Beispiel #1
0
        public ActionResult Authenticator(OtpModel model)
        {
            ViewBag.IsOtpBySmsEnabled   = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms) == "True";
            ViewBag.IsOtpByEmailEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail) == "True";
            ViewBag.IsOtpByAppEnabled   = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator) == "True";

            model.IsAllowSafeComputerEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember) == "True";
            if (!ModelState.IsValid)
            {
                return(View(model));
            }
            var userId        = (long)Session["UserId"];
            var loginSettings = _loginSettingRepository.Get(userId);
            var isValid       = TimeBasedOneTimePassword.IsValid(loginSettings.GoogleAuthenticatorSecretKey, model.Otp, 50);

            if (!isValid)
            {
                model.IsOtpVerified   = false;
                model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP entered is wrong. Please try again.");
                return(View(model));
            }
            if (model.MarkAsSafe)
            {
                var browserName  = Request.Browser.Browser + " " + Request.Browser.Version;
                var requestingIp = Request.UserHostAddress;
                var safeComputer = new SafeComputerHistory()
                {
                    BrowserType = browserName, ComputerIp = requestingIp, DateCreated = DateTime.Now, DateModified = DateTime.Now, IsActive = true, UserLoginId = userId
                };
                _safeComputerHistoryService.Save(safeComputer);
            }

            return(GoToDashboard(userId));
        }
        public bool Save(SafeComputerHistory safeComputerHistory)
        {
            var safeComputerHistoryEntity = Mapper.Map <SafeComputerHistory, SafeComputerHistoryEntity>(safeComputerHistory);

            using (IDataAccessAdapter adapter = PersistenceLayer.GetDataAccessAdapter())
            {
                var linqMetaData = new LinqMetaData(adapter);
                var list         = (from c in linqMetaData.SafeComputerHistory where c.UserLoginId == safeComputerHistory.UserLoginId && !c.IsActive select c);
                if (list.Count() != 0)
                {
                    foreach (var computerHistoryEntity in list)
                    {
                        if (computerHistoryEntity.BrowserType == safeComputerHistory.BrowserType &&
                            computerHistoryEntity.ComputerIp == safeComputerHistory.ComputerIp)
                        {
                            safeComputerHistoryEntity              = computerHistoryEntity;
                            safeComputerHistoryEntity.IsNew        = false;
                            safeComputerHistoryEntity.DateModified = DateTime.Now;
                            break;
                        }
                    }
                }
                else
                {
                    safeComputerHistoryEntity.IsNew = true;
                }

                if (!adapter.SaveEntity(safeComputerHistoryEntity, false))
                {
                    throw new PersistenceFailureException();
                }
                return(true);
            }
        }
Beispiel #3
0
        public ActionResult Otp(OtpModel model)
        {
            ViewBag.ExpirationMinutes        = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpExpirationMinutes);
            ViewBag.AttemptCount             = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpMisMatchAttemptCount);
            model.IsAllowSafeComputerEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember) == "True";

            var userId = (long)Session["UserId"];

            model.UserId = userId;

            if (!ModelState.IsValid)
            {
                return(View(model));
            }

            bool isOtpExpired;
            bool isAttemptExpired;
            var  isOtpVerified = _loginOtpService.VerifyOtp(model.Otp, userId, out isOtpExpired, out isAttemptExpired);

            if (isAttemptExpired)
            {
                _loginRepository.AssignUserLoginLock(userId);
                model.IsOtpVerified   = false;
                model.IsAccountLocked = true;
                model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("Your account has been locked, due to too many attempts. Please contact " +
                                                                                  _settings.SupportEmail + " OR call us at " + _settings.PhoneTollFree);
                return(View(model));
            }
            if (isOtpExpired)
            {
                model.IsOtpVerified   = false;
                model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP is expired. Please use resend link to generate a new OTP.");
                return(View(model));
            }
            if (!isOtpVerified)
            {
                model.IsOtpVerified   = false;
                model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP entered is wrong. Please try again.");
                return(View(model));
            }
            if (model.MarkAsSafe)
            {
                var browserName  = Request.Browser.Browser + " " + Request.Browser.Version;
                var requestingIp = Request.UserHostAddress;
                var safeComputer = new SafeComputerHistory()
                {
                    BrowserType = browserName, ComputerIp = requestingIp, DateCreated = DateTime.Now, DateModified = DateTime.Now, IsActive = true, UserLoginId = userId
                };
                _safeComputerHistoryService.Save(safeComputer);
            }
            return(GoToDashboard(userId));
        }
        public bool IsSafe(SafeComputerHistory safeComputer)
        {
            var list = _safeComputerHistoryRepository.Get(safeComputer.UserLoginId);

            if (list == null)
            {
                return(false);
            }

            foreach (var safeComputerHistory in list)
            {
                if (safeComputerHistory.IsActive && safeComputerHistory.BrowserType == safeComputer.BrowserType && safeComputerHistory.ComputerIp == safeComputer.ComputerIp && safeComputerHistory.DateModified.AddDays(_safeDeviceExpiryDays) > DateTime.Today.Date)
                {
                    return(true);
                }
            }
            return(false);
        }
 public bool Save(SafeComputerHistory safeComputer)
 {
     return(_safeComputerHistoryRepository.Save(safeComputer));
 }
Beispiel #6
0
        public ActionResult Index(UserLoginModel userLoginModel, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return(View(userLoginModel));
            }

            bool isValid = _loginRepository.ValidateUser(userLoginModel.UserName, userLoginModel.Password);

