protected void Page_Load(object sender, EventArgs e)
{
WebJsonResponse ret = null;
try
{
Int64 enterpriseID = ((EnterpriseData)Page.Session["enterprise_data"]).Id;
Int64 entityId = 0;
String err = "";
String password = Tools.Tool.TrataInjection(Request["password"]);
String password2 = Request["password2"];
if ((password == null) || (password == ""))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("type_password"), 3000, true);
}
else if ((password2 == null) || (password2 == ""))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("type_password_confirm"), 3000, true);
}
else if (password != password2)
{
ret = new WebJsonResponse("", MessageResource.GetMessage("password_not_equal"), 3000, true);
}
else
{
Int64 enterpriseId = 0;
if ((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null))
{
enterpriseId = ((EnterpriseData)Page.Session["enterprise_data"]).Id;
}
String code = "";
if (Session["entityId"] != null)
{
entityId = (Int64)Session["entityId"];
}
if (Session["userCode"] != null)
{
code = Session["userCode"].ToString();
}
if ((entityId > 0) && (code != ""))
{
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
{
UserPasswordStrength usrCheck = new UserPasswordStrength(db.Connection, entityId);
UserPasswordStrengthResult check = usrCheck.CheckPassword(password);
if (check.HasError)
{
if (check.NameError)
{
ret = new WebJsonResponse("", MessageResource.GetMessage("password_name_part"), 3000, true);
}
else
{
String txt = "* " + MessageResource.GetMessage("number_char") + ": " + (!check.LengthError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("uppercase") + ": " + (!check.UpperCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("lowercase") + ": " + (!check.LowerCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("numbers") + ": " + (!check.DigitError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("symbols") + ": " + (!check.SymbolError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail"));
ret = new WebJsonResponse("", MessageResource.GetMessage("password_complexity") + ": <br />" + txt, 5000, true);
}
}
else
{
DataTable c = db.Select("select * from entity where deleted = 0 and id = " + entityId + " and recovery_code = '" + code + "'");
if ((c != null) && (c.Rows.Count > 0))
{
using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, enterpriseId))
using (CryptApi cApi = new CryptApi(sk.ServerCert, Encoding.UTF8.GetBytes(password)))
db.ExecuteNonQuery("update entity set password = '******', recovery_code = null, last_login = getdate(), change_password = getdate(), must_change_password = 0 where id = " + entityId, CommandType.Text, null);
db.AddUserLog(LogKey.User_PasswordChanged, null, "AutoService", UserLogLevel.Info, 0, enterpriseId, 0, 0, 0, entityId, 0, "Password changed through recovery code", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} ");
//Cria o pacote com os dados atualizados deste usuário
//Este processo vija agiliar a aplicação das informações pelos plugins
db.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + entityId + ")", CommandType.Text, null);
String html = "";
html += "<div class=\"login_form\">";
html += "<ul>";
html += " <li class=\"title\">";
html += " <strong>" + MessageResource.GetMessage("password_changed_sucessfully") + "</strong>";
html += " </li>";
html += " <li>";
html += " <p style=\"width:100%;padding:0 0 5px 0;color:#000;\">" + MessageResource.GetMessage("password_changed_text") + "</p>";
html += " </li>";
html += " <li>";
html += " <span class=\"forgot\"> <a href=\"/\">" + MessageResource.GetMessage("return_default") + "</a></span>";
html += " </li>";
html += "</ul> ";
html += "</div>";
ret = new WebJsonResponse("#recover_container", html);
}
else
{
ret = new WebJsonResponse("", MessageResource.GetMessage("invalid_code"), 3000, true);
}
}
}
}
else
{
ret = new WebJsonResponse("", MessageResource.GetMessage("invalid_session"), 3000, true);
}
}
}
catch (Exception ex)
{
Tools.Tool.notifyException(ex);
throw ex;
}
if (ret != null)
{
ReturnHolder.Controls.Add(new LiteralControl(ret.ToJSON()));
}
}
protected void Page_Load(object sender, EventArgs e)
{
String html = "";
String error = "";
LoginData login = LoginUser.LogedUser(this);
if (login == null)
{
Response.Redirect(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath + "login2/", false);
}
else
{
html += "<form id=\"serviceLogin\" name=\"serviceLogin\" method=\"post\" action=\"" + Session["ApplicationVirtualPath"] + "login2/changepassword/\"><div class=\"login_form\">";
if (Request.HttpMethod == "POST")
{
try
{
String password = Tools.Tool.TrataInjection(Request["password"]);
String password2 = Request["password2"];
if ((password == null) || (password == ""))
{
error = MessageResource.GetMessage("type_password");
}
else if ((password2 == null) || (password2 == ""))
{
error = MessageResource.GetMessage("type_password_confirm");
}
else if (password != password2)
{
error = MessageResource.GetMessage("password_not_equal");
