public ActionResult Authenticator(OtpModel model)
{
ViewBag.IsOtpBySmsEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms) == "True";
ViewBag.IsOtpByEmailEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail) == "True";
ViewBag.IsOtpByAppEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator) == "True";
model.IsAllowSafeComputerEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember) == "True";
if (!ModelState.IsValid)
{
return(View(model));
}
var userId = (long)Session["UserId"];
var loginSettings = _loginSettingRepository.Get(userId);
var isValid = TimeBasedOneTimePassword.IsValid(loginSettings.GoogleAuthenticatorSecretKey, model.Otp, 50);
if (!isValid)
{
model.IsOtpVerified = false;
model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP entered is wrong. Please try again.");
return(View(model));
}
if (model.MarkAsSafe)
{
var browserName = Request.Browser.Browser + " " + Request.Browser.Version;
var requestingIp = Request.UserHostAddress;
var safeComputer = new SafeComputerHistory()
{
BrowserType = browserName, ComputerIp = requestingIp, DateCreated = DateTime.Now, DateModified = DateTime.Now, IsActive = true, UserLoginId = userId
};
_safeComputerHistoryService.Save(safeComputer);
}
return(GoToDashboard(userId));
}
public bool Save(SafeComputerHistory safeComputerHistory)
{
var safeComputerHistoryEntity = Mapper.Map <SafeComputerHistory, SafeComputerHistoryEntity>(safeComputerHistory);
using (IDataAccessAdapter adapter = PersistenceLayer.GetDataAccessAdapter())
{
var linqMetaData = new LinqMetaData(adapter);
var list = (from c in linqMetaData.SafeComputerHistory where c.UserLoginId == safeComputerHistory.UserLoginId && !c.IsActive select c);
if (list.Count() != 0)
{
foreach (var computerHistoryEntity in list)
{
if (computerHistoryEntity.BrowserType == safeComputerHistory.BrowserType &&
computerHistoryEntity.ComputerIp == safeComputerHistory.ComputerIp)
{
safeComputerHistoryEntity = computerHistoryEntity;
safeComputerHistoryEntity.IsNew = false;
safeComputerHistoryEntity.DateModified = DateTime.Now;
break;
}
}
}
else
{
safeComputerHistoryEntity.IsNew = true;
}
if (!adapter.SaveEntity(safeComputerHistoryEntity, false))
{
throw new PersistenceFailureException();
}
return(true);
}
}
public ActionResult Otp(OtpModel model)
{
ViewBag.ExpirationMinutes = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpExpirationMinutes);
ViewBag.AttemptCount = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpMisMatchAttemptCount);
model.IsAllowSafeComputerEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember) == "True";
var userId = (long)Session["UserId"];
model.UserId = userId;
if (!ModelState.IsValid)
{
return(View(model));
}
bool isOtpExpired;
bool isAttemptExpired;
var isOtpVerified = _loginOtpService.VerifyOtp(model.Otp, userId, out isOtpExpired, out isAttemptExpired);
if (isAttemptExpired)
{
_loginRepository.AssignUserLoginLock(userId);
model.IsOtpVerified = false;
model.IsAccountLocked = true;
model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("Your account has been locked, due to too many attempts. Please contact " +
_settings.SupportEmail + " OR call us at " + _settings.PhoneTollFree);
return(View(model));
}
if (isOtpExpired)
{
model.IsOtpVerified = false;
model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP is expired. Please use resend link to generate a new OTP.");
return(View(model));
}
if (!isOtpVerified)
{
model.IsOtpVerified = false;
model.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("The OTP entered is wrong. Please try again.");
return(View(model));
}
if (model.MarkAsSafe)
{
var browserName = Request.Browser.Browser + " " + Request.Browser.Version;
var requestingIp = Request.UserHostAddress;
var safeComputer = new SafeComputerHistory()
{
BrowserType = browserName, ComputerIp = requestingIp, DateCreated = DateTime.Now, DateModified = DateTime.Now, IsActive = true, UserLoginId = userId
};
_safeComputerHistoryService.Save(safeComputer);
}
return(GoToDashboard(userId));
}
public bool IsSafe(SafeComputerHistory safeComputer)
{
var list = _safeComputerHistoryRepository.Get(safeComputer.UserLoginId);
if (list == null)
{
return(false);
}
foreach (var safeComputerHistory in list)
{
if (safeComputerHistory.IsActive && safeComputerHistory.BrowserType == safeComputer.BrowserType && safeComputerHistory.ComputerIp == safeComputer.ComputerIp && safeComputerHistory.DateModified.AddDays(_safeDeviceExpiryDays) > DateTime.Today.Date)
{
return(true);
}
}
return(false);
}
public bool Save(SafeComputerHistory safeComputer)
{
return(_safeComputerHistoryRepository.Save(safeComputer));
}
