Änderungen algorithmus verschlüsselung session key email pw reset
This commit is contained in:
ja
@@ -27,7 +27,7 @@
|
|||||||
<authentication mode="Forms">
|
<authentication mode="Forms">
|
||||||
<forms defaultUrl="/Customers/CustomsAviso.aspx" loginUrl="login/Login_FLEX.aspx" slidingExpiration="true" timeout="2880"/>
|
<forms defaultUrl="/Customers/CustomsAviso.aspx" loginUrl="login/Login_FLEX.aspx" slidingExpiration="true" timeout="2880"/>
|
||||||
</authentication>
|
</authentication>
|
||||||
<sessionState mode="InProc" timeout="1800" cookieless="false" regenerateExpiredSessionId="true" compressionEnabled="false"/>
|
<sessionState mode="InProc" timeout="1800" cookieless="false" regenerateExpiredSessionId="false" compressionEnabled="false" useHostingIdentity="true" />
|
||||||
<httpRuntime requestValidationMode="2.0" targetFramework="4.7"/>
|
<httpRuntime requestValidationMode="2.0" targetFramework="4.7"/>
|
||||||
<pages validateRequest="false" controlRenderingCompatibilityVersion="4.0"/>
|
<pages validateRequest="false" controlRenderingCompatibilityVersion="4.0"/>
|
||||||
<!--<securityPolicy>
|
<!--<securityPolicy>
|
||||||
|
|||||||
@@ -100,9 +100,9 @@ Partial Class login_ChangePW
|
|||||||
End Sub
|
End Sub
|
||||||
|
|
||||||
Function getDateoftoken(tokenname As String) As Boolean
|
Function getDateoftoken(tokenname As String) As Boolean
|
||||||
Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname))
|
Dim data() As Byte = Convert.FromBase64String(VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(tokenname))
|
||||||
Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
|
Dim wenn As DateTime = DateTime.FromBinary(BitConverter.ToInt64(data, 0))
|
||||||
Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)
|
Dim nameoftoken = VERAG_PROG_ALLGEMEIN.cCryptography2.Decrypt(tokenname)
|
||||||
If wenn < DateTime.UtcNow.AddMinutes(-30) Then
|
If wenn < DateTime.UtcNow.AddMinutes(-30) Then
|
||||||
nameoftoken = String.Empty
|
nameoftoken = String.Empty
|
||||||
'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!")
|
'MsgBox("Token has not been found or is too old!" + Environment.NewLine + "Please send a new E-mail!")
|
||||||
|
|||||||
@@ -96,6 +96,7 @@ Partial Class login_ForgotPW
|
|||||||
If Session.Item("TokenforEmail") = Nothing Then
|
If Session.Item("TokenforEmail") = Nothing Then
|
||||||
tokenname = genToken(username, password, email)
|
tokenname = genToken(username, password, email)
|
||||||
Session.Add("TokenforEmail", tokenname)
|
Session.Add("TokenforEmail", tokenname)
|
||||||
|
Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID))
|
||||||
Else
|
Else
|
||||||
tokenname = Session.Item("TokenforEmail")
|
tokenname = Session.Item("TokenforEmail")
|
||||||
End If
|
End If
|
||||||
@@ -157,7 +158,6 @@ Partial Class login_ForgotPW
|
|||||||
Dim getdomianenvironment As String = String.Empty
|
Dim getdomianenvironment As String = String.Empty
|
||||||
Dim pagename As String = String.Empty
|
Dim pagename As String = String.Empty
|
||||||
Dim ServPort As String = String.Empty
|
Dim ServPort As String = String.Empty
|
||||||
|
|
||||||
Dim mailto As String = String.Empty
|
Dim mailto As String = String.Empty
|
||||||
Dim Betreff As String = String.Empty
|
Dim Betreff As String = String.Empty
|
||||||
Dim htmlbody As String = String.Empty
|
Dim htmlbody As String = String.Empty
|
||||||
@@ -167,14 +167,14 @@ Partial Class login_ForgotPW
|
|||||||
'pagename = Request.ServerVariables("SCRIPT_NAME")
|
'pagename = Request.ServerVariables("SCRIPT_NAME")
|
||||||
mailto = email
|
mailto = email
|
||||||
Betreff = "Passwort reset"
|
Betreff = "Passwort reset"
|
||||||
htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + tokenname + ">Link</a>" + Environment.NewLine + "<br />Kind regards, <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
|
htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + ServPort + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">Link</a>" + Environment.NewLine + "<br />Kind regards, <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
|
||||||
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
|
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = False Then
|
||||||
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
|
getdomianenvironment = HttpContext.Current.Request.ServerVariables("SERVER_NAME")
|
||||||
ServPort = String.Empty
|
ServPort = String.Empty
|
||||||
'pagename = Request.ServerVariables("SCRIPT_NAME")
|
'pagename = Request.ServerVariables("SCRIPT_NAME")
|
||||||
mailto = email
|
mailto = email
|
||||||
Betreff = "Passwort reset"
|
Betreff = "Passwort reset"
|
||||||
htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/ChangePW.aspx?Par1=" + tokenname + ">Link</a>" + Environment.NewLine + "<br />Kind regards, <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
|
htmlbody = String.Format("Dear, {0},<br /><br /> Please follow the Link to reset your password:<br /><br />" + Environment.NewLine + "<a runat=" + "server" + " href=http://" + getdomianenvironment + "/login/ChangePW.aspx?Par1=" + VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(tokenname) + ">Link</a>" + Environment.NewLine + "<br />Kind regards, <br />VERAG | EDV Support<br />support@verag.ag,", username, password)
|
||||||
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
|
ElseIf String.IsNullOrWhiteSpace(HttpContext.Current.Request.ServerVariables("SERVER_NAME")) = True Then
|
||||||
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
|
'MsgBox("Error09:" + Environment.NewLine + "The Domain could not be vaildated. Check Link please or contact the Administrator of the program.")
|
||||||
lblMessage.ForeColor = Color.OrangeRed
|
lblMessage.ForeColor = Color.OrangeRed
|
||||||
|
|||||||
Reference in New Issue
Block a user