public ActionResult AppointmentBooked(string refernceId)
{
PatientLogin model = new PatientLogin();
model.RefrenceNo = refernceId;
return(View(model));
}
public ActionResult SignIn(PatientLogin login)
{
var patient = db.Patients.Where(a => a.Patient_Username == login.Patient_Username).FirstOrDefault();
if (patient != null)
{
if (string.Compare(Crypto.Hash(login.Patient_Password), patient.Patient_Password) == 0)
{
Session["P_ID"] = patient.Patient_ID.ToString();
Session["P_Username"] = patient.Patient_Username.ToString();
Session["P_DOB"] = patient.Patient_DoB.Value.ToShortDateString();
Session["P_Pass"] = patient.Patient_Password.ToString();
Session["P_Fname"] = patient.Patient_Firstname.ToString();
Session["P_Lname"] = patient.Patient_Lastname.ToString();
Session["P_Email"] = patient.Patient_Email.ToString();
Session["P_Gender"] = patient.Patient_Gender.ToString();
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("PasswordError", "Mật Khẩu không đúng!");
return(View(login));
}
}
else
{
ModelState.AddModelError("UsernameError", "Tài Khoản không đúng!");
return(View(login));
}
}
public void LoginToPatientInfo(string Username, string Password)
{
PatientLogin loginPage = new PatientLogin();
//loginPage.btnmyAccount.ClickElement();
//loginPage.btnPatientInfo.ClickElement();
//loginPage.txtUsername.EnterText(Username);
//loginPage.txtPassword.EnterText(Password);
//loginPage.btnSignin.ClickElement();
Report report = new Report();
report.InitReport();
report.CreateTestCase("Login");
report.TestInfo("Entered Username");
report.TestInfo("Entered Password");
report.TestPass("Login", "Login to Patient Info Successful");
report.CreateTestCase("Login01");
report.TestInfo("Entered Username");
report.TestInfo("Entered Password");
report.TestPass("Login01", "Login to Patient Info Successful");
report.CreateTestCase("Login02");
report.TestInfo("Entered Username");
report.TestInfo("Entered Password");
report.TestPass("Login02", "Login to Patient Info Successful");
report.CreateTestCase("Login03");
report.TestInfo("Entered Username");
report.TestInfo("Entered Password");
report.TestPass("Login03", "Login to Patient Info Successful");
report.CloseReport();
}
public async Task <PatientLogin> GetPatientInfo(string guid)
{
PatientLogin patientLogin = null;
string sqlQuery =
"SELECT a.first_name, a.last_name, a.role, r.role_name, ac.first_name AS doctor_first_name, ac.last_name as doctor_last_name, p.id AS patient_id, p.* " +
"FROM Patient AS p " +
"INNER JOIN Account AS a ON p.account_id = a.id " +
"INNER JOIN Doctor AS d ON p.doctor_id = d.id " +
"INNER JOIN Account AS ac ON ac.id = d.account_id " +
"INNER JOIN Role AS r ON r.id = a.role " +
"WHERE p.guid = @GUID";
using (SqlConnection conn = new SqlConnection(Environment.GetEnvironmentVariable("sqldb_connection")))
{
SqlCommand sqlCmd = new SqlCommand(sqlQuery.ToString(), conn);
sqlCmd.Parameters.Add("@GUID", SqlDbType.NVarChar).Value = guid;
conn.Open();
SqlDataReader reader = await sqlCmd.ExecuteReaderAsync();
while (reader.Read())
{
AccountModel account = new AccountModel
{
AccountId = (int)reader["account_id"],
Role = (string)reader["role_name"]
};
Patient patient = new Patient
{
DateOfBirth = (DateTime)reader["date_of_birth"],
FirstName = (string)reader["first_name"],
LastName = (string)reader["last_name"],
Guid = (string)reader["guid"],
PatientId = (int)reader["patient_id"],
WeightInKilograms = float.Parse(reader["weight"].ToString())
};
DoctorModel doctor = new DoctorModel
{
FirstName = (string)reader["doctor_first_name"],
LastName = (string)reader["doctor_last_name"],
DoctorId = (int)reader["doctor_id"]
};
patientLogin = new PatientLogin
{
Account = account,
Patient = patient,
Doctor = doctor
};
}
conn.Close();
}
return(patientLogin);
}
public void ChangePasswordByClass(PatientLogin logindetails)
{
if (CheckUserName(logindetails.PUserName))
{
patientlogin.Collection.Update(
Query.EQ("PUserName", logindetails.PUserName),
Update.Set("Password", logindetails.Password));
}
}
public ActionResult AppointmentBooked(PatientLogin model)
{