            if (isValid)
            {
                try
                {
                    var userLogin = _loginRepository.GetByUserName(userLoginModel.UserName);
                    var user      = _userRepository.GetUser(userLogin.Id);
                    var orgRoles  = _organizationRoleUserRepository.GetOrganizationRoleUserCollectionforaUser(user.Id);
                    if (orgRoles.Any(oru => oru.RoleId == (long)Roles.Customer) && user.DefaultRole == Roles.Customer)
                    {
                        var customer = _customerRepository.GetCustomerByUserId(user.Id);
                        if (!string.IsNullOrEmpty(customer.Tag))
                        {
                            var account = _corporateAccountRepository.GetByTag(customer.Tag);
                            if (account != null && !account.AllowCustomerPortalLogin)
                            {
                                userLoginModel.FeedbackMessage =
                                    FeedbackMessageModel.CreateFailureMessage("Unable to login in. Please contact " +
                                                                              _settings.SupportEmail + " OR call us at " +
                                                                              _settings.PhoneTollFree);
                                return(View(userLoginModel));
                            }
                        }
                    }

                    var userName = userLoginModel.UserName;
                    FormsAuthentication.SetAuthCookie(userName, true);
                    _sessionContext.UserSession      = _loginService.GetUserSessionModel(userName);
                    _sessionContext.LastLoggedInTime = userLogin.LastLogged.ToString();

                    if (_sessionContext.UserSession.CurrentOrganizationRole == null)
                    {
                        userLoginModel.FeedbackMessage =
                            FeedbackMessageModel.CreateFailureMessage(
                                "Your default role has been removed. Please contact your administrator.");
                        return(View(userLoginModel));
                    }

                    Role role = null;
                    var  isTwoFactorAuthrequired = true;
                    var  useOtpSms   = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms);
                    var  useOtpEmail = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail);
                    var  useOtpByGoogleAuthenticator = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator);

                    var isPinRequired = false;


                    if (useOtpSms == "True" || useOtpEmail == "True" || useOtpByGoogleAuthenticator == "True")
                    {
                        var defaultRole = orgRoles.FirstOrDefault(oru => oru.RoleId == (long)user.DefaultRole);
                        if (defaultRole != null)
                        {
                            role          = _roleRepository.GetByRoleId(defaultRole.RoleId);
                            isPinRequired = role.IsPinRequired;
                        }

                        if (userLogin.IsTwoFactorAuthrequired == null)
                        {
                            if (defaultRole != null)
                            {
                                isTwoFactorAuthrequired = role.IsTwoFactorAuthrequired;
                            }
                        }
                        else
                        {
                            isTwoFactorAuthrequired = userLogin.IsTwoFactorAuthrequired.Value;
                        }
                    }
                    else
                    {
                        isTwoFactorAuthrequired = false;
                    }

                    if (isTwoFactorAuthrequired || isPinRequired)
                    {
                        var loginSettings = _loginSettingRepository.Get(_sessionContext.UserSession.UserId);

                        if (loginSettings == null || loginSettings.IsFirstLogin)
                        {
                            TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired;
                            return(RedirectToAction("Setup"));
                        }
                        else if (isPinRequired && loginSettings.DownloadFilePin == "")
                        {
                            TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired;
                            TempData["setPinOnly"] = true;
                            return(RedirectToAction("Setup"));
                        }

                        if (isTwoFactorAuthrequired)
                        {
                            var isSafe        = false;
                            var isSafeAllowed = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember);

                            if (isSafeAllowed == "True")
                            {
                                var browserName  = Request.Browser.Browser + " " + Request.Browser.Version;
                                var requestingIp = Request.UserHostAddress;
                                var safeComputer = new SafeComputerHistory()
                                {
                                    BrowserType = browserName,
                                    ComputerIp  = requestingIp,
                                    DateCreated = DateTime.Now,
                                    IsActive    = true,
                                    UserLoginId = user.Id
                                };
                                isSafe = _safeComputerHistoryService.IsSafe(safeComputer);
                            }

                            if (!isSafe)
                            {
                                if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Sms)
                                {
                                    if (useOtpSms == "True")
                                    {
                                        return(RedirectToAction("Otp"));
                                    }
                                    TempData["IsTwoFactorAuthrequired"] = true;
                                    TempData["IsOnGlobalSettingChange"] = true;
                                    return(RedirectToAction("Setup"));
                                }
                                if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Email)
                                {
                                    if (useOtpEmail == "True")
                                    {
                                        return(RedirectToAction("Otp"));
                                    }
                                    TempData["IsTwoFactorAuthrequired"] = true;
                                    TempData["IsOnGlobalSettingChange"] = true;
                                    return(RedirectToAction("Setup"));
                                }
                                if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.BothSmsEmail)
                                {
                                    if (useOtpSms == "True" || useOtpEmail == "True")
                                    {
                                        return(RedirectToAction("Otp"));
                                    }
                                    TempData["IsTwoFactorAuthrequired"] = true;
                                    TempData["IsOnGlobalSettingChange"] = true;
                                    return(RedirectToAction("Setup"));
                                }
                                if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.AuthenticatorApp)
                                {
                                    return(RedirectToAction("Authenticator"));
                                }
                            }
                        }
                    }


                    return(GoToDashboard(_sessionContext.UserSession.UserId, returnUrl));
                }
                catch (Exception ex)
                {
                    _logger.Error("Error: Message: " + ex.Message + "\n Stack trace:" + ex.StackTrace);
                    userLoginModel.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("System Error: Unable to login in. Please contact support.");
                    return(View(userLoginModel));
                }
            }

            //not logged in.
            return(View(GetLoginFailureMessage(userLoginModel)));
        }