/// <summary>
/// Indexes this instance.
/// </summary>
/// <returns>ActionResult.</returns>
public ActionResult Index()
{
var model = new StartScreenViewModel();
var dispatcher = NewsDispatcher.GetNewsDispatcher();
model.News = dispatcher.NewsStack;
model.LogoView = dispatcher.LoginHtml;
return View(model);
}
/// <summary>
/// Changes the password.
/// </summary>
/// <param name="model">The model.</param>
/// <returns>ActionResult.</returns>
public ActionResult ChangePassword(StartScreenViewModel model)
{
if (model == null)
return null;
var dispatcher = NewsDispatcher.GetNewsDispatcher();
model.News = dispatcher.NewsStack;
model.LogoView = dispatcher.LoginHtml;
return View(model);
}
public ActionResult ChangePassword(StartScreenViewModel model, string returnUrl)
{
if (model == null)
return null;
try
{
if (string.IsNullOrEmpty(model.UserName))
model.UserName = TempData["userName"] as string;
if (string.IsNullOrEmpty(model.UserName))
return Redirect(returnUrl ?? Url.Action("Index", "Default"));
var errorInfo = MQ1Identity.ChangePassword(model.UserName, model.OldPassword, model.NewPassword, model.ConfirmPassword);
if (errorInfo == null && ApplicationContext.User.Identity is MQ1Identity)
{
var identity = (MQ1Identity)ApplicationContext.User.Identity;
if (identity.ErrorInfo != null && !string.IsNullOrWhiteSpace(identity.ErrorInfo.ErrorMessage))
{
ModelState.AddModelError(string.Empty, identity.ErrorInfo.ErrorMessage);
TempData["userName"] = model.UserName;
return View(model);
}
// return Redirect(returnUrl ?? Url.Action("Index", "Default"));
return LoginRedirect(model, returnUrl, identity);
}
var errorMessage = errorInfo != null && !string.IsNullOrWhiteSpace(errorInfo.ErrorMessage) ? ": " + errorInfo.ErrorMessage : string.Empty;
ModelState.AddModelError(string.Empty, string.Format(CultureInfo.InvariantCulture, "{0}{1}", LanguageService.Translate("Error_AuthenticationFailed"), errorMessage));
TempData["userName"] = model.UserName;
return View(model);
}
catch (Exception ex)
{
ModelState.AddModelError(string.Empty, ex.Message);
return View(model);
}
}
/// <summary>
/// Logins this instance.
/// </summary>
/// <returns>ActionResult.</returns>
public ActionResult Login()
{
if (Request.Browser.IsMobileDevice)
{
return RedirectToAction("Index", "Mobile");
}
StartScreenViewModel startScreenVM;
if (!DbConnectionChecker.Check())
startScreenVM = new StartScreenViewModel { Error = DbConnectionChecker.ErrorMessage };
else
{
CheckMessages();
var dispatcher = NewsDispatcher.GetNewsDispatcher();
startScreenVM = new StartScreenViewModel
{
News = dispatcher.NewsStack,
LogoView = dispatcher.LoginHtml,
InitParams = string.Empty,
ShowWarning = SystemOptionsEdit.GetSysOptionsInfo().ShowWarning,
WarningMessage = SystemOptionsEdit.GetSysOptionsInfo().WarningMessage,
WarningCaption = SystemOptionsEdit.GetSysOptionsInfo().WarningCaption,
ShowInfo = SystemOptionsEdit.GetSysOptionsInfo().ShowInfo,
InfoMessage = SystemOptionsEdit.GetSysOptionsInfo().InfoMessage,
InfoCaption = SystemOptionsEdit.GetSysOptionsInfo().InfoCaption,
ShowSuccess = SystemOptionsEdit.GetSysOptionsInfo().ShowSuccess,
SuccessMessage = SystemOptionsEdit.GetSysOptionsInfo().SuccessMessage,
SuccessCaption = SystemOptionsEdit.GetSysOptionsInfo().SuccessCaption,
Brand = ConfigurationManager.AppSettings["Branding"] == "QMS" ? Branding.QMS : Branding.Elements,
};
}
return View(startScreenVM);
}
/// <summary>
/// Sets the user context.
