public IActionResult ChangePassword(ChangePasswordViewModel view)
{
ApplicationUserRepository userRepo = null;
ApplicationAuditLogRepository logRepo = null;
ApplicationUser user = null;
try
{
if (ModelState.IsValid)
{
if (view.OldPassword != view.NewPassword)
{
userRepo = new ApplicationUserRepository(settings, logger, dbc);
logRepo = new ApplicationAuditLogRepository(settings, logger, dbc);
// Find user in database and validate there password
user = (userRepo.FindAll()).FirstOrDefault(u => u.NormalizedUserName == view.UserName.ToUpper());
if (PasswordHash.ValidateHashedPassword(user.PasswordHash, view.OldPassword))
{
user.PasswordHash = PasswordHash.HashPassword(view.NewPassword);
userRepo.Update(user);
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"Changed password for User ({HttpContext.User.Identity.Name})."
});
return(RedirectToAction("PasswordChangeSuccess", "Account"));
}
else
{
// Old Password wrong
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"Old password didn't match for User ({HttpContext.User.Identity.Name}) while changing password."
});
ModelState.AddModelError("OldPassword", "Password doesn't match our records.");
return(View("ChangePassword", view));
}
}
else
{
// Passwords matched
ModelState.AddModelError("NewPassword", "New Password is the same as the Old Password.");
return(View("ChangePassword", view));
}
}
else
{
return(View("ChangePassword", view));
}
}
catch (Exception ex)
{
logger.LogError($"Exception: {ex.Message}");
throw (Exception)Activator.CreateInstance(ex.GetType(), ex.Message + ex.StackTrace);
}
}
public IActionResult ResetPassword(ResetPasswordViewModel view)
{
ApplicationUserRepository userRepo = null;
ApplicationAuditLogRepository logRepo = null;
ApplicationUser user = null;
try
{
if (ModelState.IsValid)
{
if (view.Password == view.ConfirmPassword)
{
if (view.UserName.ToUpper() != "ADMIN" && view.UserName.ToUpper() != "ADMINISTRATOR")
{
userRepo = new ApplicationUserRepository(settings, logger, dbc);
logRepo = new ApplicationAuditLogRepository(settings, logger, dbc);
// Find user in database and validate there password
user = (userRepo.FindAll()).FirstOrDefault(u => u.NormalizedUserName == view.UserName.ToUpper());
user.PasswordHash = PasswordHash.HashPassword(view.Password);
userRepo.Update(user);
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"Reset password for User ({HttpContext.User.Identity.Name})."
});
return(RedirectToAction("PasswordResetSuccess", "Account"));
}
else
{
// Can't reset Admin password
ModelState.AddModelError("UserName", "You can't reset the Admin users password!");
return(View("ResetPassword", view));
}
}
else
{
// Passwords don't match
ModelState.AddModelError("ConfirmPassword", "Confirm Password doesn't match New Password.");
return(View("ResetPassword", view));
}
}
else
{
return(View("ResetPassword", view));
}
}
catch (Exception ex)
{
logger.LogError($"Exception: {ex.Message}");
throw (Exception)Activator.CreateInstance(ex.GetType(), ex.Message + ex.StackTrace);
}
}
public IActionResult AuditLog()
{
ApplicationAuditLogRepository logRepo;
IPager <ApplicationAuditLog> pager;
try
{
logRepo = new ApplicationAuditLogRepository(settings, logger, dbc);
pager = logRepo.FindAll(new Pager <ApplicationAuditLog>()
{
PageNbr = 0, PageSize = 20
});
}
catch (Exception ex)
{
throw (Exception)Activator.CreateInstance(ex.GetType(), ex.Message + ex.StackTrace);
}
return(View("AuditLog", pager));
}
public async Task <IActionResult> Logout()
{
ApplicationAuditLogRepository logRepo;
var redirectUrl = new { url = "/Home/Logout" };
try
{
logRepo = new ApplicationAuditLogRepository(settings, logger, dbc);
await identityManager.SignOutAsync(HttpContext.User.Identity.Name);
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"User ({HttpContext.User.Identity.Name}) logged out of the application."
