public bool SentLink(STUser stUser)
{
string msg = null;
try
{
CUser clUser = new CUser(stUser.userid, LocalData.CSDbUsers(), LocalData.LogPath());
string key = GenerateKey();
int ret = clUser.SetKeyFPS(stUser.userid, key, out msg);
if (ret != 0)
{
return(false);
}
CMail clMail = new CMail(stUser.userid, LocalData.CSDbUsers(), LocalData.LogPath());
STMail maildata = new STMail();
maildata.to = stUser.email;
maildata.linkkey = key;
maildata.tamplate = "MailToUserChangePassword.txt";
maildata.fleetpwd = null;
maildata.pan = null;
maildata.dtcreate = DateTime.Now.ToString("yyyyMMddHHmmss");
maildata.dtmistsent = null;
clMail.Insert(maildata, out msg);
SMTPNotice smtp = new SMTPNotice(LocalData.SmtpHost(), LocalData.SmtpPort(), LocalData.SmtpUseSSL(),
LocalData.SmtpUserName(), LocalData.SmtpPassword(), LocalData.SmtpFrom(), LocalData.CSDbUsers(),
LocalData.LogPath(), LocalData.GetTemplatePath(), LocalData.Images());
smtp.SendNotice(out msg);
}
catch (Exception ex) { msg = ex.Message; return(false); }
return(true);
}
public async Task <ActionResult> Register(StudentRegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new STUser {
UserName = model.Email, Email = model.Email, RoleName = model.RoleName
};
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
result = await UserManager.AddToRoleAsync(user.Id, model.RoleName);
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
// For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
// string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
// var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
// await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
return(RedirectToAction("StudentHome", "StudentHome", new { area = "StudentArea" }));
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public bool FPS(ActivateModel model)
{
if (string.IsNullOrEmpty(model.Key))
{
return(false);
}
string msg;
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
STUser dbuser = new STUser();
int ret = clUser.GetRecordByUserKey(model.Key, out dbuser, out msg);
if (ret != 0)
{
return(false);
}
else
{
string salt = CreateSalt();
string password = CreatePasswordHash(model.NewPassword, salt);
if (clUser.FPS(dbuser.userid, password, salt, out msg) != 0)
{
return(false);
}
}
return(true);
}
public ActionResult Filter()
{
if (Request.IsAuthenticated)
{
STUserVP param;
if (Session["USERPARAM"] != null)
{
param = (STUserVP)Session["USERPARAM"];
}
else
{
param = new STUserVP();
}
UserModelsViewParam prm = UserModelsRepository.Instance.SetParam(param);
STUser user = UserModelsRepository.Instance.GetLocalUser();
if (user.permission == 0)
{
ViewData["PM"] = "0";
}
return(View(prm));
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
public UserModels GetUserByLogin(string login)
{
UserModels ret = new UserModels();
STUser data = new STUser();
string msg;
CCondition clCondition = new CCondition();
CPermission clPermission = new CPermission();
try
{
CUser clUser =
new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
int retvalue = clUser.GetRecordByUserLogin(login, out data, out msg);
ret = new UserModels();
ret.UserId = data.userid;
ret.UserName = data.username;
ret.Login = data.login;
ret.Comments = data.comments;
ret.Condition = clCondition.GetName(data.condition);
ret.Permission = clPermission.GetName(data.permission);
// ret.Password = data.password;
// ret.ConfirmPassword = ret.Password;
ret.Email = data.email;
ret.OwnerUserId = data.owneruserid;
ret.OwnerUserName = data.ownerusername;
}
catch (Exception ex) { msg = ex.Message; }
return(ret);
}
//
// GET: /User/Delete/5
public ActionResult Delete(string id)
{
if (Request.IsAuthenticated)
{
UserModels UM = UserModelsRepository.Instance.GetUser(id);
STUser user = UserModelsRepository.Instance.GetLocalUser();
if (UM.OwnerUserId == user.userid)
{
switch (UM.Condition)
{
case "Deleted":
{
ViewData["MSG"] = "The user is removed";
return(View("Permission"));
}
}
return(View(UM));
}
else
{
ViewData["MSG"] = "You can't remove the user because he doesn't belong to you";
return(View("Permission"));
}
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
// public static STUserVP param;
//
// GET: /User/
public ActionResult Index()
{
if (Request.IsAuthenticated)
{
STUser user = UserModelsRepository.Instance.GetLocalUser();
if (!user.oldpass)
{
if (user.permission != 2)
{
return(RedirectToAction("List"));
}
else
{
ViewData["MSG"] = "The user with the permission \"STANDART\" can't operate the list's users";
return(View("Permission1"));
}
}
else
{
return(RedirectToAction("ChangePassword", "Account"));
