||
return CurrentUmbracoPage();
|
||||
|
||||
var memberService = ApplicationContext.Current.Services.MemberService;
|
||||
var member = memberService.GetByEmail(requestForm.Email);
|
||||
if (member == null)
|
||||
{
|
||||
// Send notification of attempt to change
|
||||
BackgroundJob.Enqueue<EmailNotificationService>(
|
||||
e => e.SendPasswordResetNotMemberEmail(requestForm.Email));
|
||||
}
|
||||
else
|
||||
{
|
||||
var token = PasswordGenerator.Generate(12, allowed: "0123456789");
|
||||
member.SetValue(LeafWebMemberProperties.PasswordResetToken, token);
|
||||
memberService.Save(member);
|
||||
|
||||
// Send Email
|
||||
BackgroundJob.Enqueue<EmailNotificationService>(
|
||||
e => e.SendPasswordResetEmail(member.Email));
|
||||
}
|
||||
|
||||
// don't acknowledge their email address
|
||||
TempData["StatusMessage"] =
|
||||
$"An email has been sent to {requestForm.Email} with instructions on how to reset your password.";
|
||||
TempData["StatusMessage-Type"] = "alert-success";
|
||||
|
||||
return Redirect("/");
|
||||
}
|
||||
|
||||
public ActionResult PasswordReset(string email, string token)
|
||||
{
|
||||
var errorMsg = $"Sorry, a valid password reset was not found for user {email}. " +
|
||||
$"Please try resetting again, " +
|
||||
$"or use Contact Us if the issue persists.";
|
||||
|
||||
if (!string.IsNullOrEmpty(email) && !string.IsNullOrEmpty(token))
|
||||
{
|
||||
|
||||
var memberService = ApplicationContext.Current.Services.MemberService;
|
||||
var member = memberService.GetByEmail(email);
|
||||
if (member == null)
|
||||
{
|
||||
// don't acknowledge their email address
|
||||
TempData["StatusMessage"] = errorMsg;
|
||||
TempData["StatusMessage-Type"] = "alert-danger";
|
||||
}
|
||||
else
|
||||
{
|
||||
var storedToken = member.GetValue<string>(LeafWebMemberProperties.PasswordResetToken);
|
||||
|
||||
if (string.IsNullOrEmpty(storedToken))
|
||||
{
|
||||
TempData["StatusMessage"] = errorMsg;
|
||||
TempData["StatusMessage-Type"] = "alert-danger";
|
||||
}
|
||||
else if (storedToken != token)
|
||||
{
|
||||
TempData["StatusMessage"] = errorMsg;
|
||||
TempData["StatusMessage-Type"] = "alert-danger";
|
||||
}
|
||||
else
|
||||
{
|
||||
var viewModel = new PasswordResetForm {Email = email, PasswordResetToken = token};
|
||||
return PartialView(viewModel);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return PasswordResetRequest();
|
||||
}
|
||||
|
||||
[HttpPost]
|
||||
public ActionResult PasswordReset(PasswordResetForm form)
|
||||
{
|
||||
var redirectUrl = "/";
|
||||
|
||||
var errorMsg = $"Sorry, a valid password reset was not found for user {form.Email}. " +
|
||||
$"Please try resetting again, " +
|
||||
$"or use Contact Us if the issue persists.";
|
||||
|
||||
if (ModelState.IsValid)
|
||||
{
|
||||
var memberService = ApplicationContext.Current.Services.MemberService;
|
||||
var member = memberService.GetByEmail(form.Email);
|
||||
if (member == null)
|
||||
{
|
||||
// don't acknowledge their email address
|
||||
TempData["StatusMessage"] = errorMsg;
|
||||
TempData["StatusMessage-Type"] = "alert-danger";
|
||||
}
|
||||
else
|
||||
{
|
||||
var storedToken = member.GetValue<string>(LeafWebMemberProperties.PasswordResetToken);
|
||||
if (string.IsNullOrEmpty(storedToken))
|
||||
{
|
||||
TempData["StatusMessage"] = errorMsg;
|
||||
TempData["StatusMessage-Type"] = "alert-danger";
|
||||
}
|
||||
else if (storedToken != form.PasswordResetToken)
|
||||
{
|
||||
TempData["StatusMessage"] = errorMsg;
|
||||
TempData["StatusMessage-Type"] = "alert-danger";
|
||||
}
|
||||
else
|
||||
{
|
||||
memberService.SavePassword(member, form.Password);
|
||||
|
||||
// remove the token
|
||||
member.SetValue(LeafWebMemberProperties.PasswordResetToken, string.Empty);
|
||||
memberService.Save(member);
|
||||
|
||||
TempData["StatusMessage"] = "Password updated for " + member.Email + ", use your new password to login.";
|
||||
TempData["StatusMessage-Type"] = "alert-success";
|
||||
|
||||
redirectUrl = "membership/login";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return Redirect(redirectUrl);
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user