C# 调用密码重置电子邮件通知的方法?
我想为用户提供密码重置的方法。当用户选择send password reset时,会向他们发送电子邮件通知 现在,我在一个存储库中工作,我希望调用现有的方法,但不知道该如何做,因为我对c#?非常陌生 用户存储库中的方法是C# 调用密码重置电子邮件通知的方法?,c#,asp.net,.net,email,password-recovery,C#,Asp.net,.net,Email,Password Recovery,我想为用户提供密码重置的方法。当用户选择send password reset时,会向他们发送电子邮件通知 现在,我在一个存储库中工作,我希望调用现有的方法,但不知道该如何做,因为我对c#?非常陌生 用户存储库中的方法是 public bool RequestPasswordReset(string emailAddress) { try { User user = this.GetUserByEmailAddress(em
public bool RequestPasswordReset(string emailAddress)
{
try
{
User user = this.GetUserByEmailAddress(emailAddress);
// Check we have a user
if (user == null)
throw new Exception("No User for Email");
// Check the user is in a valid state for operation
if (user.Status != (int)UserStatus.Active)
throw new Exception("User not in valid state for password reset");
// TODO: Check UpdateDate to see if the Password Reset Guid has expired!
// Make the user reset, set the passwordguid and clear previous password hash
user.Status = (int)UserStatus.Reset;
user.PasswordHash = "";
user.PasswordGuid = GetUniquePasswordGuid();
//UserDAL.Update(User);
Context.Save(user);
Company company = user.Company;
// Send the appropriate Email Notification
//this.NotificationService.SendPasswordResetNotification(ContentType.Email, User, Company, DateTime.Now);
using (NotificationMessageRepository nmr = new NotificationMessageRepository())
{
nmr.SendPasswordResetNotification(company, user, ContentType.Email, DateTime.Now);
}
//Todo: Audit the password reset
//AuditLogInfo(null, AuditType.Auth, AuditMessage.AuthResetPassword, AuditItemType.User, User.ID.ToString(), Email);
}
catch (Exception e)
{
Logger.Error(String.Format("RequestPasswordReset({0}) Exception: {1}", emailAddress, e.Message));
return false;
}
finally
{
}
return true;
}
/// <summary>
/// Sets the password for the user, authenticating using the PasswordGuid
/// </summary>
/// <param name="PasswordGuid"></param>
/// <param name="Password"></param>
/// <returns></returns>
public bool SetPassword(string PasswordGuid, string Password)
{
try
{
User user = this.GetUserByPasswordGuid(PasswordGuid);
// Check we have a user
if (user == null)
throw new Exception("No User for PasswordGuid");
// Check the user is in a valid state for operation
if (user.Status != (int)UserStatus.Pending && user.Status != (int)UserStatus.Reset)
throw new Exception("User not in valid state for set password");
// TODO: Check UpdateDate to see if the Password Reset Guid has expired!
// Make the user active, set the password hash from the password and clear the password guid.
user.Status = (int)UserStatus.Active;
user.PasswordHash = CreatePasswordHash(Password);
user.PasswordGuid = "";
//UserDAL.Update(User);
Context.Save(user);
//ToDo: audit the password change
//AuditLogInfo(null, AuditType.Auth, AuditMessage.AuthSetPassword, AuditItemType.User, User.ID.ToString(), User.Username);
}
catch (Exception ex)
{
//ToDo: AuditLogError(null, AuditType.Auth, AuditMessage.AuthSetPassword, string.Format("PasswordGuid: {0} Exception: {1}", PasswordGuid, ex.Message));
Logger.Error(String.Format("SetPassword({0}, ******* ) Exception: {1}", PasswordGuid, ex.Message));
return false;
}
finally
{
}
return true;
}
/// <summary>
/// Get Unique PasswordGuid returns a unique password Guid
/// </summary>
/// <returns>a unique auth token</returns>
protected string GetUniquePasswordGuid()
{
//TODO: Possible check then we have not already given this out
// but chances of giving the same are so rare, not worth changing at the moment
return Guid.NewGuid().ToString();
}
/// <summary>
/// Creates a Password Hash from the specified password
/// NOTE: Access to this method should be controlled to prevent security breached and brute force password hacks.
/// </summary>
/// <param name="Password"></param>
/// <returns>a PasswordHash of the specified passed</returns>
public string CreatePasswordHash(String Password)
{
// NOTE: This method of Password Hashing cannot be changed and put into an existing system as you will
// be required reset all the passwords.
System.Security.Cryptography.HashAlgorithm ha = new System.Security.Cryptography.SHA1Managed();
ha.ComputeHash(System.Text.Encoding.UTF8.GetBytes(Password));
return BitConverter.ToString(ha.Hash).Replace("-", "");
}
/// <summary>
/// Compares the Password against the password Hash to see if they match
/// </summary>
/// NOTE: Access to this method should be controlled to prevent security breached and brute force password hacks.