}
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
public static string UserId()
{
string msg;
STUser rd = new STUser();
CUser clUser = new CUser(null, ConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString,
ConfigurationManager.AppSettings["Logpath"]);
clUser.GetRecordByUserLogin(HttpContext.Current.User.Identity.Name, out rd, out msg);
return(rd.userid);
}
public STUser GetLocalUser()
{
STUser ret = new STUser();
string msg;
CCondition clCondition = new CCondition();
CPermission clPermission = new CPermission();
try
{
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
int retvalue = clUser.GetRecordByUserId(LocalData.UserId(), out ret, out msg);
}
catch (Exception ex) { msg = ex.Message; }
return(ret);
}
//
// GET: /User/Create
public ActionResult Create()
{
if (Request.IsAuthenticated)
{
STUser user = UserModelsRepository.Instance.GetLocalUser();
if (user.permission == 0)
{
ViewData["PM"] = "0";
}
return(View(new UserModels()));
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
/*public bool ValidateUser(string login, string password)
* {
* string msg;
* CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
* STUser dbuser = new STUser();
*
* int ret = clUser.GetRecordByUserLogin(login, out dbuser, out msg);
*
* if (ret != 0) return false;
* else
* {
* if (dbuser.password == CreatePasswordHash(password, dbuser.passwordsalt) && dbuser.isactivated == true)
* {
* clUser.Lock(dbuser.userid, 0, null, null, out msg);
* // скинем количество неверных попыток и доту временной блокировки и дату ввода не верной попытки
* return true;
* }
* else
* {
*
* // необходимо проверить дату последней ошибочной попытки
* // если она+30 минут меньше текущей количество попыток устанавливаем 1 и записываем дату
* // если нет считаем попытку
* // если это не 3 пишем дату последней попытки и увеличиваем попытку
* // иначе скидываем дату и попытку и вносим дату блокировки
* if (dbuser.lastmisstime != null && dbuser.lastmisstime <= DateTime.Now.AddMinutes(-30))
* {
* clUser.Lock(dbuser.userid, 1, DateTime.Now, null, out msg);
* }
* else
* {
* if (dbuser.cntmisstry < 2)
* clUser.Lock(dbuser.userid, dbuser.cntmisstry + 1, DateTime.Now, null, out msg);
* else clUser.Lock(dbuser.userid, 0, null, DateTime.Now.AddMinutes(30), out msg);
* }
* return false;
* }
* }
* }*/
public bool ValidateLogOnPassword(STUser dbuser, string password, out string msg)
{
msg = null;
bool ret = true;
try
{
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
if (dbuser.password == CreatePasswordHash(password, dbuser.passwordsalt) && dbuser.isactivated == true)
{
clUser.Lock(dbuser.userid, 0, null, null, out msg);
// скинем количество неверных попыток и доту временной блокировки и дату ввода не верной попытки
return(true);
}
else
{
// необходимо проверить дату последней ошибочной попытки
// если она+30 минут меньше текущей количество попыток устанавливаем 1 и записываем дату
// если нет считаем попытку
// если это не 3 пишем дату последней попытки и увеличиваем попытку
// иначе скидываем дату и попытку и вносим дату блокировки
if (dbuser.lastmisstime != null && dbuser.lastmisstime <= DateTime.Now.AddMinutes(-30))
{
clUser.Lock(dbuser.userid, 1, DateTime.Now, null, out msg);
}
else
{
if (dbuser.cntmisstry < 2)
{
clUser.Lock(dbuser.userid, dbuser.cntmisstry + 1, DateTime.Now, null, out msg);
}
else
{
clUser.Lock(dbuser.userid, 0, null, DateTime.Now.AddMinutes(30), out msg);
}
}
return(false);
}
}
catch (Exception ex) { msg = ex.Message; ret = false; }
return(ret);
}
public int UpdateUser(UserModels model, out string msg)
{
int ret = 0;
msg = null;
STUser data = new STUser();
CCondition clCondition = new CCondition();
CPermission clPermission = new CPermission();
try
{
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
data.comments = model.Comments;
data.condition = clCondition.GetId(model.Condition);
data.email = model.Email;
data.login = model.Login;
data.modifieddate = DateTime.Now;
data.passwordsalt = CreateSalt();
// data.password = CreatePasswordHash(model.Password, data.passwordsalt);
data.permission = clPermission.GetId(model.Permission);
data.username = model.UserName;
string[] arr = new[] { "'", "\"", "--" };
if (CheckerField.CheckField(arr, data.comments, data.email, data.login, data.username))
{
msg = "One or more fields contain invalid characters.";
return(2);
}
ret = clUser.Update(model.UserId, data, out msg);
if (ret == 0)
{
CAction clAction = new CAction(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
clAction.AddAction(ActionType.EditUser, string.Format("Edit user {0}, {1}", data.username,
