private void btnLogin_Click(object sender, EventArgs e)
{
if ((textUser.Text != "") && (textPassword.Text != ""))
{
UserEnt obj = new UserEnt();
obj.Name = textUser.Text;
obj.Password = textPassword.Text;
obj = new UserModel().Login(obj);
if (obj.Name == null)
{
MessageBox.Show("User or password invalid!");
textUser.Focus();
return;
}
else
{
MessageBox.Show("==>> Wellcome " + obj.Name + " <<==");
btnCancel_Click(sender, e);
}
}
else
{
MessageBox.Show("Input user and password!");
textUser.Focus();
}
}
public string RegistrationUser(UserEnt user, string password)
{
var result = _userManager.CreateAsync(user, password);
return("");
}
public MainView(Form previous, UserEnt user)
{
InitializeComponent();
this.previous = previous;
this.user = user;
this.label1.Text = "Chào mừng " + user.Username;
}
protected void btnLogin_Click(object sender, System.EventArgs e)
{
if (Page.IsValid == true)
{
string strLogin = txtLogin.Text.Trim();
if (UserEnt.Authenticate(strLogin, txtPassword.Text))
{
if (FormsAuthentication.GetRedirectUrl(strLogin, false).ToLower().EndsWith("Login.aspx"))
{
// creates authentication ticket for user then display confirmation
FormsAuthentication.SetAuthCookie(strLogin, cbxAutoSignin.Checked);
Response.Redirect("~/default.aspx");
}
else
{
// user came here by accessing a secure page, continue
// on to the page they were trying to access
FormsAuthentication.RedirectFromLoginPage(strLogin, cbxAutoSignin.Checked);
}
}
else
{
lblLoginFailed.Visible = true;
}
}
}
public bool RegisterUser(UserEnt ent, ref string errorInfo)
{
_log.Info("Request to create user " + ent.Email);
string sql = "select count(*) from user where email='" + ent.Email + "'";
DataSet ds = Query(sql);
if (ds == null)
{
throw new Exception("Failed to query user's data");
}
int cnt = Convert.ToInt32(ds.Tables[0].Rows[0][0].ToString());
if (cnt != 0)
{
errorInfo = "User already registered";
return(false);
}
string curTime = DateTime.UtcNow.ToString("yyyy-MM-ddThh:mm:ssZ");
sql = string.Format("INSERT INTO user (username, email, user_guid, create_time, update_time, password) VALUES ('{0}', '{1}', '{2}', '{3}', '{4}', '{5}')"
, ent.Username, ent.Email, Util.GetMD5(ent.Email), curTime, curTime, ent.Password);
cnt = ExecuteSql(sql);
if (cnt == 0)
{
throw new Exception("Failed to update database");
}
_log.Info("User " + ent.Email + " created successfully");
return(true);
}
public NotiView(Form previous, UserEnt user)
{
InitializeComponent();
this._previous = previous;
this._user = user;
showNoti();
}
public int add(UserEnt user)
{
SqlConnection sqlConnection = new SqlConnection(ConnectionDal.connectionString);
SqlCommand sqlCommand = sqlConnection.CreateCommand();
sqlCommand.CommandType = CommandType.StoredProcedure;
sqlCommand.CommandText = "addUser";
sqlCommand.Parameters.AddWithValue("@Name", user.NAME);
sqlCommand.Parameters.AddWithValue("@Last_Name", user.LAST_NAME);
if (user.MATERNAL_SURNAME != "")
{
sqlCommand.Parameters.AddWithValue("@Maternal_Surname", user.MATERNAL_SURNAME);
}
else
{
sqlCommand.Parameters.AddWithValue("@Maternal_Surname", DBNull.Value);
}
sqlCommand.Parameters.AddWithValue("@Username", user.USERNAME);
sqlCommand.Parameters.AddWithValue("@Password", user.PASSWORD);
sqlCommand.Parameters.AddWithValue("@Condition", user.CONDITION);
sqlConnection.Open();
int id = Convert.ToInt32(sqlCommand.ExecuteScalar());