});
}
catch (Exception ex)
{
logger.LogError($"Exception logging user({HttpContext.User.Identity.Name}) out of the application: {ex.Message}");
return(RedirectToAction("Error"));
}
return(Json(redirectUrl));
}
public async Task <IActionResult> Login(LoginViewModel login, string ReturnUrl = null)
{
ApplicationUserRepository userRepo = null;
ApplicationUserClaimRepository userClaimRepo = null;
ApplicationAuditLogRepository logRepo = null;
ApplicationUser user = null;
try
{
if (ModelState.IsValid)
{
userRepo = new ApplicationUserRepository(settings, logger, dbc);
userClaimRepo = new ApplicationUserClaimRepository(settings, logger, dbc);
logRepo = new ApplicationAuditLogRepository(settings, logger, dbc);
// Find user in database and validate there password
user = (userRepo.FindAll()).FirstOrDefault(u => u.NormalizedUserName == login.UserName.ToUpper());
if (user != null)
{
//valid = PasswordHash.ValidateHashedPassword(user.PasswordHash, login.Password);
// Add user claims from the database
user.Claims = new List <ApplicationUserClaim>();
foreach (ApplicationUserClaim c in userClaimRepo.FindAll().Where(c => c.UserId == user.Id))
{
user.Claims.Add(c);
}
// Sign in the user, if there password is correct
if (await identityManager.SignInWithPasswordAsync(user, login.Password))
{
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"User ({user.UserName}) logged into application at IP address: {HttpContext.Connection.RemoteIpAddress}.", UserName = user.UserName
});
logger.LogInformation($"Logged in user: {login.UserName} at IP address: {HttpContext.Connection.RemoteIpAddress}");
if (ReturnUrl == null)
{
return(LocalRedirect("/Home/LoginSuccess"));
}
else
{
return(LocalRedirect($"{ReturnUrl}"));
}
}
else
{
logger.LogError($"Invalid user name / password combination: {login.UserName} at IP address {HttpContext.Connection.RemoteIpAddress}");
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"Invalid user name / password combination for User ({user.UserName}) at IP address {HttpContext.Connection.RemoteIpAddress}.", UserName = user.UserName
});
return(LocalRedirect("/Home/InvalidCredentials"));
}
}
else
{
logger.LogError($"Invalid user name / password combination: {login.UserName} at IP address: {HttpContext.Connection.RemoteIpAddress}");
return(LocalRedirect("/Home/InvalidCredentials"));
}
}
else
{
logger.LogError("Invalid ModelState: AccountController.Login()");
return(View($"LoginRegister?action=login?ReturnUrl={ReturnUrl}"));
}
}
catch (Exception ex)
{
logger.LogError($"Exception: {ex.Message}");
}
return(RedirectToAction("Error"));
}
public async Task <ActionResult> EditUser(ApplicationUserViewModel view)
{
ApplicationUserRepository userRepo;
ApplicationRoleRepository roleRepo;
ApplicationUserClaimRepository userClaimRepo;
ApplicationAuditLogRepository logRepo;
ApplicationUserClaim userClaim = null;
IList <string> currentRoles = null;
string role = String.Empty;
int claimId = 0;
int rows = 0;
const string issuer = "Local Authority";
const string claimTypesDepartment = "Department";
bool isCurrentUser = view.User.UserName.ToUpper() == HttpContext.User.Identity.Name.ToUpper() ? true : false;
try
{
userRepo = new ApplicationUserRepository(settings, logger, dbc);
userClaimRepo = new ApplicationUserClaimRepository(settings, logger, dbc);
roleRepo = new ApplicationRoleRepository(settings, logger, dbc);
logRepo = new ApplicationAuditLogRepository(settings, logger, dbc);
if (ModelState.IsValid)
{
// Update the user in the database
userRepo.Update(view.User);
//Add DOB claim to database and to claims list of the current user, if applicable
userClaim = (userClaimRepo.FindAll()).FirstOrDefault(uc => uc.UserId == view.User.Id && uc.ClaimType == ClaimTypes.DateOfBirth);
if (userClaim != null)
{
if (userClaim.ClaimValue != view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss"))
