private void LoginUser(string destination)
{
MembershipUser muser = Membership.GetUser(UserName.Text);
C3User user = new C3User(muser);
Session.Add("C3User", user);
UserHelper.ManageSession(false);
destination = Request["ReturnURL"] == null ? destination : Request["ReturnURL"];
if (string.IsNullOrEmpty(destination))
{
destination = user.Controls.Count == 0 ? "~/AccessDenied.aspx" : user.Controls[0].Path;
}
if (!string.IsNullOrEmpty(UserHelper.GetDefaultContract(user).ContractId.ToString()))
{
user.CurrentContract = UserHelper.GetDefaultContract(user);
}
PageInfo info = UserHelper.RedirectUser(user, destination, string.Empty, false);
var auditLog = GetAuditLog();
auditLog.Type = "SignIn";
auditLog.LandingPage = info.RedirectURL;
AuditService.Instance.LogEvent(auditLog);
FormsAuthentication.SetAuthCookie(UserName.Text, false);
Response.Redirect(info.RedirectURL);
}
protected void UserNameSubmitButton_Click(object sender, EventArgs e)
{
bool errorMsg = false;
if (txtUserName.Text.Length == 0)
{
errorMsg = true;
}
else
{
muser = Membership.GetUser(txtUserName.Text);
if (muser != null)
{
C3User user = new C3User(muser);
if (!user.IsActive)
{
UserPageInfo.ErrorMessageCode = "ERR_010";
UserHelper.RedirectUser(user, "~/Login.aspx", "Login", true);
}
else if (user.IsDeleted)
{
UserPageInfo.ErrorMessageCode = "ERR_011";
UserHelper.RedirectUser(user, GlobalSiteRoot + "Login.aspx", "Login", true);
}
else if (user.IsLocked)
{
UserPageInfo.ErrorMessageCode = "ERR_012";
UserHelper.RedirectUser(user, GlobalSiteRoot + "Login.aspx", "Login", true);
}
else if (string.IsNullOrEmpty(user.PasswordQuestion))
{
UserPageInfo.ErrorMessageCode = "ERR_008";
UserHelper.RedirectUser(user, GlobalSiteRoot + "Login.aspx", "Login", true);
}
else
{
Question.Text = muser.PasswordQuestion;
UserPageInfo.InformationMessageCode = "INF_018";
UserPageInfo.ErrorMessageCode = "";
SetInformationText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.InformationMessageCode));
SetPageErrorText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.ErrorMessageCode));
UserNamePanel.Style["display"] = "none";
QuestionPanel.Style["display"] = "block";
txtAnswer.Focus();
}
}
else
{
errorMsg = true;
}
}
if (errorMsg == true)
{
UserPageInfo.ErrorMessageCode = "ERR_002";
UserPageInfo.InformationMessageCode = "INF_017";
SetPageErrorText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.ErrorMessageCode));
SetInformationText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.InformationMessageCode));
}
}
protected void QuestionSubmitButton_OnClick(object sender, EventArgs e)
{
bool errorMsg = false;
muser = Membership.GetUser(txtUserName.Text);
C3User user = new C3User(muser);
passwordAnswerCount = user.FailedPasswordAnswerAttemptCount;
if (txtAnswer.Text.Length == 0)
{
errorMsg = true;
}
else
{
PhytelEncrypter phytelEncrypter = new PhytelEncrypter();
string passwordAnswerEncrypted = phytelEncrypter.Encrypt(txtAnswer.Text.ToLower());
if (user.PasswordAnswer == passwordAnswerEncrypted)
{
user.ResetPassword();
DateTime expiration = System.DateTime.Now.AddMinutes(-1);
//string expiration = System.DateTime.Today.ToShortDateString();
user.SetPasswordExpiration(expiration.ToString());
Membership.ValidateUser(user.UserName, user.GetPassword());
FormsAuthentication.SetAuthCookie(user.UserName, false);
user.ResetFailedAttemptCounts();
Session.Add("C3User", user);
UserPageInfo.ErrorMessageCode = string.Empty;
Response.Redirect(GlobalSiteRoot + "ChangePassword.aspx");
}
else
{
errorMsg = true;
passwordAnswerCount += 1;
user.SetFailedPasswordAnswerAttemptCount(passwordAnswerCount);
}
}
if (errorMsg == true)
{
if (passwordAnswerCount == 5)
{
//Lock out user
user.LockOutUser();
UserPageInfo.ErrorMessageCode = "ERR_009";
Response.Redirect(GlobalSiteRoot + "Login.aspx");
}
else
{
UserPageInfo.InformationMessageCode = "INF_018";
UserPageInfo.ErrorMessageCode = "ERR_004";
SetPageErrorText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.ErrorMessageCode));
SetInformationText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.InformationMessageCode));
}
}
}
protected void SubmitButton_OnClick(object sender, EventArgs e)
{
ApplicationMessage errMessage = null;
string newPasswordEncrypted = string.Empty;
if (String.IsNullOrEmpty(NewPassword.Text) || String.IsNullOrEmpty(ConfirmNewPassword.Text))
{
errMessage = ApplicationMessageService.Instance.GetMessage("ERR_032");
}
else if (ConfirmNewPassword.Text != NewPassword.Text)
{
errMessage = ApplicationMessageService.Instance.GetMessage("ERR_005");
}
NewPasswordValidator.Visible = String.IsNullOrEmpty(NewPassword.Text);
ConfirmPasswordValidator.Visible = String.IsNullOrEmpty(ConfirmNewPassword.Text);
if (errMessage == null)
{
if (!ValidateNewPassword())
{
errMessage = ApplicationMessageService.Instance.GetMessage("ERR_006");
hdnNewPassword.Value = NewPassword.Text;
hdnConfirmNewPassword.Value = ConfirmNewPassword.Text;
}
}
if (errMessage == null)
{
// Attempt to Change Password
CurrentUser.ChangePassword(CurrentUser.CurrentPassword, NewPassword.Text);
CurrentUser.SetPasswordExpiration();
//Log Audit for Change Password
LogAuditEvent("ChangePassword", null);
// Store new password in the Password History table
CurrentUser.AddToPasswordHistory(newPasswordEncrypted);
//send email
if (string.IsNullOrEmpty(CurrentUser.Email))
{
MembershipUser mUser = Membership.GetUser(CurrentUser.AdminUserId);
if (mUser != null)
{
C3User adminUser = new C3User(mUser);
if (!string.IsNullOrEmpty(adminUser.Email))
{
UserHelper.SendEmail(CurrentUser, ApplicationSettingService.Instance.GetSetting("EMAIL_CHGPWD_ADMIN_SUBJECT").Value, ApplicationSettingService.Instance.GetSetting("EMAIL_CHGPWD_ADMIN_BODY").Value, adminUser);
}
}
}
else
{
UserHelper.SendEmail(CurrentUser, ApplicationSettingService.Instance.GetSetting("EMAIL_CHGPWD_USER_SUBJECT").Value, ApplicationSettingService.Instance.GetSetting("EMAIL_CHGPWD_USER_BODY").Value);
}
if (CurrentUser.FirstTimeUser)
{
//Set FirstTimeUser to false
CurrentUser.SetFirstTimeUser();
}
UserPageInfo.ErrorMessageCode = "";
UserPageInfo.InformationMessageCode = "";
UserHelper.RedirectUser(CurrentUser);
}
else
{
//SetPageErrorText(errMessage);
}
}