OPDManagementEntities context = new OPDManagementEntities();
if (context.OPDManagements.Where(a => a.ReferenceNo == model.RefrenceNo && a.PhoneNo == model.MobileNumber).Count() > 0)
{
return(RedirectToAction("AddCaseDetail", "Appointment", new { refernceNo = model.RefrenceNo }));
}
return(View(model));
}
public async Task <IActionResult> Login(PatientLogin login)
{
if (login == null)
{
return(BadRequest(new { message = "Invalid client request" }));
}
var patient = await _context.Patient.Where(p => p.Email == login.Email).Select(p => new Patient
{
Urnumber = p.Urnumber,
Salt = p.Salt,
Password = p.Password
}).SingleOrDefaultAsync();
if (patient != null)
{
var passwordHash = SHA512.Create();
passwordHash.ComputeHash(Encoding.UTF8.GetBytes(login.Password + patient.Salt + Environment.GetEnvironmentVariable("pepper")));
if (passwordHash.Hash.SequenceEqual(patient.Password))
{
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("secret")));
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var claims = new[] {
new Claim(ClaimTypes.Role, "Patient"),
new Claim("URNumber", patient.Urnumber)
};
var tokenOptions = new JwtSecurityToken(
issuer: Environment.GetEnvironmentVariable("applicationUrl"),
audience: Environment.GetEnvironmentVariable("applicationUrl"),
claims: claims,
expires: DateTime.Now.AddDays(5),
signingCredentials: signinCredentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(tokenOptions);
return(Ok(new { Token = tokenString }));
}
else
{
return(Unauthorized());
}
}
else
{
return(NotFound(new { message = "Patient not found" }));
}
}
public async Task <Dictionary <ServiceDictionaryKey, object> > TryRegisterPatient(HttpRequest request)
{
Dictionary <ServiceDictionaryKey, object> dictionary = new Dictionary <ServiceDictionaryKey, object>();
try
{
AuthLogin authLogin = null;
// Auth
try
{
authLogin = await _authorizationService.LoginAuthAsync(request);
if (authLogin == null)
{
dictionary.Add(ServiceDictionaryKey.ERROR, Messages.AuthNoAcces);
dictionary.Add(ServiceDictionaryKey.HTTPSTATUSCODE, HttpStatusCode.Unauthorized);
return(dictionary);
}
}
catch
{
dictionary.Add(ServiceDictionaryKey.ERROR, "Auth threw an error. Has the token lifetime expired?");
dictionary.Add(ServiceDictionaryKey.HTTPSTATUSCODE, HttpStatusCode.Unauthorized);
return(dictionary);
}
// Creation
PatientLogin newPatient = await _messageSerializer.Deserialize <PatientLogin>(request.Body);
newPatient.Account = _accountRepository.RegisterAccount(newPatient.Patient, Role.Patient);
newPatient = await _patientRepository.RegisterPatient(newPatient);
newPatient.Patient = await _patientRepository.Select(newPatient.Patient.PatientId);
newPatient.AuthLogin = authLogin;
// Serialization
dynamic data = _messageSerializer.Serialize(newPatient);
dictionary.Add(ServiceDictionaryKey.VALUE, data);
}
catch (Exception ex)
{
dictionary.AddErrorMessage(ServiceDictionaryKey.ERROR, ex, FeedbackHandler);
}
return(dictionary);
}
public JsonResult Login(UserLogin _login)
{
string retmsg = "Error";
string getid = Request.ServerVariables["http_referer"];
if (!string.IsNullOrEmpty(getid))
{
getid = getid.ToLower();
}
string ReturnUrl = string.Empty;
string url = ConfigurationManager.AppSettings["SiteUrl"];
if (getid.Contains("riskanalysis"))
{
if (!string.IsNullOrEmpty(getid))
{
string[] getreturnurl = getid.Split('=');
ReturnUrl = getreturnurl[1].ToString();
}
}
PatientLogin _ptlogin = new PatientLogin()
{
UserName = _login.UserName, Password = _login.Password
};
bool IsAuth = PatientLogin.login(_ptlogin);
if (IsAuth)
{
string[] GetRole = Roles.GetRolesForUser(_login.UserName);
FormsAuthentication.SetAuthCookie(_login.UserName, true);
//if (!string.IsNullOrEmpty(ReturnUrl))
// return Redirect(url + "/" + ReturnUrl);
//else
// return RedirectToAction("QuestionPart1", "Question");
retmsg = "Success";
}
else
{
retmsg = "Invalid credentials!";
}
return(Json(retmsg, JsonRequestBehavior.AllowGet));
}
public void InsertPatient(PatientLogin patientlogin)
{
var crypto = new SimpleCrypto.PBKDF2();
var encrypPass = crypto.Compute(patientlogin.Password);