/// </summary>
/// <param name="model">The model.</param>
/// <param name="identity">The identity.</param>
private void SetUserContext(StartScreenViewModel model, MQ1Identity identity)
{
SetLocale(identity.Locale);
// use new Owin auth
// FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
ApplicationContext.User = HttpContext.User;
var claims = new List<Claim>
{
new Claim(ClaimTypes.Name, model.UserName)
};
var id = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie);
var ctx = Request.GetOwinContext();
var authenticationManager = ctx.Authentication;
authenticationManager.SignIn(new AuthenticationProperties { IsPersistent = model.RememberMe }, id);
}
/// <summary>Shared by ActionResult Login and SamlConsumer.</summary>
/// <param name="model">The model.</param>
/// <param name="returnUrl">The return URL.</param>
/// <param name="identity">The identity.</param>
/// <returns></returns>
private ActionResult LoginRedirect(StartScreenViewModel model, string returnUrl, MQ1Identity identity)
{
if (HttpContext != null)
{
model.RememberMe &= SystemOptionsEdit.GetSysOptionsInfo().AllowRememberMe;
SetUserContext(model, identity);
}
return Redirect(Url.Action("Index", "Default"));
}
/// <summary>
/// Displays error using MVC build-in functionality.
/// </summary>
/// <param name="model">The <see cref="StartScreenViewModel"/> object.</param>
/// <param name="errorName">Error message.</param>
/// <param name="key"></param>
private void ShowError(StartScreenViewModel model, string errorName, string key = "")
{
var dispatcher = NewsDispatcher.GetNewsDispatcher();
model.News = dispatcher.NewsStack;
model.LogoView = dispatcher.LoginHtml;
ModelState.AddModelError(key, errorName);
}
/// <summary>Shared by ActionResult Login and SamlConsumer.</summary>
/// <param name="model">The model.</param>
/// <param name="returnUrl">The return URL.</param>
/// <param name="identity">The identity.</param>
/// <returns></returns>
private ActionResult LoginRedirect(StartScreenViewModel model, string returnUrl, MQ1Identity identity)
{
if (HttpContext != null)
{
model.RememberMe &= SystemOptionsEdit.GetSysOptionsInfo().AllowRememberMe;
SetUserContext(model, identity);
}
int fileId;
if (int.TryParse(model.DeepLink, out fileId))
{
return Redirect("~/DocHandler.ashx?FileId=" + fileId);
}
if (!string.IsNullOrEmpty(model.InitParams))
{
var queryString = HttpUtility.ParseQueryString(model.InitParams);
if (queryString.HasKeys() && !string.IsNullOrEmpty(queryString["FileId"]))
return Redirect("~/DocHandler.ashx" + model.InitParams);
if (queryString.HasKeys() && !string.IsNullOrEmpty(queryString[Constants.FileProcessFileName]))
return Redirect("~/DocHandler.ashx" + model.InitParams);
}
var url = returnUrl ?? Url.Action("Index", "Default");
if (!string.IsNullOrWhiteSpace(model.DeepLink))
{
url += "#" + model.DeepLink;
}
GetLogger().Info("Redirect to " + url);
return Redirect(url);
}
/// <summary>Called by Identity Provider.</summary>
/// <param name="model">The model.</param>
/// <param name="returnUrl">The return URL.</param>
/// <returns></returns>
public ActionResult SamlConsumer(StartScreenViewModel model, string returnUrl)
{
if (model == null)
return null;
var response = Request.Form["SAMLResponse"];
if (string.IsNullOrEmpty(response))
{
ShowError(model, "No saml response", model.SSOLoginError);
return View("Login", model);
}
try
{
var sso = SSOOptionsInfo.GetSSOInfo();
if (!sso.IsSSOValid)
return View("Login", model);
var samlResponse = new SamlResponse();
samlResponse.Initialize(sso.Certificate, response);
if (!samlResponse.IsValid())
{
ShowError(model, LanguageService.Translate("Error_AuthenticationFailed"), model.SSOLoginError);
return View("Login", model);
}
model.UserName = samlResponse.GetNameId(sso.SAMLVersion);
// Giving temp access be able to check identity
System.Web.HttpContext.Current.User = new GenericPrincipal(new FakeIdentity(), new string[] { });
if (MQ1Principal.Load(model.UserName))
{
var identity = (MQ1Identity)ApplicationContext.User.Identity;
if (identity.ErrorInfo != null && !string.IsNullOrWhiteSpace(identity.ErrorInfo.ErrorMessage))
{
ShowError(model, identity.ErrorInfo.ErrorMessage, model.SSOLoginError);
return View("Login", model);
}
if (Session != null)
Session["LoginTime"] = DateTime.Now;
return LoginRedirect(model, returnUrl, identity);
}
}
catch (Exception ex)
{
model.UserName = string.Empty;
System.Web.HttpContext.Current.User = new UnauthenticatedPrincipal();
ShowError(
model,
ex.Message.Contains(LanguageService.Translate("Error_AccountNotFound")) ? LanguageService.Translate("Error_AccountNotFound") : ex.Message,
model.SSOLoginError);
}
return View("Login", model);
}
/// <summary>Redirects to sso login.</summary>
/// <param name="model">The model.</param>
/// <param name="returnUrl">The return URL.</param>
/// <returns></returns>
public ActionResult LoginSSO(StartScreenViewModel model, string returnUrl)
{
// we should use new Owin cookie.
