/// <summary>
/// Modified by Anjali DT:6-jun-2016.
/// To Authenticate User ,
/// 1, If entered user cretentilas are valid , user will be authenticted.
/// 2. If entered user cretentilas are not valid , alert will be displayed.
/// After authentication .
/// 1. User information needed for further reference will be added in Session such as UserId,Username,role,UserType etc.
/// 2. Depend on User type user will be redirected to respective pages.
/// eg.Usertype ='SUPPLIER' redirected to 'WebQuotationDetails.aspx' etc.
/// 3. If entered password is default password i.e. 1234 ,user will be redirected to change password page.
/// 4. If user not updated his/her password more than 180 days , in this case also user will be redirected to change password page.
/// Modified By Alok /19/10/2016
/// Session ID store in session variable.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void LoginUser_Authenticate(object sender, AuthenticateEventArgs e)
{
DataSet ds_ntLan = new DataSet();
DataSet ds_admincheck = new DataSet();
string strUserID = "";
string strUserStyle = "";
string strUserType = "";
string strUserFullName = "";
string strUserCompany = "";
string strUserCompanyID = "";
string UserIP = "";
string ClientBrowser = "";
string userid = LoginUser.UserName.Trim().ToString().ToUpper();
string UserName = LoginUser.UserName.Trim().ToString();
string password = LoginUser.Password.Trim().ToString();
ds_ntLan = objBLL.Get_UserCredentials(userid, DMS.DES_Encrypt_Decrypt.Encrypt(password));
ClientBrowser = Request.UserAgent;
UserIP = Request.UserHostAddress;
string hostName = Dns.GetHostName(); // Retrive the Name of HOST
string MachineIP = Dns.GetHostByName(hostName).AddressList[0].ToString();
if (ds_ntLan.Tables["Login"] != null)
{
if (ds_ntLan.Tables["Login"].Rows.Count > 0)
{
strUserID = ds_ntLan.Tables["Login"].Rows[0]["UserId"].ToString();
strUserStyle = ds_ntLan.Tables["Login"].Rows[0]["style"].ToString();
strUserType = ds_ntLan.Tables["Login"].Rows[0]["User_Type"].ToString();
strUserFullName = ds_ntLan.Tables["Login"].Rows[0]["User_FullName"].ToString();
strUserCompany = ds_ntLan.Tables["Login"].Rows[0]["Company_Name"].ToString();
strUserCompanyID = ds_ntLan.Tables["Login"].Rows[0]["COMPANY_ID"].ToString();
int PWD_Last_Updated_InDays = UDFLib.ConvertToInteger(ds_ntLan.Tables["Login"].Rows[0]["PWD_Last_Updated_InDays"]);
string Role = objBLL.Get_User_Role(int.Parse(strUserID));
Session["OCAGUID"] = Guid.NewGuid().ToString();
if (!string.IsNullOrEmpty(strUserID) && !string.IsNullOrEmpty(Convert.ToString(Session["OCAGUID"])))
{
try
{
int result = SqlHelper.ExecuteNonQuery(ConfigurationManager.ConnectionStrings["demoasp"].ConnectionString, CommandType.Text, "UPDATE USER_MASTER SET PassKey='" + Convert.ToString(Session["OCAGUID"]) + "' WHERE SMSLOG_User_ID=" + strUserID);
}
catch (Exception ex)
{
UDFLib.WriteExceptionLog(ex);
}
}
Session["ACCESSLEVEL"] = ds_ntLan.Tables["Login"].Rows[0]["ACCESSLEVEL"].ToString();
Session["ROLE"] = Role;
Session["USERNAME"] = ds_ntLan.Tables["Login"].Rows[0]["User_name"].ToString();
Session["USERID"] = strUserID;
Session["USERSTYLE"] = strUserStyle;
Session["UTYPE"] = strUserType;
Session["USERFULLNAME"] = strUserFullName;
Session["USERCOMPANY"] = strUserCompany;
Session["USERCOMPANYID"] = strUserCompanyID;
Session["SUPPLIER_ID"] = ds_ntLan.Tables["Login"].Rows[0]["SUPPLIER_ID"].ToString();
Session["SUPPNAME"] = ds_ntLan.Tables["Login"].Rows[0]["FULL_NAME"].ToString();;
