Beispiel #1
0
        public ActionResult Login(LoginModel model)
        {
            try
            {
                if (ModelState.IsValid)
                {
                    BLLAccess _bllAccess = new BLLAccess();
                    GetEmployeeAccessModel _employeeAccess = new GetEmployeeAccessModel();
                    _bllAccess.idno = model.IDNO;
                    _employeeAccess = _bllAccess.GetEmployeeAccess();

                    if (_employeeAccess.IsLocked)
                    {
                        ModelState.AddModelError("", "Your account is locked. Please contact your System Administrator.");
                        return View();
                    }

                    if (!_bllAccess.VerifyUser(model.Password, _employeeAccess.PasswordHash, _employeeAccess.PasswordSalt))
                    {
                        ModelState.AddModelError("", "User and/or password is incorrect.");
                        return View();
                    }


                    string _userData = Newtonsoft.Json.JsonConvert.SerializeObject(_employeeAccess);
                    System.Web.Security.FormsAuthenticationTicket authTicket = new System.Web.Security.FormsAuthenticationTicket(
                        1,
                        _employeeAccess.IDNO,
                        System.DateTime.Now,
                        System.DateTime.Now.AddMinutes(15),
                        false,
                        _userData);

                    string encTicket = System.Web.Security.FormsAuthentication.Encrypt(authTicket);
                    System.Web.HttpCookie faCookie = new System.Web.HttpCookie(System.Web.Security.FormsAuthentication.FormsCookieName,
                        encTicket);

                    Response.Cookies.Add(faCookie);

                    _bllAccess.UpdateLoginCountAndDate(model.IDNO);

                    return RedirectToAction("Index", "DTR");
                }
                else
                {
                    return View();
                }
            }
            catch
            {
                ModelState.AddModelError("", "User and/or password is incorrect.");
                return View();
            }
        }
Beispiel #2
0
        public ActionResult ChangePassword(EMP.Models.Account.ChangePasswordModel model)
        {
            try
            {
                BLLAccess _bllAccess = new BLLAccess();
                _bllAccess.idno = User.IDNO;
                int _status = _bllAccess.UpdateAccessPass(model.OldPassword, User.PasswordHash,
                    User.PasswordSalt, model.NewPassword, User.IDNO);
                if (_status == 1)
                {
                    return RedirectToAction("Logout", "Account");
                }

                if (_status == 0)
                {
                    ModelState.AddModelError("", "Old password is incorrect. Please try again.");
                }

                return View();
            }
            catch (Exception e)
            {
                ModelState.AddModelError("", e.Message);
                return View();
            }
        }
Beispiel #3
0
        public ActionResult ResetPassword(EMP.Models.Account.ResetPasswordModel model)
        {
            try
            {
                if(ModelState.IsValid)
                {
                    BLLAccess _bllAccess = new BLLAccess();
                    _bllAccess.idno = model.IDNO;
                    if(_bllAccess.ResetAccessPass(model.Password, User.IDNO))
                    {
                        TempData["resetPassword_result"] = "Password was successfully reset.";
                    }
                    else
                    {
                        TempData["resetPassword_result"] = "An error has occurred.";
                    }
                }

                return View();
            }
            catch (Exception e)
            {
                ModelState.AddModelError("", e.Message);
                return View();
            }
        }