0

ユーザーにパスワード リセットの方法を提供したいと考えています。ユーザーが [パスワード リセットの送信] を選択すると、電子メール通知が送信されます。

今、私はリポジトリから作業しており、存在するメソッドを呼び出したいのですが、c# にまったく慣れていないので、どうすればよいかわかりません。

ユーザーリポジトリのメソッドは

   public bool RequestPasswordReset(string emailAddress)
    {
        try
        {

            User user = this.GetUserByEmailAddress(emailAddress);

            // Check we have a user
            if (user == null)
                throw new Exception("No User for Email");

            // Check the user is in a valid state for operation
            if (user.Status != (int)UserStatus.Active)
                throw new Exception("User not in valid state for password reset");

            // TODO: Check UpdateDate to see if the Password Reset Guid has expired!

            // Make the user reset, set the passwordguid and clear previous password hash
            user.Status = (int)UserStatus.Reset;
            user.PasswordHash = "";
            user.PasswordGuid = GetUniquePasswordGuid();
            //UserDAL.Update(User);
            Context.Save(user);

            Company company = user.Company;

            // Send the appropriate Email Notification
            //this.NotificationService.SendPasswordResetNotification(ContentType.Email, User, Company, DateTime.Now);
            using (NotificationMessageRepository nmr = new NotificationMessageRepository())
            {
                nmr.SendPasswordResetNotification(company, user, ContentType.Email, DateTime.Now);
            }

            //Todo: Audit the password reset
            //AuditLogInfo(null, AuditType.Auth, AuditMessage.AuthResetPassword, AuditItemType.User, User.ID.ToString(), Email);

        }
        catch (Exception e)
        {
            Logger.Error(String.Format("RequestPasswordReset({0}) Exception: {1}", emailAddress, e.Message));
            return false;
        }
        finally
        {

        }

        return true;
    }
    /// <summary>
    /// Sets the password for the user, authenticating using the PasswordGuid
    /// </summary>
    /// <param name="PasswordGuid"></param>
    /// <param name="Password"></param>
    /// <returns></returns>
    public bool SetPassword(string PasswordGuid, string Password)
    {
        try
        {
            User user = this.GetUserByPasswordGuid(PasswordGuid);

            // Check we have a user
            if (user == null)
                throw new Exception("No User for PasswordGuid");

            // Check the user is in a valid state for operation
            if (user.Status != (int)UserStatus.Pending && user.Status != (int)UserStatus.Reset)
                throw new Exception("User not in valid state for set password");

            // TODO: Check UpdateDate to see if the Password Reset Guid has expired!

            // Make the user active, set the password hash from the password and clear the password guid.
            user.Status = (int)UserStatus.Active;
            user.PasswordHash = CreatePasswordHash(Password);
            user.PasswordGuid = "";
            //UserDAL.Update(User);
            Context.Save(user);

            //ToDo: audit the password change
            //AuditLogInfo(null, AuditType.Auth, AuditMessage.AuthSetPassword, AuditItemType.User, User.ID.ToString(), User.Username);
        }
        catch (Exception ex)
        {
            //ToDo: AuditLogError(null, AuditType.Auth, AuditMessage.AuthSetPassword, string.Format("PasswordGuid: {0} Exception: {1}", PasswordGuid, ex.Message));
            Logger.Error(String.Format("SetPassword({0}, ******* ) Exception: {1}", PasswordGuid, ex.Message));
            return false;
        }
        finally
        {

        }

        return true;
    }
    /// <summary>
    /// Get Unique PasswordGuid returns a unique password Guid
    /// </summary>
    /// <returns>a unique auth token</returns>
    protected string GetUniquePasswordGuid()
    {
        //TODO: Possible check then we have not already given this out
        // but chances of giving the same are so rare, not worth changing at the moment
        return Guid.NewGuid().ToString();
    }
    /// <summary>
    /// Creates a Password Hash from the specified password
    /// NOTE: Access to this method should be controlled to prevent security breached and brute force password hacks.
    /// </summary>
    /// <param name="Password"></param>
    /// <returns>a PasswordHash of the specified passed</returns>
    public string CreatePasswordHash(String Password)
    {
        // NOTE: This method of Password Hashing cannot be changed and put into an existing system as you will
        // be required reset all the passwords.
        System.Security.Cryptography.HashAlgorithm ha = new System.Security.Cryptography.SHA1Managed();
        ha.ComputeHash(System.Text.Encoding.UTF8.GetBytes(Password));
        return BitConverter.ToString(ha.Hash).Replace("-", "");
    }
    /// <summary>
    /// Compares the Password against the password Hash to see if they match
    /// </summary>
    /// NOTE: Access to this method should be controlled to prevent security breached and brute force password hacks.
    /// <param name="Password"></param>
    /// <param name="PasswordHash"></param>
    /// <returns>true if the password and teh PasswordHash match otherwise false</returns>
    protected bool ComparePasswordAndHash(String Password, String PasswordHash)
    {
        string ComparePasswordHash = CreatePasswordHash(Password);

        // return true if the generated hash from the password matches the password hash passed.
        return (ComparePasswordHash.CompareTo(PasswordHash) == 0);
    }
    public bool UpdateUser(long userId, string title, string firstName, string surname, string address, string email,  string username )
    {
        bool returnValue = false;
        var user = Context.Users.SingleOrDefault(x => x.ID == userId);
        if (user.ID > 0)
        {
            user.Title = title;
            user.Forename = firstName;
            user.Email = email;
            user.Surname = surname;
            user.Username = username;
            user.Address1 = address;
            Context.Save(user);
            returnValue = true;
        }
        return returnValue;
    }
    public bool SaveNewUser(User user)
    {
        bool returnValue = false;
        Context.Users.Add(user);       

        Context.Save(user);
        return returnValue;
    }
}
4

1 に答える 1

1

リポジトリがメソッドを認識できる限り、次のRequestPassWordReset方法でメソッドを呼び出すことができます。

 var successfullyReset = YourClassInstance.RequestPasswordReset("emailaddress@domain.com");

テキストボックス経由(コメントから):

string usersEmail = txtEmailAddress.Text;
var successfullyReset = YourClassInstance.RequestPasswordReset(usersEmail);
于 2013-09-23T09:40:22.213 に答える