Session["PASSSTRING"] = ds_ntLan.Tables["Login"].Rows[0]["PASSSTRING"].ToString();
Session["SUPPCODE"] = ds_ntLan.Tables["Login"].Rows[0]["SUPPLIER"].ToString();
Session["pwd"] = password;
Session["APPCOMPANYID"] = ConfigurationManager.AppSettings["Company_ID"];
Session["COMPANYTYPE"] = ds_ntLan.Tables["Login"].Rows[0]["Company_Type"].ToString();
Session["USERDEPARTMENTID"] = ds_ntLan.Tables["Login"].Rows[0]["Dep_Code"].ToString();
Session["USERFLEETID"] = ds_ntLan.Tables["Login"].Rows[0]["Tech_Manager"].ToString() != "" ? ds_ntLan.Tables["Login"].Rows[0]["Tech_Manager"].ToString() : "0";
Session["USERMAILID"] = ds_ntLan.Tables["Login"].Rows[0]["MailID"].ToString();
Session["Company_Name_GL"] = ds_ntLan.Tables["Login"].Rows[0]["Company_Name"].ToString();
Session["Company_Address_GL"] = ds_ntLan.Tables["Login"].Rows[0]["Company_Address"].ToString();
Session["PWD_Last_Updated_InDays"] = PWD_Last_Updated_InDays; //Added by Anjali DT:6-Jun-2016 JIT:9490 || To enforce Office user to change password ,when Office user not updated his/her password more than 180 days or password is default password i.e 1234 for all users.
//Added a new session variable to store date format for logged in user.
//Dateformat will be fetched from Lib_User table, if Lib_User doesn't have value then dateformat will be fetched from Lib_Company.
//Session["User_DateFormat"] = ds_ntLan.Tables["Login"].Rows[0]["User_dateFormat"].ToString();
Session["User_DateFormat"] = "dd-MM-yyyy";
if (Convert.ToString(ds_ntLan.Tables["Login"].Rows[0]["Date_Format"]) != "")
{
Session["User_DateFormat"] = ds_ntLan.Tables["Login"].Rows[0]["Date_Format"].ToString();
}
//string UserIP = "";
//string ClientBrowser = "";
//UserIP = Request.UserHostAddress;
if (UserIP == null)
{
UserIP = Request.ServerVariables["REMOTE_ADDR"];
}
objBLL.Start_Session(int.Parse(strUserID), Session.SessionID, UserIP, ClientBrowser);
Session["Session"] = Session.SessionID;
if (strUserType.ToUpper() == "SUPPLIER".ToUpper())
{
FormsAuthentication.SetAuthCookie(strUserID, false);
Response.Redirect("~/webqtn/WebQuotationDetails.aspx");
}
else if (strUserType.ToUpper() == "TRAVEL AGENT".ToUpper())
{
FormsAuthentication.SetAuthCookie(strUserID, false);
Response.Redirect("~/travel/RequestListAgent.aspx");
}
else
{
//-- Default Password should be changed--
if (password == "1234" || password == Convert.ToString((1234 + Convert.ToInt32(Session["USERID"]))))
{
Response.Redirect("~/Account/ChangePassword.aspx?msg=YOUR DEFAULT PASSWORD IS EXPIRED!");
}
else if (strUserType == "OFFICE USER" && PWD_Last_Updated_InDays > 180)
{
FormsAuthentication.SetAuthCookie(strUserID, false);
Response.Redirect("~/Account/ChangePassword.aspx?msg=YOUR CURRENT PASSWORD IS EXPIRED! PLEASE CHANGE YOUR PASSWORD.");
}
else
{
FormsAuthentication.RedirectFromLoginPage(strUserID, false);
}
UserAccessLog(Session["USERNAME"].ToString(), Session["USERID"].ToString(), Session["Session"].ToString(), DateTime.Now, MachineIP, "Success", ClientBrowser, null);
}
}
else
{
Session.Abandon();
LoginUser.FailureText = "Log-In ID or Password is incorrect.";
UserAccessLog(UserName, "NULL", "NULL", DateTime.Now, MachineIP, "Failure", ClientBrowser, ds_ntLan.Tables[1].Rows[0][0].ToString());
}
}
else
{
Session.Abandon();
LoginUser.FailureText = "Log-In ID or Password is incorrect.";
UserAccessLog(UserName, "NULL", "NULL", DateTime.Now, MachineIP, "Failure", ClientBrowser, ds_ntLan.Tables[1].Rows[0][0].ToString());
}
}