}
else
{
Int64 enterpriseId = 0;
if ((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null))
{
enterpriseId = ((EnterpriseData)Page.Session["enterprise_data"]).Id;
}
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
{
UserPasswordStrength usrCheck = new UserPasswordStrength(db.Connection, login.Id);
UserPasswordStrengthResult check = usrCheck.CheckPassword(password);
if (check.HasError)
{
if (check.NameError)
{
error = MessageResource.GetMessage("password_name_part");
}
else
{
String txt = "* " + MessageResource.GetMessage("number_char") + ": " + (!check.LengthError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("uppercase") + ": " + (!check.UpperCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("lowercase") + ": " + (!check.LowerCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("numbers") + ": " + (!check.DigitError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("symbols") + ": " + (!check.SymbolError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail"));
error = MessageResource.GetMessage("password_complexity") + ": <br />" + txt;
}
}
else
{
DataTable c = db.Select("select * from entity where deleted = 0 and id = " + login.Id);
if ((c != null) && (c.Rows.Count > 0))
{
//Verifica a senha atual
using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, enterpriseId))
using (CryptApi cApi = CryptApi.ParsePackage(sk.ServerPKCS12Cert, Convert.FromBase64String(c.Rows[0]["password"].ToString())))
{
using (SqlConnection conn1 = IAMDatabase.GetWebConnection())
using (EnterpriseKeyConfig sk1 = new EnterpriseKeyConfig(conn1, enterpriseId))
using (CryptApi cApi1 = new CryptApi(sk.ServerCert, Encoding.UTF8.GetBytes(password)))
{
DbParameterCollection pPar = new DbParameterCollection();
String b64 = Convert.ToBase64String(cApi1.ToBytes());
pPar.Add("@password", typeof(String), b64.Length).Value = b64;
db.ExecuteNonQuery("update entity set password = @password, change_password = getdate() , recovery_code = null, must_change_password = 0 where id = " + login.Id, CommandType.Text, pPar);
}
db.AddUserLog(LogKey.User_PasswordChanged, null, "AutoService", UserLogLevel.Info, 0, enterpriseId, 0, 0, 0, login.Id, 0, "Password changed through logged user", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} ");
//Cria o pacote com os dados atualizados deste usuário
//Este processo visa agiliar a aplicação das informações pelos plugins
db.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + login.Id + ")", CommandType.Text, null);
//Mata a sessão
//Session.Abandon();
Response.Redirect(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath + "login2/passwordchanged/", false);
}
}
else
{
error = MessageResource.GetMessage("internal_error");
}
}
}
}
}
catch (Exception ex)
{
Tools.Tool.notifyException(ex);
error = MessageResource.GetMessage("internal_error") + ": " + ex.Message;
}
}
html += " <ul>";
html += " <li>";
html += " <p style=\"width:270px;padding:0 0 20px 0;color:#000;\">" + MessageResource.GetMessage("password_expired_text") + "</p>";
html += " </li>";
html += " <li>";
html += " <span class=\"inputWrap\">";
html += " <input type=\"password\" id=\"password\" tabindex=\"1\" name=\"password\" value=\"\" style=\"\" placeholder=\""+ MessageResource.GetMessage("new_password") + "\" onkeyup=\"cas.passwordStrength('#password');\" onfocus=\"$('#password').addClass('focus');\" onblur=\"$('#password').removeClass('focus');\" />";
html += " <span id=\"ph_passwordIcon\" onclick=\"$('#password').focus();\"></span>";
html += " </span>";
html += " </li>";
html += " <li>";
html += " <span class=\"inputWrap\">";
html += " <input type=\"password\" id=\"password2\" tabindex=\"1\" name=\"password2\" value=\"\" style=\"\" placeholder=\""+ MessageResource.GetMessage("new_password_confirm") + "\" onfocus=\"$('#password2').addClass('focus');\" onblur=\"$('#password2').removeClass('focus');\" />";
html += " <span id=\"ph_passwordIcon\" onclick=\"$('#password2').focus();\"></span>";
html += " </span>";
html += " </li>";
html += " <li>";
html += " <div id=\"passwordStrength\"><span>" + MessageResource.GetMessage("password_strength") + ": " + MessageResource.GetMessage("unknow") + "</span><div class=\"bar\"></div></div>";
html += " </li>";
if (error != "")
{
html += " <li><div class=\"error-box\">" + error + "</div>";
}
html += " <li>";
html += " <span class=\"forgot\"> <a href=\"" + Session["ApplicationVirtualPath"] + "logout/\">" + MessageResource.GetMessage("cancel") + "</a> </span>";
html += " <button tabindex=\"4\" id=\"submitBtn\" class=\"action button floatright\">" + MessageResource.GetMessage("change_password") + "</button>";
html += " </li>";
html += " </ul>";
html += "</div></form>";
holderContent.Controls.Add(new LiteralControl(html));
}
}
protected void Page_Load(object sender, EventArgs e)
{
WebJsonResponse ret = null;
LoginData login = LoginUser.LogedUser(this);
String err = "";