patientlogin.Password = encrypPass;
patientlogin.ConfirmPassword = encrypPass;
patientlogin.PasswordSalt = crypto.Salt;
patientlogin.FirstName = patientlogin.FirstName;
patientlogin.LastName = patientlogin.LastName;
patientlogin.EmailID = patientlogin.EmailID;
patientlogin.IslockedOut = false;
patientlogin.InactiveFlag = "N";
patientlogin.CreatedByID = 1; // for now we add 1 later we change
patientlogin.CreatedDate = DateTime.Now;
patientlogin.ModifiedByID = 1; // for now we add 1 later we change
patientlogin.ModifiedDate = DateTime.Now;
patientlogin.UserPhone = patientlogin.UserPhone;
DBcontext.patientlogins.Add(patientlogin);
}
public async Task <PatientLogin> RegisterPatient(PatientLogin newPatient)
{
// Return null when GUID already exists in DB
if (newPatient.Patient.Guid != null)
{
if (await CheckIfExists(newPatient.Patient.Guid))
{
return(null);
}
}
if (newPatient.Account.AccountId == 0)
{
return(null);
}
string sqlQuery =
"INSERT INTO Patient(account_id, date_of_birth, doctor_id, guid, weight) " +
"OUTPUT Inserted.id " +
"VALUES(@ACCOUNTID, @DATE, @DOCTORID, @GUID, @WEIGHT) ";
using (SqlConnection sqlConn = new SqlConnection(Environment.GetEnvironmentVariable("sqldb_connection")))
{
SqlCommand sqlCmd = new SqlCommand(sqlQuery, sqlConn);
sqlCmd.Parameters.Add("@ACCOUNTID", SqlDbType.Int).Value = newPatient.Account.AccountId;
newPatient.Patient.AccountId = newPatient.Account.AccountId;
sqlCmd.Parameters.Add("@DATE", SqlDbType.Date).Value = newPatient.Patient.DateOfBirth;
sqlCmd.Parameters.Add("@DOCTORID", SqlDbType.Int).Value = newPatient.Patient.DoctorId;
sqlCmd.Parameters.Add("@GUID", SqlDbType.NVarChar).Value = Guid.NewGuid().ToString();
sqlCmd.Parameters.Add("@WEIGHT", SqlDbType.Float).Value = newPatient.Patient.WeightInKilograms;
sqlConn.Open();
newPatient.Patient.PatientId = (int)await sqlCmd.ExecuteScalarAsync();
}
return(newPatient);
}
public ActionResult PatientLogin(PatientLogin patient)
{
if (ModelState.IsValid)
{
using (PatientLoginModel pm = new PatientLoginModel())
{
var v = pm.Patients.Where(a => a.username.Equals(patient.username) && a.password.Equals(patient.password)).FirstOrDefault();
if (v != null)
{
Session["LoggedPatientID"] = v.Id.ToString();
Session["LoggedPatientUsername"] = v.username.ToString();
Session["LoggedPatientFullName"] = v.name.ToString();
return(RedirectToAction("PatientPanel"));
}
else
{
patient.LoginErrorMessage = "Wrong Username or Password";
return(View("PatientLogin", patient));
}
}
}
return(RedirectToAction("PatientLogin"));
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.LoginPatient))] HttpRequest req,
ILogger log)
{
// Auth check
AuthLogin authLogin = await DIContainer.Instance.GetService <IAuthorization>().LoginAuthAsync(req);
if (authLogin == null)
{
return(new BadRequestObjectResult(Messages.AuthNoAcces));
}
IPatientRepository patientRepository = DIContainer.Instance.GetService <IPatientRepository>();
PatientLogin patientLogin = await patientRepository.GetPatientInfo(authLogin.Guid);
if (patientLogin == null)
{
return(new BadRequestResult());
}
patientLogin.AuthLogin = authLogin;
return(new OkObjectResult(patientLogin));
}
public void CreateLogin(PatientLogin logins)
{
if (!CheckUserName(logins.PUserName))
{
patientlogin.Collection.Save(logins);
}
}
public void CreateFullAccount(PatientLogin logins, PatientDetails details)
{
if ((!CheckUserName(logins.PUserName)) && (logins.PUserName.Equals(details.PUserName)))
{
patientlogin.Collection.Save(logins);
DatabasePDetails savedetails = new DatabasePDetails(ConnectString);
savedetails.Create(details);
}
else
{
//Error
}
}
public bool CheckLoginWthClass(PatientLogin loginattempt)
{
if (CheckUserName(loginattempt.PUserName))
{
var data = patientlogin.Collection.Find(Query.EQ("PUserName", loginattempt.PUserName)).Single();
if (data.Password.Equals(loginattempt.Password))
{
return true;
}
else
{
//Incorrect Password
return false;
}
}
else
{
// No UserName
return false;
}
}
public void UpdatePatient(PatientLogin patientLogin)
{
DBcontext.Entry(patientLogin).State = EntityState.Modified;
}