sqlConnection.Close();
return(id);
}
public static void Register(string username, string password, string confirm, IRespone <UserEnt> respone)
{
username = username.Trim().ToUpper();
UserEnt user = new UserEnt();
user.Username = username;
user.Password = password;
try
{
if (user.Password != confirm)
{
respone.OnFail("Please confirm again!");
return;
}
else if (!Storage.Instance.addUser(user))
{
respone.OnFail("Username existed!");
return;
}
respone.OnSuccess(user);
}
catch (Exception e)
{
respone.OnError(e.ToString());
}
}
public UserEnt GetUser(string sql, ref string errorInfo)
{
DataSet ds = Query(sql);
if (ds == null)
{
throw new Exception("Failed to query user's data");
}
if (ds.Tables[0].Rows.Count == 0)
{
errorInfo = "User not exist";
return(null);
}
UserEnt ent = new UserEnt();
ent.Username = ds.Tables[0].Rows[0]["username"].ToString();
ent.UserGuid = ds.Tables[0].Rows[0]["user_guid"].ToString();
ent.Email = ds.Tables[0].Rows[0]["email"].ToString();
ent.Password = ds.Tables[0].Rows[0]["password"].ToString();
ent.UpdateTime = ds.Tables[0].Rows[0]["create_time"].ToString();
ent.CreateTime = ds.Tables[0].Rows[0]["update_time"].ToString();
return(ent);
}
public List <UserEnt> Search(UserEnt objTabela)
{
using (SqlConnection con = new SqlConnection())
{
con.ConnectionString = Properties.Settings.Default.banco;
SqlCommand cn = new SqlCommand();
cn.CommandType = CommandType.Text;
con.Open();
cn.CommandText = "SELECT * from users WHERE name LIKE @name";
cn.Parameters.Add("name", SqlDbType.VarChar).Value = objTabela.Name + "%";
cn.Connection = con;
SqlDataReader dr;
List <UserEnt> lista = new List <UserEnt>();
dr = cn.ExecuteReader();
if (dr.HasRows)
{
while (dr.Read())
{
UserEnt dado = new UserEnt();
dado.Id = Convert.ToInt32(dr["id"]);
dado.Name = Convert.ToString(dr["name"]);
dado.Login = Convert.ToString(dr["login"]);
dado.Password = Convert.ToString(dr["password"]);
lista.Add(dado);
}
}
return(lista);
}
}
public List <UserEnt> Lista()
{
using (SqlConnection con = new SqlConnection())
{
con.ConnectionString = Properties.Settings.Default.banco;
SqlCommand cn = new SqlCommand();
cn.CommandType = CommandType.Text;
con.Open();
cn.CommandText = "SELECT * from users ORDER BY id DESC";
cn.Connection = con;
SqlDataReader dr;
List <UserEnt> lista = new List <UserEnt>();
dr = cn.ExecuteReader();
if (dr.HasRows)
{
while (dr.Read())
{
UserEnt dado = new UserEnt();
dado.Id = Convert.ToInt32(dr["id"]);
dado.Name = Convert.ToString(dr["name"]);
dado.Login = Convert.ToString(dr["login"]);
dado.Password = Convert.ToString(dr["password"]);
lista.Add(dado);
}
}
return(lista);
}
}
public async Task <Result <int> > UpdateUser([FromBody] UserEnt ent)
{
Result <int> r = null;
await Task.Run(() =>
{
r = ResultRunner <int> .Run(delegate() { UserBus.UpdateUser(ent, LoggededInUserID); });
});
return(r);
}
public async Task <IActionResult> Authenticate([FromBody] UserEnt userParam)
{
var user = await _userService.Authenticate(userParam.username, userParam.password);
if (user == null)
{
return(Ok(new { code = 0, message = "Tên đăng nhập hoặc mật khẩu không đúng!" }));
}
return(Ok(new { code = 1, data = user }));
}
public MainWindow(UserEnt usuario)
{
inicio = new SistemaShekinahCompleto.Views.InicioWF();
sec = new Views.Secretaria();
InitializeComponent();
meuFrime.Navigate(inicio);
// Use the Loaded event to start the Storyboard.