/// <param name="Password"></param>
/// <param name="PasswordHash"></param>
/// <returns>true if the password and teh PasswordHash match otherwise false</returns>
protected bool ComparePasswordAndHash(String Password, String PasswordHash)
{
string ComparePasswordHash = CreatePasswordHash(Password);
// return true if the generated hash from the password matches the password hash passed.
return (ComparePasswordHash.CompareTo(PasswordHash) == 0);
}
public bool UpdateUser(long userId, string title, string firstName, string surname, string address, string email, string username )
{
bool returnValue = false;
var user = Context.Users.SingleOrDefault(x => x.ID == userId);
if (user.ID > 0)
{
user.Title = title;
user.Forename = firstName;
user.Email = email;
user.Surname = surname;
user.Username = username;
user.Address1 = address;
Context.Save(user);
returnValue = true;
}
return returnValue;
}
public bool SaveNewUser(User user)
{
bool returnValue = false;
Context.Users.Add(user);
Context.Save(user);
return returnValue;
}
}
public bool请求密码重置(字符串emailAddress)
{
尝试
{
User User=this.GetUserByEmailAddress(emailAddress);
//检查是否有用户
if(user==null)
抛出新异常(“没有电子邮件用户”);
//检查用户是否处于有效的操作状态
if(user.Status!=(int)UserStatus.Active)
抛出新异常(“用户未处于密码重置的有效状态”);
//TODO:检查UpdateDate以查看密码重置Guid是否已过期!
//重置用户,设置passwordguid并清除以前的密码哈希
user.Status=(int)UserStatus.Reset;
user.PasswordHash=“”;
user.PasswordGuid=GetUniquePasswordGuid();
//UserDAL.Update(用户);
保存(用户);
公司=用户。公司;
//发送适当的电子邮件通知
//this.NotificationService.SendPasswordResetNotification(ContentType.Email、用户、公司、日期时间.Now);
使用(NotificationMessageRepository nmr=new NotificationMessageRepository())
{
SendPasswordResetNotification(公司、用户、ContentType.Email、DateTime.Now);
}
//Todo:审核密码重置
//AuditLogInfo(null,AuditType.Auth,AuditMessage.AuthResetPassword,AuditItemType.User,User.ID.ToString(),Email);
}
捕获(例外e)
{
错误(String.Format(“RequestPasswordReset({0})异常:{1}”、emailAddress、e.Message));
返回false;
}
最后
{
}
返回true;
}
///
///设置用户的密码,使用PasswordGuid进行身份验证
///
///
///
///
public bool SetPassword(字符串密码GUID、字符串密码)
{
尝试
{
User User=this.GetUserByPasswordGuid(PasswordGuid);
//检查是否有用户
if(user==null)
抛出新异常(“PasswordGuid没有用户”);
//检查用户是否处于有效的操作状态
if(user.Status!=(int)UserStatus.Pending&&user.Status!=(int)UserStatus.Reset)
抛出新异常(“用户未处于设置密码的有效状态”);
//TODO:检查UpdateDate以查看密码重置Guid是否已过期!
//使用户处于活动状态,从密码中设置密码哈希并清除密码guid。
user.Status=(int)UserStatus.Active;
user.PasswordHash=CreatePasswordHash(密码);
user.PasswordGuid=“”;
//UserDAL.Update(用户);
保存(用户);
//ToDo:审核密码更改
//AuditLogInfo(null,AuditType.Auth,AuditMessage.AuthSetPassword,AuditItemType.User,User.ID.ToString(),User.Username);
}
捕获(例外情况除外)
{
//ToDo:AuditLogError(null,AuditType.Auth,AuditMessage.AuthSetPassword,string.Format(“密码GUID:{0}异常:{1}”,密码GUID,ex.Message));
Logger.Error(String.Format(“SetPassword({0},********)异常:{1}”,PasswordGuid,ex.Message));
返回false;
}
最后
{
}
返回true;
}
///
///Get Unique PasswordGuid返回唯一的密码Guid
///
///唯一的身份验证令牌
受保护的字符串GetUniquePasswordGuid()
{
//TODO:可能的话,我们还没有发出去
//但给予同样的机会是如此罕见,目前不值得改变
返回Guid.NewGuid().ToString();
}
///
///从指定的密码创建密码哈希
///注意:应控制对该方法的访问,以防止安全漏洞和暴力破解密码。
///
///
///指定密码的密码哈希已传递
公共字符串CreatePasswordHash(字符串密码)
{
//注意:此密码哈希方法不能更改,也不能像您所希望的那样放入现有系统中
//需要重置所有密码。
System.Security.Cryptography.HashAlgorithm ha=新的System.Security.Cryptography.SHA1Managed();
ComputeHash(System.Text.Encoding.UTF8.GetBytes(密码));
返回BitConverter.ToString(ha.Hash).Replace(“-”,”);
}
///
///将密码与密码哈希进行比较,以查看它们是否匹配
///
///注意:应控制对该方法的访问,以防止安全漏洞和暴力破解密码。
///
///
///如果密码和密码哈希匹配,则为true,否则为false
受保护的布尔比较密码和哈希(字符串密码、字符串密码哈希)
{
字符串ComparePasswordHash=CreatePasswordHash(密码);
//如果从密码生成的哈希与传递的密码哈希匹配,则返回true。
返回(ComparePasswordHash.CompareTo(PasswordHash)=0);
}
public bool UpdateUser(长用户名、字符串标题、字符串名字、字符串姓氏、字符串地址、字符串电子邮件、字符串用户名)
{
bool returnValue=false;
var user=Context.Users.SingleOrDefault(x=>x.ID==userId);
如果(user.ID>0)
{
user.Title=标题;
user.Forename=firstName;
user.Email=电子邮件;
用户。姓氏=姓氏;
user.Username=用户名;
user.Address1=添加
var successfullyReset = YourClassInstance.RequestPasswordReset("emailaddress@domain.com");
string usersEmail = txtEmailAddress.Text;
var successfullyReset = YourClassInstance.RequestPasswordReset(usersEmail);