Beispiel #1
0
        private ActionResult GoToDashboard(long userId, string returnUrl = "")
        {
            var loggedInUser = _userRepository.GetUser(userId);

            _sessionContext.UserSession = _loginService.GetUserSessionModel(userId);

            int lastPasswordChangeDays = 0;

            Int32.TryParse(_configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.PasswordExpirationDays), out lastPasswordChangeDays);

            if (!loggedInUser.UserLogin.UserVerified) //!loggedInUser.UserLogin.IsSecurityQuestionVerified || -- removed as nothing is happening for this case
            {
                Response.RedirectUser("/App/FirstTimeLoginStep.aspx?FirstTimeLogin=Y&returnUrl=" + returnUrl);
                return(null);
            }
            if (_loginRepository.IsPasswordExpired(loggedInUser.UserLogin.UserName, lastPasswordChangeDays))
            {
                Response.RedirectUser("/App/FirstTimeLoginStep.aspx?FirstTimeLogin=Y&PwdExpire=Y&returnUrl=" + returnUrl);
                return(null);
            }

            int daysBeforAlert = 0;

            Int32.TryParse(_configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AlertBeforePasswordExpirationInDays), out daysBeforAlert);
            var passwordExpireInDays = _loginRepository.PasswordWillExpiredInDays(loggedInUser.UserLogin.UserName, lastPasswordChangeDays);

            if (passwordExpireInDays <= daysBeforAlert)
            {
                if (!string.IsNullOrEmpty(returnUrl))
                {
                    return(RedirectToAction("PasswordExpiration", new
                    {
                        passwordExpireInDays = passwordExpireInDays <= 0 ? 0 : passwordExpireInDays,
                        returnUrl = returnUrl //do not remove variable name
                    }));
                }

                return(RedirectToAction("PasswordExpiration", new
                {
                    passwordExpireInDays = passwordExpireInDays <= 0 ? 0 : passwordExpireInDays
                }));
            }


            _loginOtpService.ResetOtp(loggedInUser.Id);

            _sessionContext.LastLoggedInTime = loggedInUser.UserLogin.LastLogged.ToString();
            _loginRepository.UpdateLoginStatus(_sessionContext.UserSession.UserId, true);

            var browserName = Request.Browser.Browser + " " + Request.Browser.Version;
            var sessionId   = Session.SessionID;

            sessionId = RegenrateSessionId();

            var loginLog = _loginService.SaveLoginInfo(loggedInUser.Id, loggedInUser.UserLogin.UserName, sessionId, browserName, Request.UserHostAddress, Request.UrlReferrer);

            _sessionContext.UserSession.UserLoginLogId = loginLog.Id;

            if ((_sessionContext.UserSession.CurrentOrganizationRole.GetSystemRoleId == (long)Roles.CallCenterRep || _sessionContext.UserSession.CurrentOrganizationRole.GetSystemRoleId == (long)Roles.NursePractitioner) && !string.IsNullOrEmpty(returnUrl))
            {
                Response.RedirectUser(returnUrl);
            }
            else
            {
                Response.RedirectUser("/Users/Role/Switch?roleId=" + _sessionContext.UserSession.CurrentOrganizationRole.RoleId + "&organizationId=" + _sessionContext.UserSession.CurrentOrganizationRole.OrganizationId);
            }
            return(null);
        }