btnOcultar.Click += new RoutedEventHandler(faz);
if (usuario.Tipo == Permissao.Caixa)
{
btnSecretaria.IsEnabled = false;
}
}
public static void usp_02_User_AddUsers(UserEnt userEnt, int insertByUserID)
{
string procName = "OVPR.usp_02_User_AddUsers";
var prms = new List <SqlParameter>();
prms.Add(new SqlParameter("@Email", userEnt.USER_EmailAddress));
prms.Add(new SqlParameter("@LastName", userEnt.USER_LastName));
prms.Add(new SqlParameter("@FirstName", userEnt.USER_FirstName));
prms.Add(new SqlParameter("@MI", userEnt.USER_MI));
prms.Add(new SqlParameter("@Role", userEnt.ROLE_PK_ID));
prms.Add(new SqlParameter("@User_PK", insertByUserID));
DataAccessHelpers.ExecuteGetDataTableStoredProc(procName, prms);
}
public UserEnt getUser(string username)
{
username = username.Trim().ToUpper();
if (dict.ContainsKey(username))
{
UserEnt user = new UserEnt();
user.Username = username;
user.Password = dict[username];
return(user);
}
else
{
return(null);
}
}
public UserEnt GetUser(string username)
{
username = username.Trim().ToUpper();
if (!users.ContainsKey(username))
{
return(null);
}
UserEnt user = new UserEnt();
user.Username = username;
user.Password = users[username];
return(user);
}
private UserEnt one(DataTable dataTable, int position)
{
if (dataTable.Rows.Count > 0)
{
var registro = new UserEnt()
{
usuario = int.Parse(dataTable.Rows[position]["usuario"].ToString()),
entidade = int.Parse(dataTable.Rows[position]["entidade"].ToString())
};
return(registro);
}
else
{
return(new UserEnt());
}
}
public int login(UserEnt user)
{
SqlConnection sqlConnection = new SqlConnection(ConnectionDal.connectionString);
SqlCommand sqlCommand = sqlConnection.CreateCommand();
sqlCommand.CommandType = CommandType.Text;
sqlCommand.CommandText = "Select ISNULL(MAX([Id]), 0) As Id From [User] Where [Condition] = 'ACTIVE' And [Username] = @Username "
+ "And [Password] = @Password";
sqlCommand.Parameters.AddWithValue("@Username", user.USERNAME);
sqlCommand.Parameters.AddWithValue("@Password", user.PASSWORD);
sqlConnection.Open();
int id = Convert.ToInt32(sqlCommand.ExecuteScalar());
sqlConnection.Close();
return(id);
}
public IActionResult OnPost()
{
if (!model.Email.IsNullOrEmpty() && !model.Password.IsNullOrEmpty() && !model.UserName.IsNullOrEmpty())
{
var user = new UserEnt()
{
UserName = model.UserName,
Email = model.Email
};
var token = _accountsService.RegistrationUser(user, model.Password);
return(StatusCode(200, "Successful"));
}
return(BadRequest("ok"));
}
public static bool Authenticate(string email, string password, out UserEnt authUser)
{
var user = UserDat.usp_01_User_GetUsers(email, true);
authUser = null;
if (user.Count == 1)
{
if (user[0].USER_Password == password)
{
authUser = user[0];
return(true);
}
}
return(false);
}
public int Delete(UserEnt objTabela)
{
using (SqlConnection con = new SqlConnection())
{
con.ConnectionString = Properties.Settings.Default.banco;
SqlCommand cn = new SqlCommand();
cn.CommandType = CommandType.Text;
con.Open();
cn.CommandText = "DELETE FROM USERS WHERE id = @id";
cn.Parameters.Add("id", SqlDbType.Int).Value = objTabela.Id;
cn.Connection = con;
int qtd = cn.ExecuteNonQuery();
return(qtd);
}
}
public bool AddUser(UserEnt user)
{
string username = user.Username.Trim().ToUpper();
string passhashed = MD5Hash(user.Password);
if (users.ContainsKey(username))
{
return(false);
}
users.Add(username, passhashed);
string[] arr = { username, passhashed };
File.AppendAllLines(fileName, arr);
return(true);
}
public static void Login(string username, string pass, Respone <UserEnt> respone)
{
try
{
UserEnt user = Storage.Instance.GetUser(username);
if (user == null || Storage.MD5Hash(pass) != user.Password)
{
respone.onFail("Đăng nhập thất bại");
return;
}
respone.onSuccess(user);
} catch (Exception e)
{
respone.onError(e.Message);
}
}
public bool UpdatePassword(string userGuid, UpdatePasswordEnt ent, string verifyCode, ref string errorInfo)
{
_log.Info("Request to update password for user " + userGuid);
string existCode = GetVerificationCode(userGuid);
