Ejemplo n.º 1
0
        protected void LinkButton1_Click(object sender, EventArgs e)
        {
            uxLogin.PasswordRequiredErrorMessage = string.Empty;
            Page.Validate("uxLogin");

            if (Page.IsValid || (uxLogin.UserName.Length > 0 && !Page.IsValid))
            {
                SRPUser u = SRPUser.FetchByUsername(uxLogin.UserName);
                if (u != null)
                {
                    // send email
                }
                uxMessageBox.Visible = true;
                FailureText.Text     = SRPResources.PasswordEmailed;
            }
        }
        protected void Button1_Click(object sender, EventArgs e)
        {
            lblMessage.Text =
                "Your password has been emailed to the address associated with the account and should arrive shortly.";

            SRPUser user = SRPUser.FetchByUsername(uxUsername.Text);

            if (user != null)
            {
                //Send Email;.....
                string baseUrl   = Request.Url.Scheme + "://" + Request.Url.Authority + Request.ApplicationPath.TrimEnd('/');
                var    EmailBody =
                    "<h1>Dear " + user.FirstName + ",</h1><br><br>This is your current account information. Please make sure you reset your password as soon as you are able to log back in.<br><br>" +
                    "Username: "******"<br>Password: "******"<br><br>If you have any questions regarding your account please contact " + SRPSettings.GetSettingValue("ContactName") +
                    " at " + SRPSettings.GetSettingValue("ContactEmail") + "." +
                    "<br><br><br><a href='" + baseUrl + "'>" + baseUrl + "</a> <br> <a href='" + baseUrl + "/ControlRoom'>" + baseUrl + "/ControlRoom</a>";

                EmailService.SendEmail(user.EmailAddress, "Summer Reading Program - Control Room Password recovery", EmailBody);
            }
        }
Ejemplo n.º 3
0
        public void OnAuthenticate(object sender, AuthenticateEventArgs e)
        {
            if (Page.IsValid)
            {
                SRPUser user = new SRPUser();

                bool auth = SRPUser.Login(uxLogin.UserName,
                                          uxLogin.Password, Session.SessionID,
                                          Request.UserHostAddress == "::1" ? "127.0.0.1" : Request.UserHostAddress,
                                          Request.UserHostName == "::1" ? "localhost" : Request.UserHostName,
                                          Request.Browser.Browser + " - v" + Request.Browser.MajorVersion + Request.Browser.MinorVersionString);
                if (!auth)
                {
                    uxMessageBox.Visible = true;
                    FailureText.Text     = SRPResources.BadUserPass;
                    //Account Inactive
                    //
                    e.Authenticated = false;
                }
                else
                {
                    e.Authenticated = true;
                }


                if (e.Authenticated)
                {
                    // handle remember me
                    if (uxLogin.RememberMeSet == true)
                    {
                        var rememberMe = new HttpCookie("ControlRoomUsername", uxLogin.UserName);
                        rememberMe.Expires = DateTime.Now.AddDays(14);
                        Response.Cookies.Set(rememberMe);
                    }
                    else
                    {
                        var rememberMe = new HttpCookie("ControlRoomUsername", string.Empty);
                        rememberMe.Expires = DateTime.Now.AddDays(-1);
                        Response.Cookies.Set(rememberMe);
                    }

                    // Put User Profile into Session.
                    // Put Security roles into session
                    // = ConfigurationManager.AppSettings["ApplicationName"];
                    user = SRPUser.FetchByUsername(uxLogin.UserName);
                    Session[SessionData.IsLoggedIn.ToString()]  = true;
                    Session[SessionData.UserProfile.ToString()] = user;

                    List <SRPPermission> perms = user.EffectiveUserPermissions();
                    //Session[SessionData.PermissionList.ToString()] = perms;
                    string permList = string.Empty;
                    foreach (SRPPermission perm in perms)
                    {
                        permList += String.Format("#{0}", perm.Permission);
                    }
                    Session[SessionData.StringPermissionList.ToString()] = permList;

                    Session["TenantID"]            = user.TenID;
                    Session[CRSessionKey.TenantID] = user.TenID;
                    var tenant = Tenant.FetchObject(user.TenID);
                    Session[CRSessionKey.IsMaster] = tenant.isMasterFlag;


                    if (user.MustResetPassword)
                    {
                        this.Log().Info("Redirecting {0} to mandatory password reset.",
                                        user.Username);
                        Response.Redirect("~/ControlRoom/PasswordReset.aspx");
                    }
                    //List<CMSFolder> folders = user.EffectiveUserFolders();
                    //Session[SessionData.FoldersList.ToString()] = folders;
                    //string foldersList= string.Empty;
                    //foreach (CMSFolder folder in folders)
                    //    foldersList += string.Format("#{0}", folder.Folder);
                    //Session[SessionData.StringFoldersList.ToString()] = foldersList;


