public ActionResult ResetPassword(MangeCredentialViewModel model)
{
//checking the new passowr and confirm password
if (model.NewPassword.Trim() == model.ConfirmPassword.Trim())
{
byte[] password = System.Text.Encoding.Unicode.GetBytes(model.Password);
//checking tyhe old password
DboCredential dbCr = _context.DboCredential.SingleOrDefault(m => m.Vchr32Name == GettSessionUserName() && m.Bin64PasswordHash == password);
if (dbCr != null)
{
password = System.Text.Encoding.Unicode.GetBytes(model.NewPassword.Trim());
dbCr.Bin64PasswordHash = password;
_context.DboCredential.Update(dbCr);
_context.SaveChanges();
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" }));
}
else
{
ViewData["ErrorMessage"] = "Please enter correct apassword";
}
}
else
{
ViewData["ErrorMessage"] = "NewPassword and COnfirm Password must be same";
}
return(View());
}
public void CreateActiveDirectoryUserCredential(Models.LoginViewModel model)
{
string username = Utility.GetUserNameFromEmail(model.Email);
DboCredential obj = new DboCredential();
obj.Vchr32Name = username;
obj.Nvch128Caption = username;
// obj.Bin64PasswordHash = string.Empty;
obj.BEnabled = true;
obj.DtCreated = DateTime.Now;
obj.Vchr256CreatedContext = "Creating new Credential Record for Active Directory user";
obj.BintCreatorCredentialId = 1;
obj.BintCreatorSpoofOfCredentialId = null;
obj.DtModified = DateTime.Now;
obj.Vchr256ModifiedContext = string.Empty;
obj.BintModifierCredentialId = 1;
obj.BintModifierSpoofOfCredentialId = null;
obj.BSmokeTest = false;
obj.BIsGroup = false;
_context.DboCredential.Add(obj);
_context.SaveChanges();
var credtype = _context.LkpLocalization.SingleOrDefault(m => m.Vchr128Identifier == "1" && m.NvchMaxText == "Active Directory User" && m.Vchr64LocalizationType == "Title");
DboCredentialAlternate objAl = new DboCredentialAlternate();
objAl.BintPrimaryCredentialId = obj.BintId;
objAl.ICredentialTypeId = 1;
objAl.Vchr64UserName = model.Email;
objAl.DtCreated = DateTime.Now;
objAl.Vchr256CreatedContext = "Creating new Credential Alternate Record for Active Directory user";
objAl.BintCreatorCredentialId = 1;
objAl.BintCreatorSpoofOfCredentialId = null;
objAl.DtModified = DateTime.Now;
objAl.Vchr256ModifiedContext = string.Empty;
objAl.BintModifierCredentialId = 1;
objAl.BintModifierSpoofOfCredentialId = null;
objAl.BSmokeTest = false;
_context.DboCredentialAlternate.Add(objAl);
_context.SaveChanges();
DboCredentialHierarchy dbH = new DboCredentialHierarchy();
dbH.BintParentCredentialId = obj.BintId;
dbH.BintChildCredentialId = obj.BintId;
dbH.DtCreated = DateTime.Now;
dbH.Vchr256CreatedContext = "Creating new Hierarchy for Active Directory user";
dbH.BintCreatorCredentialId = 1;
dbH.BintCreatorSpoofOfCredentialId = null;
dbH.DtModified = DateTime.Now;
dbH.Vchr256ModifiedContext = "";
dbH.BintModifierCredentialId = 1;
dbH.BintModifierSpoofOfCredentialId = null;
dbH.BSmokeTest = false;
_context.DboCredentialHierarchy.Add(dbH);
_context.SaveChanges();
}
public async Task <IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null)
{
if (remoteError != null)
{
ModelState.AddModelError(string.Empty, $"Error from external provider: {remoteError}");
return(View(nameof(Login)));
}
ExternalLoginInfo info = await _signInManager.GetExternalLoginInfoAsync();
if (info == null)
{
return(RedirectToAction(nameof(Login)));
}
// Sign in the user with this external login provider if the user already has a login.