if (!EnterpriseIdentify.Identify(this, false, out err)) //Se houver falha na identificação da empresa finaliza a resposta
{
ret = new WebJsonResponse("", err, 3000, true);
}
else if (login == null)
{
ret = new WebJsonResponse("", MessageResource.GetMessage("expired_session"), 3000, true, "/login/");
}
else
{
try
{
Int64 enterpriseId = 0;
if ((Page.Session["enterprise_data"]) != null && (Page.Session["enterprise_data"] is EnterpriseData) && (((EnterpriseData)Page.Session["enterprise_data"]).Id != null))
{
enterpriseId = ((EnterpriseData)Page.Session["enterprise_data"]).Id;
}
String currentPassword = Tools.Tool.TrataInjection(Request["current_password"]);
String password = Tools.Tool.TrataInjection(Request["password"]);
String password2 = Request["password2"];
if ((currentPassword == null) || (currentPassword == ""))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("type_password_current"), 3000, true);
}
else if ((password == null) || (password == ""))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("type_password"), 3000, true);
}
else if ((password2 == null) || (password2 == ""))
{
ret = new WebJsonResponse("", MessageResource.GetMessage("type_password_confirm"), 3000, true);
}
else if (password != password2)
{
ret = new WebJsonResponse("", MessageResource.GetMessage("password_not_equal"), 3000, true);
}
else
{
using (IAMDatabase db = new IAMDatabase(IAMDatabase.GetWebConnectionString()))
{
try
{
UserPasswordStrength usrCheck = new UserPasswordStrength(db.Connection, login.Id);
UserPasswordStrengthResult check = usrCheck.CheckPassword(password);
if (check.HasError)
{
if (check.NameError)
{
ret = new WebJsonResponse("", MessageResource.GetMessage("password_name_part"), 3000, true);
}
else
{
String txt = "* " + MessageResource.GetMessage("number_char") + ": " + (!check.LengthError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("uppercase") + ": " + (!check.UpperCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("lowercase") + ": " + (!check.LowerCaseError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("numbers") + ": " + (!check.DigitError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail")) + "<br />";
txt += "* " + MessageResource.GetMessage("symbols") + ": " + (!check.SymbolError ? MessageResource.GetMessage("ok") : MessageResource.GetMessage("fail"));
ret = new WebJsonResponse("", MessageResource.GetMessage("password_complexity") + ": <br />" + txt, 5000, true);
}
}
else
{
DataTable c = db.Select("select * from entity where deleted = 0 and id = " + login.Id);
if ((c != null) && (c.Rows.Count > 0))
{
//Verifica a senha atual
using (EnterpriseKeyConfig sk = new EnterpriseKeyConfig(db.Connection, enterpriseId))
using (CryptApi cApi = CryptApi.ParsePackage(sk.ServerPKCS12Cert, Convert.FromBase64String(c.Rows[0]["password"].ToString())))
if (Encoding.UTF8.GetString(cApi.clearData) != currentPassword)
{
ret = new WebJsonResponse("", MessageResource.GetMessage("current_password_invalid"), 3000, true);
}
else
{
using (SqlConnection conn1 = IAMDatabase.GetWebConnection())
using (EnterpriseKeyConfig sk1 = new EnterpriseKeyConfig(conn1, enterpriseId))
using (CryptApi cApi1 = new CryptApi(sk.ServerCert, Encoding.UTF8.GetBytes(password)))
{
DbParameterCollection pPar = new DbParameterCollection();;
String b64 = Convert.ToBase64String(cApi1.ToBytes());
pPar.Add("@password", typeof(String), b64.Length).Value = b64;
db.ExecuteNonQuery("update entity set password = @password, change_password = getdate() , recovery_code = null, must_change_password = 0 where id = " + login.Id, CommandType.Text, pPar);
}
db.AddUserLog(LogKey.User_PasswordChanged, null, "AutoService", UserLogLevel.Info, 0, enterpriseId, 0, 0, 0, login.Id, 0, "Password changed through autoservice logged user", "{ \"ipaddr\":\"" + Tools.Tool.GetIPAddress() + "\"} ");
//Cria o pacote com os dados atualizados deste usuário
//Este processo visa agiliar a aplicação das informações pelos plugins
db.ExecuteNonQuery("insert into deploy_now (entity_id) values(" + login.Id + ")", CommandType.Text, null);
/*
* IAMDeploy deploy = null;
*
* using (ServerDBConfig conf = new ServerDBConfig(IAMDatabase.GetWebConnection()))
* deploy = new IAMDeploy("WebServer", DB.GetConnectionString(), conf.GetItem("outboundFiles"));
*
* if (deploy != null)
* deploy.DeployOne(login.Id);*/
String html = "";
html += "<div class=\"no-tabs pb10\">";
html += " <div class=\"form-group\">";
html += " <h1>" + MessageResource.GetMessage("password_changed_sucessfully") + "</h1> ";
html += " </div>";
html += " <div class=\"form-group\"><span class=\"text-message\">" + MessageResource.GetMessage("password_changed_text") + "</span></div>";
html += "</div>";
ret = new WebJsonResponse("#pwdForm", html);
}
}
else
{
ret = new WebJsonResponse("", "Internal error", 3000, true);
}
}
}
finally
{
}
}
}
}
catch (Exception ex)
{
Tools.Tool.notifyException(ex);
throw ex;
}
}
if (ret != null)
{
ReturnHolder.Controls.Add(new LiteralControl(ret.ToJSON()));
}
}