data.login), out msg);
}
}
catch (Exception ex) { msg = ex.Message; ret = -1; }
return(ret);
}
// смена пароля в БД
public bool ChangePassword(string login, string oldPassword, string newPassword)
{
STUser data = new STUser();
string msg;
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
// находим юзера в БД по логину
int ret = clUser.GetRecordByUserLogin(login, out data, out msg);
if (ret != 0)
{
return(false);
}
// соль
string passwordsalt = CreateSalt();
// кодируем пароль
string password = CreatePasswordHash(newPassword, passwordsalt);
// дата действия пароля 6 месяцев
DateTime passvaliddate = DateTime.Now.AddMonths(6);;
// делаем изменения в БД
int retvalue = clUser.UpdatePassword(data.userid, password, passwordsalt, passvaliddate, out msg);
if (retvalue != 0)
{
return(false);
}
// добавляем пароль в кэш паорелей в БД
STPassCache pc = new STPassCache();
pc.password = password;
pc.passwordsalt = passwordsalt;
clUser.AddPassToPassCache(login, pc, out msg);
return(true);
}
/* public string GetUserNameByEmail(string email)
* {
* string ret = null;
*
* STUser stUser = new STUser();
* string msg = null;
* CUser clUser =
* new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
* int retvalue = clUser.GetRecordByUserEmail(email, out stUser, out msg);
*
* return stUser.userid;
* }*/
public MembershipUser GetUser(string username)
{
STUser data = new STUser();
string msg;
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
int retvalue = clUser.GetRecordByUserLogin(username, out data, out msg);
string _username = data.login;
int _providerUserKey = 0;
string _email = data.email;
string _passwordQuestion = "";
string _comment = data.comments;
bool _isApproved = data.isactivated;
bool _isLockedOut = false;
DateTime _creationDate = data.creationdate;
DateTime _lastLoginDate = data.modifieddate;
DateTime _lastActivityDate = DateTime.Now;
DateTime _lastPasswordChangedDate = DateTime.Now;
DateTime _lastLockedOutDate = DateTime.Now;
MembershipUser user = new MembershipUser("LocalMembershipProvider",
_username,
_providerUserKey,
_email,
_passwordQuestion,
_comment,
_isApproved,
_isLockedOut,
_creationDate,
_lastLoginDate,
_lastActivityDate,
_lastPasswordChangedDate,
_lastLockedOutDate);
return(user);
}
public int AddUser(UserModels model, out string msg)
{
int ret = 0;
STUser data = new STUser();
msg = null;
CCondition clCondition = new CCondition();
CPermission clPermission = new CPermission();
try
{
CUser clUser =
new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
ret = clUser.GetRecordByUserLogin(model.Login, out data, out msg);
if (ret != 0)
{
return(ret);
}
else
{
if (data.login != null)
{
msg = "The login already exists in the database for the application.";
return(1);
}
}
data.comments = model.Comments;
data.activateddate = null;
data.condition = 0;
data.creationdate = DateTime.Now;
data.email = model.Email;
data.isactivated = false;
data.login = model.Login;
data.modifieddate = data.creationdate;
data.owneruserid = LocalData.UserId();
// data.passwordsalt = CreateSalt();
// data.password = CreatePasswordHash(model.Password, data.passwordsalt);
data.permission = clPermission.GetId(model.Permission);
data.username = model.UserName;
data.passvaliddate = DateTime.Now.AddDays(-1);
data.newemailkey = GenerateKey();
string[] arr = new[] { "'", "\"", "--" };
if (CheckerField.CheckField(arr, data.comments, data.email, data.login, data.username))
{
msg = "One or more fields contain invalid characters.";
return(2);
}
ret = clUser.Insert(data, out msg);
if (ret == 0)
{
CAction clAction = new CAction(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
clAction.AddAction(ActionType.AddUser, string.Format("Add user {0}, {1}", data.username,
data.login), out msg);
CMail clMail = new CMail(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
STMail maildata = new STMail();
maildata.to = data.email;
maildata.tamplate = "MailToUserActivateAccount.txt";
maildata.linkkey = data.newemailkey;
maildata.fleetpwd = null;
maildata.pan = null;
maildata.dtcreate = DateTime.Now.ToString("yyyyMMddHHmmss");
maildata.dtmistsent = null;
maildata.login = data.login;
clMail.Insert(maildata, out msg);
SMTPNotice smtp = new SMTPNotice(LocalData.SmtpHost(), LocalData.SmtpPort(), LocalData.SmtpUseSSL(),
LocalData.SmtpUserName(), LocalData.SmtpPassword(), LocalData.SmtpFrom(), LocalData.CSDbUsers(),
LocalData.LogPath(), LocalData.GetTemplatePath(), LocalData.Images());
smtp.SendNotice(out msg);
}
}
catch (Exception ex) { msg = ex.Message; ret = -1; }
return(ret);
}