public ActionResult Index(UserLoginModel userLoginModel, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(userLoginModel));
}
bool isValid = _loginRepository.ValidateUser(userLoginModel.UserName, userLoginModel.Password);
if (isValid)
{
try
{
var userLogin = _loginRepository.GetByUserName(userLoginModel.UserName);
var user = _userRepository.GetUser(userLogin.Id);
var orgRoles = _organizationRoleUserRepository.GetOrganizationRoleUserCollectionforaUser(user.Id);
if (orgRoles.Any(oru => oru.RoleId == (long)Roles.Customer) && user.DefaultRole == Roles.Customer)
{
var customer = _customerRepository.GetCustomerByUserId(user.Id);
if (!string.IsNullOrEmpty(customer.Tag))
{
var account = _corporateAccountRepository.GetByTag(customer.Tag);
if (account != null && !account.AllowCustomerPortalLogin)
{
userLoginModel.FeedbackMessage =
FeedbackMessageModel.CreateFailureMessage("Unable to login in. Please contact " +
_settings.SupportEmail + " OR call us at " +
_settings.PhoneTollFree);
return(View(userLoginModel));
}
}
}
var userName = userLoginModel.UserName;
FormsAuthentication.SetAuthCookie(userName, true);
_sessionContext.UserSession = _loginService.GetUserSessionModel(userName);
_sessionContext.LastLoggedInTime = userLogin.LastLogged.ToString();
if (_sessionContext.UserSession.CurrentOrganizationRole == null)
{
userLoginModel.FeedbackMessage =
FeedbackMessageModel.CreateFailureMessage(
"Your default role has been removed. Please contact your administrator.");
return(View(userLoginModel));
}
Role role = null;
var isTwoFactorAuthrequired = true;
var useOtpSms = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms);
var useOtpEmail = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail);
var useOtpByGoogleAuthenticator = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator);
var isPinRequired = false;
if (useOtpSms == "True" || useOtpEmail == "True" || useOtpByGoogleAuthenticator == "True")
{
var defaultRole = orgRoles.FirstOrDefault(oru => oru.RoleId == (long)user.DefaultRole);
if (defaultRole != null)
{
role = _roleRepository.GetByRoleId(defaultRole.RoleId);
isPinRequired = role.IsPinRequired;
}
if (userLogin.IsTwoFactorAuthrequired == null)
{
if (defaultRole != null)
{
isTwoFactorAuthrequired = role.IsTwoFactorAuthrequired;
}
}
else
{
isTwoFactorAuthrequired = userLogin.IsTwoFactorAuthrequired.Value;
}
}
else
{
isTwoFactorAuthrequired = false;
}
if (isTwoFactorAuthrequired || isPinRequired)
{
var loginSettings = _loginSettingRepository.Get(_sessionContext.UserSession.UserId);
if (loginSettings == null || loginSettings.IsFirstLogin)
{
TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired;
return(RedirectToAction("Setup"));
}
else if (isPinRequired && loginSettings.DownloadFilePin == "")
{
TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired;
TempData["setPinOnly"] = true;
return(RedirectToAction("Setup"));
}
if (isTwoFactorAuthrequired)
{
var isSafe = false;
var isSafeAllowed = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember);
if (isSafeAllowed == "True")
{
var browserName = Request.Browser.Browser + " " + Request.Browser.Version;
var requestingIp = Request.UserHostAddress;
var safeComputer = new SafeComputerHistory()
{
BrowserType = browserName,
ComputerIp = requestingIp,
DateCreated = DateTime.Now,
IsActive = true,
UserLoginId = user.Id
};
isSafe = _safeComputerHistoryService.IsSafe(safeComputer);
}
if (!isSafe)
{
if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Sms)
{
if (useOtpSms == "True")
{
return(RedirectToAction("Otp"));
}
TempData["IsTwoFactorAuthrequired"] = true;
TempData["IsOnGlobalSettingChange"] = true;
return(RedirectToAction("Setup"));
}
if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Email)
{
if (useOtpEmail == "True")
{
return(RedirectToAction("Otp"));
}
TempData["IsTwoFactorAuthrequired"] = true;
TempData["IsOnGlobalSettingChange"] = true;
return(RedirectToAction("Setup"));
}
if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.BothSmsEmail)
{
if (useOtpSms == "True" || useOtpEmail == "True")
{
return(RedirectToAction("Otp"));
}
TempData["IsTwoFactorAuthrequired"] = true;
TempData["IsOnGlobalSettingChange"] = true;
return(RedirectToAction("Setup"));
}
if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.AuthenticatorApp)
{
return(RedirectToAction("Authenticator"));
}
}
}
}
return(GoToDashboard(_sessionContext.UserSession.UserId, returnUrl));
}
catch (Exception ex)
{
_logger.Error("Error: Message: " + ex.Message + "\n Stack trace:" + ex.StackTrace);
userLoginModel.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("System Error: Unable to login in. Please contact support.");
return(View(userLoginModel));
}
}
//not logged in.
return(View(GetLoginFailureMessage(userLoginModel)));
}