//var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false);
//if (result.Succeeded)
//{
// _logger.LogInformation(5, "User logged in with {Name} provider.", info.LoginProvider);
// return RedirectToLocal(returnUrl);
//}
//if (result.RequiresTwoFactor)
//{
// return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl });
//}
//if (result.IsLockedOut)
//{
// return View("Lockout");
//}
else
{
// If the user does not have an account, then ask the user to create an account.
ViewData["ReturnUrl"] = returnUrl;
ViewData["LoginProvider"] = info.LoginProvider;
string email = info.Principal.FindFirstValue(ClaimTypes.Email);
DboCredentialAlternate dbAltObj = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == email.Trim());
if (dbAltObj != null)
{
DboCredential dbCrObj = _context.DboCredential.SingleOrDefault(m => m.BintId == dbAltObj.BintPrimaryCredentialId && m.BEnabled == true);
if (dbCrObj != null)
{
SetSessionUserName(dbCrObj.Vchr32Name);
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" }));
}
}
return(View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel {
Email = email
}));
}
}
public async Task <IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null)
{
if (remoteError != null)
{
ModelState.AddModelError(string.Empty, $"Error from external provider: {remoteError}");
return(View(nameof(ManageCredentials)));
}
ExternalLoginInfo info = await _signInManager.GetExternalLoginInfoAsync();
if (info == null)
{
return(RedirectToAction(nameof(ManageCredentials)));
}
else
{
// If the user does not have an account, then ask the user to create an account.
ViewData["ReturnUrl"] = returnUrl;
ViewData["LoginProvider"] = info.LoginProvider;
var email = info.Principal.FindFirstValue(ClaimTypes.Email);
string username = GettSessionUserName();
DboCredential dbCrObj = _context.DboCredential.SingleOrDefault(m => m.Vchr32Name == username);
if (dbCrObj != null)
{
new BusinessLayer(_context).CreateOAuthUserCredential(email, dbCrObj.BintId, info.LoginProvider);
}
//var dbAltObj = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == email.Trim());
//if (dbAltObj != null)
//{
// var dbCrObj = _context.DboCredential.SingleOrDefault(m => m.BintId == dbAltObj.BintPrimaryCredentialId && m.BEnabled == true);
// if (dbCrObj != null)
// {
// SetSessionUserName(dbCrObj.Vchr32Name);
// return RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" });
// }
//}
//else
//{
// string username = GettSessionUserName();
// var dbCrObj = _context.DboCredential.SingleOrDefault(m => m.Vchr32Name == username);
// if(dbCrObj != null)
// {
// new BusinessLayer(_context).CreateOAuthUserCredential(username, dbCrObj.BintId);
// }
//}
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "d" }));
}
}
public ActionResult Registration(Models.RegisterviewModel model)
{
try
{
//step 23 and step 24 checking in COI table.
DboCredentialOrganizationInfo user = _context.DboCredentialOrganizationInfo.SingleOrDefault(m => m.Vchr128EMailDomain == Utility.GetUserNameFromEmail(model.Email, true) && m.BAllowEmailAssociation == true && m.BAllowSelfRegistration == true);
if (user != null)
{
//checking Organizatioanl CredentiID credential table whether the user is enalbled or not.
DboCredential dbCre = _context.DboCredential.SingleOrDefault(m => m.BintId == user.BintCredentialId && m.BEnabled == true);
if (dbCre != null)
{
//check if the user already exists in dbcren
if (_context.DboCredential.SingleOrDefault(m => m.Vchr32Name == model.UserName) != null)
{
ViewData["ErrorMessage"] = "User Name already exists ,Please choose other name";
}
else
{
//step 25 send validation email.