{
userClaim.ModifiedDt = DateTime.Now;
userClaim.ClaimValue = view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss");
// Update the database
userClaimRepo.Update(userClaim);
logger.LogInformation($"Updated claim({ClaimTypes.DateOfBirth}) for user account: {view.User.UserName}");
}
else
{
// Nothing changed, so no need to update the database
}
}
else
{
// Add DOB claim to the database
userClaim = new ApplicationUserClaim()
{
UserId = view.User.Id,
ClaimType = ClaimTypes.DateOfBirth, ClaimValue = view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss"), ClaimIssuer = issuer,
Active = true, ModifiedDt = DateTime.Now, CreateDt = DateTime.Now
};
userClaimRepo.Add(userClaim);
logger.LogInformation($"Added new claim({ClaimTypes.DateOfBirth}) to user account: {view.User.UserName}");
}
//TODO: Department still has issues when transitioning from null to not null
//Add Department claim to database and to claims list of the user
userClaim = (userClaimRepo.FindAll()).FirstOrDefault(uc => uc.UserId == view.User.Id && uc.ClaimType == claimTypesDepartment);
if (userClaim != null)
{
if (view.User.Department != null && userClaim.ClaimValue != view.User.Department)
{
userClaim.ModifiedDt = DateTime.Now;
userClaim.ClaimValue = view.User.Department;
userClaimRepo.Update(userClaim);
logger.LogInformation($"Updated claim({claimTypesDepartment}) for user account: {view.User.UserName}");
}
else
{
// Nothing changed, so no need to update the database
}
}
else
{
if (view.User.Department != null)
{
userClaim = new ApplicationUserClaim()
{
UserId = view.User.Id,
ClaimType = claimTypesDepartment, ClaimValue = view.User.Department, ClaimIssuer = issuer,
Active = true, ModifiedDt = DateTime.Now, CreateDt = DateTime.Now
};
userClaimRepo.Add(userClaim);
logger.LogInformation($"Assigned new claim({claimTypesDepartment}) to user account: {view.User.UserName}");
}
}
//Add Role claim to database and to claims list of the user
// Process the roles and update the role store
currentRoles = (userClaimRepo.FindAll()).Where(uc => uc.UserId == view.User.Id && uc.ClaimType == ClaimTypes.Role).Select(r => r.ClaimValue).ToList();;
if (view.User.RoleBadges != null)
{
foreach (string r in view.User.RoleBadges.Split("|"))
{
if (r != String.Empty)
{
role = r.Substring(r.IndexOf('-') + 1, r.Length - r.IndexOf('-') - 1);
// Add, if it's a new role
if (!currentRoles.Contains(role))
{
claimId = (int)userClaimRepo.Add(new ApplicationUserClaim()
{
UserId = view.User.Id,
ClaimType = ClaimTypes.Role, ClaimValue = role, ClaimIssuer = issuer,
Active = true, ModifiedDt = DateTime.Now, CreateDt = DateTime.Now
});
if (claimId > 0)
{
logger.LogInformation($"Assigned role({role}) to user account: {view.User.UserName}");
}
else
{
logger.LogError($"Error assigning role({role}) to user account: {view.User.UserName}");
}
}
}
}
}
// Remove any roles of which the user is no longer a member
foreach (string r in currentRoles)
{
if (!view.User.RoleBadges.Contains(r))
{
claimId = (userClaimRepo.FindAll()).FirstOrDefault(c => c.ClaimType == ClaimTypes.Role && c.UserId == view.User.Id).Id;
rows = userClaimRepo.Delete(new PrimaryKey()
{
Key = (int)claimId, IsIdentity = true
});
if (rows > 0)
{
logger.LogInformation($"Removed role({r}) from user account: {view.User.UserName}");
}
else
{
logger.LogError($"Error removing role({r}) from account: {view.User.UserName}");
}
}
}
// If we've updated the claims for the currently signed-in user,
// then refresh Cookie by recreating the User Security Principal from the database
if (isCurrentUser)
{
await identityManager.RefreshClaimsAsync(view.User, userClaimRepo.FindAll().Where(uc => uc.UserId == view.User.Id).ToList());
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"User ({view.User.UserName}) logged into application with refreshed claims."