                    ////// to do - make sure these are in the settings module/ complete the settings module
                    ////string[] HideFolders =  new string[] { ".svn", "CVS", "app_data", "properties", "bin", "obj", "controls", "core", "controlroom", "app_themes" };
                    ////CMSSettings.SetSetting("HideFolders", HideFolders, ",");

                    ////string[]  HideFiles =   new string[] { ".*" };
                    ////CMSSettings.SetSetting("HideFiles", HideFiles, ",");

                    ////string[] AllowedExtensions = new string[] { };
                    ////CMSSettings.SetSetting("AllowedExtensions", AllowedExtensions, ",");

                    ////string[] DeniedExtensions = new string[] { };
                    ////CMSSettings.SetSetting("DeniedExtensions", DeniedExtensions, ",");
                    ////// end to do

                    FormsAuthentication.RedirectFromLoginPage(uxLogin.UserName, false);
                }
            }
            else
            {
                uxMessageBox.Visible = true;
            }
        }
Ejemplo n.º 4
0
        protected void Button1_Click(object sender, EventArgs e)
        {
            string userId        = new SRPUser().GetUsernameByEmail(uxEmailaddress.Text);
            string remoteAddress = new Tools.WebTools().RemoteUserAddress(Request);

            if (string.IsNullOrEmpty(userId))
            {
                // user requested a password for an email address that is not in the database
                // if account doesn't exist, send an email saying so

                var values = new {
                    SystemName      = SRPSettings.GetSettingValue("SysName", 1),
                    ControlRoomLink = string.Format("{0}{1}",
                                                    BaseUrl,
                                                    "/ControlRoom/LoginRecovery.aspx"),
                    ContactName          = SRPSettings.GetSettingValue("ContactName", 1),
                    ContactEmail         = SRPSettings.GetSettingValue("ContactEmail", 1),
                    RemoteAddress        = remoteAddress,
                    UserEmail            = uxEmailaddress.Text,
                    PasswordResetSubject = SRPResources.PasswordEmailSubject
                };

                this.Log().Info("User at {0} requested password reset for nonexistent email {1}",
                                values.RemoteAddress,
                                values.UserEmail);

                // TODO email - move this template out to the database
                StringBuilder body = new StringBuilder();
                body.Append("<p>A password reset request was received by {SystemName} for your ");
                body.Append("address. Unfortunately no account could be found associated with ");
                body.Append("this email address.</p>");
                body.Append("<p>If you initiated this request, feel free to ");
                body.Append("<a href=\"{ControlRoomLink}\">try requesting the password</a> ");
                body.Append("for any other email address you might have used.</p>");
                body.Append("<p>If you have any comments or questions, please contact ");
                body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
                body.Append("</a>.</p>");
                body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
                body.Append("submitted from: {RemoteAddress}.</em></p>");

                new EmailService().SendEmail(uxEmailaddress.Text,
                                             "{SystemName} - {PasswordResetSubject}".FormatWith(values),
                                             body.ToString().FormatWith(values));
            }
            else
            {
                SRPUser lookupUser         = SRPUser.FetchByUsername(userId);
                string  passwordResetToken = lookupUser.GeneratePasswordResetToken();
                if (string.IsNullOrEmpty(passwordResetToken))
                {
                    lblMessage.Text = "Unable to initiate password reset process.";
                    return;
                }

                var values = new {
                    SystemName        = SRPSettings.GetSettingValue("SysName", lookupUser.TenID),
                    PasswordResetLink = string.Format("{0}{1}?token={2}",
                                                      BaseUrl,
                                                      "/ControlRoom/PasswordRecovery.aspx",
                                                      passwordResetToken),
                    ContactName          = SRPSettings.GetSettingValue("ContactName", lookupUser.TenID),
                    ContactEmail         = SRPSettings.GetSettingValue("ContactEmail", lookupUser.TenID),
                    RemoteAddress        = remoteAddress,
                    UserEmail            = uxEmailaddress.Text,
                    PasswordResetSubject = SRPResources.PasswordEmailSubject,
                };

                this.Log().Info("User at {0} requested password reset for email {1}",
                                values.RemoteAddress,
                                values.UserEmail);

                // TODO email - move this template out to the database
                StringBuilder body = new StringBuilder();
                body.Append("<p>A password reset request was received by {SystemName} for your ");
                body.Append("address.</p>");
                body.Append("<p>Please <a href=\"{PasswordResetLink}\">click here</a> ");
                body.Append("to create a new password for your account.</p>");
                body.Append("<p>If you did not initiate this request, take no action and your ");
                body.Append("password will not be changed.</p>");
                body.Append("<p>If you have any comments or questions, please contact ");
                body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
                body.Append("</a>.</p>");
                body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
                body.Append("submitted from: {RemoteAddress}.</em></p>");

                new EmailService().SendEmail(uxEmailaddress.Text,
                                             "{SystemName} - {PasswordResetSubject}".FormatWith(values),
                                             body.ToString().FormatWith(values));
            }

            lblMessage.Text = "Processing your password reset request, you should receive an email soon.";
        }