string token = System.Guid.NewGuid().ToString();
var url = string.Format("{0}://{1}/{2}{3}", Request.Scheme, Request.Host, "Account/Index/?token=", token);
new BusinessLayer(_context).SaveEmailVerification(model.Email, token);
new BusinessLayer(_context).CreateNewInactiveUserCredential(model);
new AuthMessageSender().SendEmail(model.Email, "subject", "body message <a href=" + url + ">click here</a>");
return(RedirectToAction("EmailConfirmation", "Account", new { token = token }));
}
}
else
{
ViewData["ErrorMessage"] = "You are not a valid user";
}
}
else
{
ViewData["ErrorMessage"] = "You are not a valid user";
}
}
catch (Exception ex)
{
ViewData["ErrorMessage"] = ex.Message;
}
return(View());
}
public ActionResult ManageCredentials(string actiontype = "")
{
if (GettSessionUserName() == null || GettSessionUserName() == string.Empty)
{
return(RedirectToAction(nameof(AccountController.Login), "Account", new { debug = "" }));
}
MangeCredentialViewModel model = new MangeCredentialViewModel();
//if (HttpContext.Request.Query["email"].ToString() != string.Empty)
//{
// string email = HttpContext.Request.Query["email"].ToString();
// string username = Utility.GetUserNameFromEmail(email);
// string domainName = Utility.GetUserNameFromEmail(email,true);
// TempData["UserName"] = username;
// LoginViewModel mode1 = new LoginViewModel { Email = email };
// actiontype = "";
// var user = _context.DboCredentialOrganizationInfo.SingleOrDefault(m => m.Vchr128EMailDomain == domainName && m.BAllowEmailAssociation == true && m.BAllowSelfRegistration == true);
// new BusinessLayer(_context).CreateNormalUserCredential(mode1,user.BintCreatorCredentialId);
//}
if (GettSessionUserName() != null)
{
DboCredential dboCr = _context.DboCredential.SingleOrDefault(m => m.Vchr32Name == TempData["UserName"].ToString());
if (dboCr != null)
{
List <DboCredentialAlternate> dboCrAl = _context.DboCredentialAlternate.Where(m => m.BintPrimaryCredentialId == dboCr.BintId).ToList();
model.dboAlternAte = dboCrAl;
model.localization = _context.LkpLocalization.ToList();
//var f = df.BintConcept;
}
}
string userName = GettSessionUserName();// TempData["UserName"].ToString();
ViewData["userName"] = userName;
ViewData["action"] = actiontype;
return(View(model));
}
public IActionResult ExternalLogin(string provider, string returnUrl = null)
{
string[] provInfo = provider.Split('-');
if (provInfo.Length > 1)
{
//This method will hit when we user wants to delete the exisitng account
provInfo.Last();
DboCredential dbCr = _context.DboCredential.SingleOrDefault(m => m.Vchr32Name == GettSessionUserName());
if (dbCr != null)
{
List <DboCredentialAlternate> dlist = _context.DboCredentialAlternate.Where(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last())).ToList();
if (dlist.Count() > 1)
{
DboCredentialAlternate dbCrAld = _context.DboCredentialAlternate.FirstOrDefault(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last()) && !m.DtInactivated.HasValue);
dbCrAld.DtInactivated = DateTime.Now;
_context.DboCredentialAlternate.Update(dbCrAld);
_context.SaveChanges();
}
else
{
DboCredentialAlternate dbCrAl = _context.DboCredentialAlternate.SingleOrDefault(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last()));
dbCrAl.DtInactivated = DateTime.Now;
_context.DboCredentialAlternate.Update(dbCrAl);
_context.SaveChanges();
}
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "d" }));
}
else
{
ViewData["ErrorMessage"] = "Seems there is an error";
return(View());
}
}
else
{
//This method will hit when we user wants to add any external account
string redirectUrl = Url.Action("ExternalLoginCallback", "Credentials", new { ReturnUrl = returnUrl });
var properties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
return(Challenge(properties, provider));
}
// Request a redirect to the external login provider.