if (existCode.Equals(string.Empty))
{
errorInfo = "No security code or code expired";
return(false);
}
if (!verifyCode.Equals(existCode))
{
errorInfo = "Security code incorrect";
return(false);
}
UserEnt userEnt = GetUserByGuid(userGuid, ref errorInfo);
if (userEnt == null)
{
return(false);
}
if (string.Compare(userEnt.Password, ent.OldPassword) != 0)
{
_log.Warn("User " + userGuid + "'s old password not correct while updating password");
errorInfo = "Old password incorrect";
return(false);
}
string sql = string.Format("UPDATE user SET password='******' and update_time='{1}' WHERE user_guid='{2}'"
, ent.NewPassword, DateTime.UtcNow.ToString("yyyy-MM-ddThh:mm:ssZ"), userGuid);
int cnt = ExecuteSql(sql);
if (cnt == 0)
{
throw new Exception("Failed to update database");
}
_log.Info("User " + userGuid + "'s password updated successfully");
return(true);
}
public int Insert(UserEnt objTabela)
{
using (SqlConnection con = new SqlConnection())
{
con.ConnectionString = Properties.Settings.Default.banco;
SqlCommand cn = new SqlCommand();
cn.CommandType = CommandType.Text;
con.Open();
cn.CommandText = "INSERT INTO USERS ([name], [login], [password]) VALUES (@name, @login, @password)";
cn.Parameters.Add("name", SqlDbType.VarChar).Value = objTabela.Name;
cn.Parameters.Add("login", SqlDbType.VarChar).Value = objTabela.Login;
cn.Parameters.Add("password", SqlDbType.VarChar).Value = objTabela.Password;
cn.Connection = con;
int qtd = cn.ExecuteNonQuery();
return(qtd);
}
}
public DataTable GetUserDetails(UserEnt userDetail)
{
DataTable userList = new DataTable();
try
{
using (var context = new labo_salesEntities())
{
var userResult = context.sp_GetUserDetails(userDetail.username, userDetail.password);
userList = DataTransformer.CreateDataTable(userResult.ToList());
}
}
catch (Exception ex)
{
throw ex;
}
return(userList);
}
public int Update(UserEnt objTabela)
{
using (SqlConnection con = new SqlConnection())
{
con.ConnectionString = Properties.Settings.Default.banco;
SqlCommand cn = new SqlCommand();
cn.CommandType = CommandType.Text;
con.Open();
cn.CommandText = "UPDATE users SET name = @name, login = @login, password = @password WHERE id = @id";
cn.Parameters.Add("name", SqlDbType.VarChar).Value = objTabela.Name;
cn.Parameters.Add("login", SqlDbType.VarChar).Value = objTabela.Login;
cn.Parameters.Add("password", SqlDbType.VarChar).Value = objTabela.Password;
cn.Parameters.Add("id", SqlDbType.Int).Value = objTabela.Id;
cn.Connection = con;
int qtd = cn.ExecuteNonQuery();
return(qtd);
}
}
public async Task <IActionResult> Login(LoginViewModel model, string ReturnUrl)
{
try
{
if (String.IsNullOrEmpty(ReturnUrl))
{
ReturnUrl = "/";
}
await HttpContext.SignOutAsync();
bool isModelValid = ModelState.IsValid;
//isModelValid = true;
if (isModelValid)
{
//String[] errorInfo;
//string pidm = "41149";// await AccountBus.AuthenticateUser(model.LoginHandle, model.Password);
bool isAuth = false;
UserEnt authUser = null;
await Task.Run(() =>
{
isAuth = UserBus.Authenticate(model.LoginHandle, model.Password, out authUser);
});
if (isAuth)
{
await _Login(ReturnUrl, authUser);
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
}
}
}
catch (Exception e)
{
ModelState.AddModelError(string.Empty, e.Message);
}
ViewData["ReturnUrl"] = ReturnUrl;
return(View());
}
public UserEnt Login(UserEnt obj)
{
using (SqlConnection con = new SqlConnection())
{
con.ConnectionString = Properties.Settings.Default.SamplesConnectionString;
SqlCommand cn = new SqlCommand();
cn.CommandType = CommandType.Text;
con.Open();
cn.CommandText = "SELECT * from users where name = @name AND password = @password";
cn.Connection = con;
cn.Parameters.Add("name", SqlDbType.VarChar).Value = obj.Name;
cn.Parameters.Add("password", SqlDbType.VarChar).Value = obj.Password;
SqlDataReader dr;
dr = cn.ExecuteReader();
if (dr.HasRows)
{
while (dr.Read())
{
UserEnt dado = new UserEnt();
dado.Name = Convert.ToString(dr["name"]);
dado.Password = Convert.ToString(dr["password"]);
}
}
else
{
obj.Name = null;
obj.Password = null;
}
return(obj);
}
}
