193 lines
7.6 KiB
C#
193 lines
7.6 KiB
C#
using System.Web.Mvc;
|
|
using Hangfire;
|
|
using LeafWeb.WebCms.Models;
|
|
using LeafWeb.WebCms.Services;
|
|
using MlkPwgen;
|
|
using Umbraco.Core;
|
|
|
|
namespace LeafWeb.WebCms.Controllers
|
|
{
|
|
public class MembershipController : BaseController
|
|
{
|
|
public ActionResult Verify(string email, string token)
|
|
{
|
|
var redirectUrl = "/";
|
|
|
|
var memberService = ApplicationContext.Current.Services.MemberService;
|
|
var member = memberService.GetByEmail(email);
|
|
if (member == null)
|
|
{
|
|
TempData["StatusMessage"] = $"Sorry, user with email {email} not found. Please try to register again, or use Contact Us to resolve the issue.";
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else if (member.IsApproved)
|
|
{
|
|
TempData["StatusMessage"] = "You've already been verified, " + member.Name;
|
|
TempData["StatusMessage-Type"] = "alert-info";
|
|
}
|
|
else
|
|
{
|
|
var storedToken = member.GetValue<string>(LeafWebMemberProperties.VerificationToken);
|
|
|
|
if (string.IsNullOrEmpty(storedToken))
|
|
{
|
|
TempData["StatusMessage"] = $"No verification token exists for this user.";
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else if (storedToken != token)
|
|
{
|
|
TempData["StatusMessage"] = $"Sorry, your token cannot be found. Please try to register again, or use Contact Us to resolve the issue.";
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else
|
|
{
|
|
// member is now verified
|
|
member.IsApproved = true;
|
|
|
|
// remove the verification
|
|
member.SetValue(LeafWebMemberProperties.VerificationToken, string.Empty);
|
|
memberService.Save(member);
|
|
|
|
TempData["StatusMessage"] = "Thank you! Your email is now verified at " + member.Email;
|
|
TempData["StatusMessage-Type"] = "alert-success";
|
|
|
|
// TODO: change redirectUrl to their own page
|
|
}
|
|
}
|
|
|
|
return Redirect(redirectUrl);
|
|
}
|
|
|
|
public ActionResult PasswordResetRequest()
|
|
{
|
|
var viewModel = new PasswordResetRequestForm();
|
|
return PartialView("PasswordResetRequest", viewModel);
|
|
}
|
|
|
|
[HttpPost]
|
|
public ActionResult PasswordResetRequest(PasswordResetRequestForm requestForm)
|
|
{
|
|
if (!ModelState.IsValid)
|
|
return CurrentUmbracoPage();
|
|
|
|
var memberService = ApplicationContext.Current.Services.MemberService;
|
|
var member = memberService.GetByEmail(requestForm.Email);
|
|
if (member == null)
|
|
{
|
|
// Send notification of attempt to change
|
|
BackgroundJob.Enqueue<EmailNotificationService>(
|
|
e => e.SendPasswordResetNotMemberEmail(requestForm.Email));
|
|
}
|
|
else
|
|
{
|
|
var token = PasswordGenerator.Generate(12, allowed: "0123456789");
|
|
member.SetValue(LeafWebMemberProperties.PasswordResetToken, token);
|
|
memberService.Save(member);
|
|
|
|
// Send Email
|
|
BackgroundJob.Enqueue<EmailNotificationService>(
|
|
e => e.SendPasswordResetEmail(member.Email));
|
|
}
|
|
|
|
// don't acknowledge their email address
|
|
TempData["StatusMessage"] =
|
|
$"An email has been sent to {requestForm.Email} with instructions on how to reset your password.";
|
|
TempData["StatusMessage-Type"] = "alert-success";
|
|
|
|
return Redirect("/");
|
|
}
|
|
|
|
public ActionResult PasswordReset(string email, string token)
|
|
{
|
|
var errorMsg = $"Sorry, a valid password reset was not found for user {email}. " +
|
|
$"Please try resetting again, " +
|
|
$"or use Contact Us if the issue persists.";
|
|
|
|
if (!string.IsNullOrEmpty(email) && !string.IsNullOrEmpty(token))
|
|
{
|
|
|
|
var memberService = ApplicationContext.Current.Services.MemberService;
|
|
var member = memberService.GetByEmail(email);
|
|
if (member == null)
|
|
{
|
|
// don't acknowledge their email address
|
|
TempData["StatusMessage"] = errorMsg;
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else
|
|
{
|
|
var storedToken = member.GetValue<string>(LeafWebMemberProperties.PasswordResetToken);
|
|
|
|
if (string.IsNullOrEmpty(storedToken))
|
|
{
|
|
TempData["StatusMessage"] = errorMsg;
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else if (storedToken != token)
|
|
{
|
|
TempData["StatusMessage"] = errorMsg;
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else
|
|
{
|
|
var viewModel = new PasswordResetForm {Email = email, PasswordResetToken = token};
|
|
return PartialView(viewModel);
|
|
}
|
|
}
|
|
}
|
|
|
|
return PasswordResetRequest();
|
|
}
|
|
|
|
[HttpPost]
|
|
public ActionResult PasswordReset(PasswordResetForm form)
|
|
{
|
|
var redirectUrl = "/";
|
|
|
|
var errorMsg = $"Sorry, a valid password reset was not found for user {form.Email}. " +
|
|
$"Please try resetting again, " +
|
|
$"or use Contact Us if the issue persists.";
|
|
|
|
if (ModelState.IsValid)
|
|
{
|
|
var memberService = ApplicationContext.Current.Services.MemberService;
|
|
var member = memberService.GetByEmail(form.Email);
|
|
if (member == null)
|
|
{
|
|
// don't acknowledge their email address
|
|
TempData["StatusMessage"] = errorMsg;
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else
|
|
{
|
|
var storedToken = member.GetValue<string>(LeafWebMemberProperties.PasswordResetToken);
|
|
if (string.IsNullOrEmpty(storedToken))
|
|
{
|
|
TempData["StatusMessage"] = errorMsg;
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else if (storedToken != form.PasswordResetToken)
|
|
{
|
|
TempData["StatusMessage"] = errorMsg;
|
|
TempData["StatusMessage-Type"] = "alert-danger";
|
|
}
|
|
else
|
|
{
|
|
memberService.SavePassword(member, form.Password);
|
|
|
|
// remove the token
|
|
member.SetValue(LeafWebMemberProperties.PasswordResetToken, string.Empty);
|
|
memberService.Save(member);
|
|
|
|
TempData["StatusMessage"] = "Password updated for " + member.Email + ", use your new password to login.";
|
|
TempData["StatusMessage-Type"] = "alert-success";
|
|
|
|
redirectUrl = "membership/login";
|
|
}
|
|
}
|
|
}
|
|
|
|
return Redirect(redirectUrl);
|
|
}
|
|
}
|
|
} |