}
public void CreateNewInactiveUserCredential(RegisterviewModel model)
{
DboCredential obj = new DboCredential();
obj.Vchr32Name = model.UserName;
obj.Nvch128Caption = model.UserName;
obj.Bin64PasswordHash = System.Text.Encoding.Unicode.GetBytes(model.Password);
obj.BEnabled = false;
obj.DtCreated = DateTime.Now;
obj.Vchr256CreatedContext = "Creating new Credential Record for Active Directory user";
obj.BintCreatorCredentialId = 1;
obj.BintCreatorSpoofOfCredentialId = null;
obj.DtModified = DateTime.Now;
obj.Vchr256ModifiedContext = string.Empty;
obj.BintModifierCredentialId = 1;
obj.BintModifierSpoofOfCredentialId = null;
obj.BSmokeTest = false;
obj.BIsGroup = false;
_context.DboCredential.Add(obj);
_context.SaveChanges();
}
public IActionResult VerifyEmail(RegisterviewModel model, string token)
{
DboEmailVerification dbEmv = _context.DboEmailVerification.SingleOrDefault(m => m.Vchr250Token == token && m.BEnabled == true);
if (dbEmv != null)
{
string username = model.UserName;
byte[] password = System.Text.Encoding.Unicode.GetBytes(model.Password);
string domainName = Utility.GetUserNameFromEmail(dbEmv.Nvch128Email, true);
TempData["UserName"] = username;
LoginViewModel mode1 = new LoginViewModel {
Email = dbEmv.Nvch128Email
};
DboCredentialOrganizationInfo user = _context.DboCredentialOrganizationInfo.SingleOrDefault(m => m.Vchr128EMailDomain == domainName && m.BAllowEmailAssociation == true && m.BAllowSelfRegistration == true);
//validate whether user record exists
DboCredential dbCr = _context.DboCredential.SingleOrDefault(m => m.Vchr32Name == model.UserName && m.Bin64PasswordHash == password && m.BEnabled == false);
if (dbCr != null)
{
//step 6 creating user records.
new BusinessLayer(_context).CreateNormalUserCredential(username, user.BintCredentialId);
TempData["UserName"] = username;
SetSessionUserName(username);
dbEmv.BEnabled = false;
_context.DboEmailVerification.Update(dbEmv);
_context.SaveChanges();
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { debug = "" }));
}
else
{
ViewData["ErroMessage"] = "User doenst not exists";
return(View());
}
}
else
{
//step 10 Access Denied.
return(RedirectToAction(nameof(AccountController.AccessDenied), "Account", new { debug = "" }));
}
}
/// <summary>
///
/// </summary>
/// <returns></returns>
//step 1 user hits the site
public IActionResult Index()
{
//step 11 check whether user using self registration link.
if (HttpContext.Request.Query["token"].ToString() != string.Empty)
{
string token = HttpContext.Request.Query["token"].ToString();
//step 13
return(RedirectToAction("VerifyEmail", "Account", new { token = token }));
//return this.VerifyEmail(email);
}
else
{
//step 2 checking user is in our network.
string logusr = User.Identity.Name;
//string logusr = User.Identity.Name;
WindowsIdentity loggedInUser = HttpContext.User.Identity as WindowsIdentity;
//if (loggedInUser?.User?.AccountDomainSid?.Value == "S-1-5-21-2610387755-854405893-26240035430")
//string sid = _context.DboSystemConfiguration.SingleOrDefault(m => m.IId == 50).v;
if (loggedInUser?.User?.AccountDomainSid?.Value == "S-1-5-21-2610387755-854405893-26240035430")
{
// DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == GetLoggedInUser(loggedInUser));
string[] winLoginNameTrim = loggedInUser.Name.Split('\\');
string winLoginName = winLoginNameTrim.Last();
TempData["UserName"] = winLoginName;
SetSessionUserName(winLoginName);
//step 3 checking in CredentialAlternate table
DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == loggedInUser.Name);
if (userCred != null)
{
// step 4 Checking in credential table
DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == userCred.BintPrimaryCredentialId && m.BEnabled == true);
if (userObject != null)
{
//stpe 5 sign on
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
}
//step 6 creating records for the user.
new BusinessLayer(_context).CreateWindowsUserCredential(winLoginName, loggedInUser.Name);
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
else
{
//getting IP address and checking against CredentialOrganizationInfo table
string remoteIpAddress = HttpContext.Features.Get <IHttpConnectionFeature>()?.RemoteIpAddress.ToString();
//step 26 checking IP address in COI.
