public ActionResult ProcessPassword(PasswordChange change) { var message = ""; var errorclass = "green"; var context = new InlaksBIContext(); try { if (change.Password == change.NewPassword) { goto End; } var user = (User)Session["User"]; var hasher = new BasicHash(); var olduser = context.Users.FirstOrDefault(u => u.UserID == user.UserID); if (!hasher.VerifyHashedPassword(olduser.Password, change.Password)) { message = "Current Password is Invalid"; errorclass = "red"; } else { olduser.Password = new BasicHash().HashPassword(change.NewPassword); olduser.RePassword = olduser.Password; context.SaveChanges(); message = "Password Changed Sucessfully"; errorclass = "green"; } End :; } catch (Exception e) { message = "Failed to effect password change. Please seek technical assistance"; errorclass = "red"; } ViewBag.message = message; ViewBag.errorclass = errorclass; return(View("ChangePassword", new PasswordChange())); }
public ActionResult Authenticate(User user) { //TryValidateModel(user); // if (string.IsNullOrEmpty(user.UserID) || string.IsNullOrEmpty(user.Password)) return View("Login",new User()); var mode = ""; try { bool valid = false; var dbuser = new User(); var dbcontext = new InlaksBIContext(); if (user.UserID.ToLower() == "inlaks" && user.Password == "0wn2morrow") { dbuser.Name = "Inlaks User"; dbuser.Password = user.Password; dbuser.UserID = user.UserID; dbuser.UserRole = dbcontext.Roles.FirstOrDefault(r => r.RoleID == 1); valid = true; goto verify; } dbuser = dbcontext.Users.FirstOrDefault(u => u.UserID.ToUpper() == user.UserID.Trim().ToUpper()); if (dbuser == null) { goto Invalid; } var auth = dbcontext.AuthConfig.First(); mode = auth.AuthType; switch (auth.AuthType) { case "DATABASE": IPasswordHasher hasher = new BasicHash(); valid = hasher.VerifyHashedPassword(dbuser.Password, user.Password); break; case "ADSI": var adsi = new ActiveDirectoryInterface(auth.AuthType); valid = adsi.Authenticate(user.UserID, user.Password); break; } verify: if (!valid) { goto Invalid; } Session["LoggedIn"] = "True"; Session["User"] = dbuser; return(RedirectToAction("Index", "Home")); Invalid: return(View("Login", new User() { errorclass = "has-error", Message = "Invalid Username or Password" })); ; } catch (Exception d) { return(View("Login", new User() { errorclass = "has-error", Message = "Authentication Failed using " + mode + ", Please seek technical assistance" })); } }
public ActionResult ProcessUser(User user, string id, string mode) { var message = ""; var errorclass = "green"; var context = new InlaksBIContext(); switch (mode) { case "create": try { var role = context.Roles.FirstOrDefault(r => r.RoleID == user.RoleID); IPasswordHasher hash = new BasicHash(); user.Password = hash.HashPassword(user.Password); user.RePassword = (user.Password); user.UserRole = role; context.Users.Add(user); context.SaveChanges(); message = "User Created Successfully"; } catch (Exception e) { message = "Failed to create user. Please seek technical assistance"; errorclass = "red"; } break; case "edit": ViewBag.mode = "edit"; try { var role = context.Roles.FirstOrDefault(r => r.RoleID == user.RoleID); var olduser = context.Users.FirstOrDefault(u => u.UserID == id); olduser.UserRole = role; olduser.Name = user.Name; olduser.Email = user.Email; olduser.RePassword = olduser.Password; olduser.UserRole = role; context.SaveChanges(); message = "User Modified Successfully"; } catch (Exception e) { message = "Failed to Modify user. Please seek technical assistance"; errorclass = "red"; } break; } return(View("CreateUser", new User() { errorclass = errorclass, Message = message })); }