});
logger.LogInformation($"Refreshed cookie for user: {view.User.UserName}");
}
return(RedirectToAction("Index", "Account"));
}
else
{
userClaimRepo = new ApplicationUserClaimRepository(settings, logger, dbc);
userRepo = new ApplicationUserRepository(settings, logger, dbc);
view.User = userRepo.FindByPKView(new PrimaryKey()
{
Key = view.User.Id, IsIdentity = true
});
view.Roles = roleRepo.FindAll();
// Update the RoleBadges
foreach (ApplicationUserClaim uc in view.User.Claims.Where(uc => uc.UserId == view.User.Id))
{
view.User.RoleBadges += String.Format("{0}-{1}|", uc.Id, uc.ClaimType);
}
return(View("EditUser", view));
}
}
catch (Exception ex)
{
throw (Exception)Activator.CreateInstance(ex.GetType(), ex.Message + ex.StackTrace);
}
}
public async Task <ActionResult> EditProfile(ApplicationUserViewModel view)
{
ApplicationUserRepository userRepo;
ApplicationUserClaimRepository userClaimRepo;
ApplicationAuditLogRepository logRepo;
ApplicationUserClaim userClaim = null;
ClaimsPrincipal userPrincipal = null;
Claim dobClaim = null; Claim deptClaim = null;
const string issuer = "Local Authority";
const string claimTypesDepartment = "Department";
try
{
userRepo = new ApplicationUserRepository(settings, logger, dbc);
userClaimRepo = new ApplicationUserClaimRepository(settings, logger, dbc);
logRepo = new ApplicationAuditLogRepository(settings, logger, dbc);
if (ModelState.IsValid)
{
userRepo.Update(view.User);
//Add DOB claim to database and to claims list of the user
dobClaim = HttpContext.User.FindFirst(ClaimTypes.DateOfBirth);
if (dobClaim != null)
{
((ClaimsIdentity)HttpContext.User.Identity).RemoveClaim(dobClaim);
userClaim = (userClaimRepo.FindAll()).FirstOrDefault(uc => uc.UserId == view.User.Id && uc.ClaimType == ClaimTypes.DateOfBirth);
userClaim.ModifiedDt = DateTime.Now;
userClaim.ClaimValue = view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss");
userClaimRepo.Update(userClaim);
}
else
{
userClaimRepo.Add(new ApplicationUserClaim()
{
UserId = view.User.Id,
ClaimType = ClaimTypes.DateOfBirth,
ClaimValue = view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss"),
ClaimIssuer = issuer,
Active = true,
ModifiedDt = DateTime.Now,
CreateDt = DateTime.Now
});
}
((ClaimsIdentity)HttpContext.User.Identity)
.AddClaim(new Claim(ClaimTypes.DateOfBirth, view.User.DOB.ToString("yyyy-MM-dd hh:mm:ss"), ClaimValueTypes.String, issuer));
//Add Department claim to database and to claims list of the user
if (view.User.Department != null)
{
deptClaim = HttpContext.User.FindFirst(claimTypesDepartment);
if (deptClaim != null)
{
((ClaimsIdentity)HttpContext.User.Identity).RemoveClaim(deptClaim);
userClaim = (userClaimRepo.FindAll()).FirstOrDefault(uc => uc.UserId == view.User.Id && uc.ClaimType == claimTypesDepartment);
userClaim.ModifiedDt = DateTime.Now;
userClaim.ClaimValue = view.User.Department;
userClaimRepo.Update(userClaim);
}
else
{
userClaimRepo.Add(new ApplicationUserClaim()
{
UserId = view.User.Id,
ClaimType = claimTypesDepartment,
ClaimValue = view.User.Department,
ClaimIssuer = issuer,
Active = true,
ModifiedDt = DateTime.Now,
CreateDt = DateTime.Now
});
}
((ClaimsIdentity)HttpContext.User.Identity)
.AddClaim(new Claim(claimTypesDepartment, view.User.Department, ClaimValueTypes.String, issuer));
}
// We've updated the claims for the currently signed-in user,
// So refresh Cookie by recreating the User Security Principal from the database
await identityManager.RefreshClaimsAsync(view.User, userClaimRepo.FindAll().Where(uc => uc.UserId == view.User.Id).ToList());
logRepo.Add(new ApplicationAuditLog()
{
CategoryId = 1, Description = $"User ({view.User.UserName}) logged into application with refreshed claims."
});
// Refresh Cookie by recreating the User Security Principal from the current Identity Principal
//userPrincipal = new ClaimsPrincipal(HttpContext.User.Identity);
// Sign In User
//await HttpContext.SignInAsync(
// CookieAuthenticationDefaults.AuthenticationScheme,
// userPrincipal,
// new AuthenticationProperties()
// {
// IsPersistent = false
// });
logger.LogInformation($"Refreshed cookie for user: {view.User.UserName}");
return(RedirectToAction("LoginSuccess", "Home"));
}
else
{
userClaimRepo = new ApplicationUserClaimRepository(settings, logger, dbc);
userRepo = new ApplicationUserRepository(settings, logger, dbc);
view.User = userRepo.FindByPKView(new PrimaryKey()
{
Key = view.User.Id, IsIdentity = true
});
//view.Roles = ApplicationRole.Roles;
return(View("EditProfile", view));
}
}
catch (Exception ex)
{
throw (Exception)Activator.CreateInstance(ex.GetType(), ex.Message + ex.StackTrace);
}
}