DboCredentialOrganizationInfo creOrg = _context.DboCredentialOrganizationInfo.SingleOrDefault(m => m.Vchr40Ip == remoteIpAddress && m.BAllowIpsignon == true);
if (creOrg != null)
{
//step 11 Checking in Credential table
DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == creOrg.BintCredentialId && m.BEnabled == true);
if (userObject != null)
{
//step 16 sign on as org
TempData["UserName"] = userObject.Vchr32Name;
HttpContext.Session.SetString("lUserName", userObject.Vchr32Name);
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
else
{
//setp 10 Access Denied
return(RedirectToAction(nameof(AccountController.AccessDenied), "Account", new { debug = "" }));
//return RedirectToAction(nameof(HomeController.Error), "Home", new { debug = "" });
}
}
else
{
//step 17 login page
return(RedirectToAction(nameof(AccountController.Login), "Account", new { debug = "" }));
}
}
}
}
//Active directory users login
public IActionResult Login(Models.LoginViewModel userr, string ReturnUrl)
{
//Authenticating using Active Directory
using (var cn = new LdapConnection())
{
// connect
// cn.Connect("<<hostname>>", 389);
// bind with an username and password
// this how you can verify the password of an user
// string Username = WindowsIdentity.GetCurrent().Name.ToString();
//var CurLoggedUser = User.Identity.IsAuthenticated;
// string domain = System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainNamel;
if (userr.Email.Contains("\\"))
{
string[] winLoginNameTrim = userr.Email.Split('\\');
string winLoginName = winLoginNameTrim.Last();
string domainName = winLoginNameTrim.First();
DboCredentialOrganizationInfo dbCrOrgInfo = _context.DboCredentialOrganizationInfo.FirstOrDefault(m => m.Vchr8Ldapdomain == (domainName) && m.BAllowLdapauthentication == true);
if (dbCrOrgInfo != null)
{
cn.SecureSocketLayer = true;
// cn.Connect("hqmsdcw01.pomeroy.msft", 636);
cn.Connect(dbCrOrgInfo.Vchr64LdaphostName, dbCrOrgInfo.ILdapportNumber.Value);
try
{
cn.Bind(userr.Email, userr.Password);
//step 18 checking in Credential Alternate Table
DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == userr.Email);
if (userCred != null)
{
TempData["UserName"] = winLoginName;
SetSessionUserName(winLoginName);
//step 19 checking in Credential table
DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == userCred.BintPrimaryCredentialId && m.BEnabled == true);
if (userObject != null)
{
//step 5 sign on as user
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
}
new BusinessLayer(_context).CreateActiveDirectoryUserCredential(userr);
//step 5 sign on user
return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" }));
}
catch (Exception e)
{
//step 18
int isUseExists = new BusinessLayer(_context).ValidateUser(Utility.GetUserNameFromEmail(userr.Email), userr.Password);
if (isUseExists > 0)
{
//step 5 sign on as system10 user
TempData["UserName"] = userr.Email;
SetSessionUserName(userr.Email);
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" }));
}
ViewData["ErrorMessage"] = "Please provide valid user name and password";
}
}
else
{
ViewData["ErrorMessage"] = "No domain exists";
}
}
else
{
int isUseExists = new BusinessLayer(_context).ValidateUser(Utility.GetUserNameFromEmail(userr.Email), userr.Password);
if (isUseExists > 0)
{
TempData["UserName"] = userr.Email;
SetSessionUserName(userr.Email);
return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" }));
}
ViewData["ErrorMessage"] = "Please provide valid user name and password";
}
}
return(View());
}