// var cookie = FormsAuthentication.GetAuthCookie(HttpContext.User.Identity.Name, false);
var cookie = Request.Cookies.Get(Constants.OwinAuthCookieName);
var forceAuthn = cookie == null || cookie.Expires.CompareTo(DateTime.Now) <= 0;
var sso = SSOOptionsInfo.GetSSOInfo();
Response.Redirect(sso.IdPTargetUrl + "?SAMLRequest=" + Server.UrlEncode(SamlRequest.GetSAMLRequest(sso, forceAuthn)));
return null;
}
public ActionResult Login(StartScreenViewModel model, string returnUrl)
{
if (model == null)
return null;
if (!ModelState.IsValid)
return View(model);
if (MQ1Principal.Login(model.UserName, model.Password))
{
var identity = (MQ1Identity)ApplicationContext.User.Identity;
if (identity.ErrorInfo != null && !string.IsNullOrWhiteSpace(identity.ErrorInfo.ErrorMessage))
{
if (identity.ErrorInfo.State == LoginFailedException.LoginFailureState.UseSSO)
{
LoginSSO(model, returnUrl);
return null;
}
if (identity.MustChangePassword)
{
//not to use url param
TempData["userName"] = model.UserName;
TempData["MustChangePassword"] = identity.MustChangePassword;
return RedirectToAction("ChangePassword", new RouteValueDictionary(new { controller = "ChangePassword", action = "ChangePassword", returnUrl = returnUrl }));
}
ShowError(model, identity.ErrorInfo.ErrorMessage);
return View(model);
}
if (Session != null)
Session["LoginTime"] = DateTime.Now;
return LoginRedirect(model, returnUrl, identity);
}
ShowError(model, "Incorrect username or password");
return View(model);
}
public ActionResult Index(StartScreenViewModel model)
{
var systemOptions = SystemOptionsEdit.GetSysOptionsInfo();
if (systemOptions.IsUnderMaintenance)
{
MQ1Principal.Load(HttpContext.User.Identity.Name);
var identity = (MQ1Identity)ApplicationContext.User.Identity;
if (identity.AccountId > 0 && !identity.IsAdmin)
{
return RedirectToAction("Login", "Account");
}
}
if (!systemOptions.AllowRememberMe)
{
var ctx = Request.GetOwinContext();
var authenticationManager = ctx.Authentication;
if (Session != null)
{
var loginTime = (DateTime?) Session["LoginTime"];
if (!loginTime.HasValue || DateTime.Now.Subtract(loginTime.Value).TotalSeconds > 30)
{
authenticationManager.SignOut();
// user new Owin auth
// FormsAuthentication.SignOut();
return RedirectToAction("Login", "Account");
}
}
// Owin supports sliding cookie expiration by default
// If I missunderstood the meaning of this code - please, uncomment and adjust for Owin
//if (Request.Cookies.Count > 0)
//{
// var cookie = Request.Cookies.Get(Constants.OwinAuthCookieName); // Request.Cookies[".ASPXAUTH"];
// if (cookie != null && cookie.Value != null)
// {
// var existingTicket = FormsAuthentication.Decrypt(cookie.Value);
// if (existingTicket != null &&
// existingTicket.Name == HttpContext.User.Identity.Name && existingTicket.IsPersistent)
// {
// FormsAuthentication.SetAuthCookie(HttpContext.User.Identity.Name, false);
// }
// }
//}
}
//var dispatcher = NewsDispatcher.GetNewsDispatcher();
var startScreenVM = new StartScreenViewModel
{
//News = dispatcher.NewsStack,
News = new List<NewsItem>(),
//LogoView = dispatcher.LoginHtml,
InitParams = InitParams(),
Version = Assembly.GetExecutingAssembly().GetName().Version,
HasElevatedPermissions = MQ1Principal.HasElevatedPermissions(HttpContext.User.Identity.Name),
ShowWarning = SystemOptionsEdit.GetSysOptionsInfo().IsUnderMaintenance,
Brand = ConfigurationManager.AppSettings["Branding"] == "QMS" ? Branding.QMS : Branding.Elements,
};
return View(startScreenVM);
}
