public new ActionResult Profile()
        {
            int?    contactId      = null;
            string  externalAppKey = null;
            dynamic profile;
            List <ViewModels.Contacts.ContactViewModel> employeeList;

            profile = ProfileBase.Create(Membership.GetUser().UserName);

            if (profile != null && profile.ContactId != null &&
                !string.IsNullOrEmpty(profile.ContactId))
            {
                contactId = int.Parse(profile.ContactId);
            }

            if (profile != null && profile.ExternalAppKey != null &&
                !string.IsNullOrEmpty(profile.ExternalAppKey))
            {
                externalAppKey = profile.ExternalAppKey;
            }

            if (string.IsNullOrEmpty(externalAppKey) ||
                (Request["newAppKey"] != null && Request["newAppKey"] == "true"))
            {
                Common.Encryption enc = new Common.Encryption();
                enc.GenerateKey();
                externalAppKey = enc.Key;
            }

            employeeList = new List <ViewModels.Contacts.ContactViewModel>();
            employeeList.Add(new ViewModels.Contacts.ContactViewModel()
            {
                Id          = null,
                DisplayName = "< None >"
            });

            Data.Contacts.Contact.ListEmployeesOnly().ForEach(x =>
            {
                employeeList.Add(Mapper.Map <ViewModels.Contacts.ContactViewModel>(x));
            });

            ViewBag.EmployeeContactList = employeeList;

            return(View(new ViewModels.Account.ProfileViewModel()
            {
                ContactId = contactId, ExternalAppKey = externalAppKey
            }));
        }
        public Response<dynamic> Authenticate(string password)
        {
            JsonWebClient web;
            AuthPackage authPackage;
            Response<Guid> result;
            string authUrl;
            Response<dynamic> resp;
            Common.Encryption enc;
            Common.Encryption.Package encPackage;

            enc = new Common.Encryption();
            enc.Key = Globals.ThisAddIn.Settings.Key;
            enc.GenerateIV();
            encPackage = new Common.Encryption.Package()
            {
                Input = password.Trim()
            };
            encPackage = enc.Encrypt(encPackage);

            authPackage = new AuthPackage()
            {
                AppName = "OpenLawOffice.Word",
                MachineId = Globals.ThisAddIn.Settings.MachineId,
                Username = Globals.ThisAddIn.Settings.Username.Trim(),
                IV = enc.IV,
                Password = encPackage.Output
            };

            if (string.IsNullOrEmpty(Globals.ThisAddIn.Settings.ServerUrl))
                throw new InvalidOperationException("Invalid Server URL");
            if (string.IsNullOrEmpty(Globals.ThisAddIn.Settings.Username))
                throw new InvalidOperationException("Invalid Username");

            web = new JsonWebClient();
            authUrl = Globals.ThisAddIn.Settings.ServerUrl + "JsonInterface/Authenticate";

            if (Globals.ThisAddIn.CanLog)
                LogManager.GetCurrentClassLogger().Debug("Sending authentication request to: " + authUrl);

            result = web.Request<AuthPackage, Guid>(authUrl, "POST", authPackage);
            resp = new Common.Net.Response<dynamic>();

            if (result == null)
            {
                string error;

                if (Globals.ThisAddIn.CanLog)
                    LogManager.GetCurrentClassLogger().Info("Login error for user: "******"User logged in successfully: " + authPackage.Username);
                    else
                        LogManager.GetCurrentClassLogger().Debug("Failed login for: " + authPackage.Username);
                }
            }

            return resp;
        }
        public ActionResult Authenticate()
        {
            dynamic profile;
            Common.Net.Request<Common.Net.AuthPackage> request;
            Common.Net.Response<Guid> response = new Common.Net.Response<Guid>();

            request = Request.InputStream.JsonDeserialize<Common.Net.Request<Common.Net.AuthPackage>>();

            response.RequestReceived = DateTime.Now;

            Common.Models.Account.Users user = Data.Account.Users.Get(request.Package.Username);
            profile = ProfileBase.Create(user.Username);

            // decrypt password
            Common.Encryption enc = new Common.Encryption();
            Common.Encryption.Package package;
            enc.IV = request.Package.IV;
            if (profile != null && profile.ExternalAppKey != null
                && !string.IsNullOrEmpty(profile.ExternalAppKey))
                enc.Key = profile.ExternalAppKey;
            else
            {
                response.Successful = false;
                response.Package = Guid.Empty;
            }
            package = enc.Decrypt(new Common.Encryption.Package()
                {
                    Input = request.Package.Password
                });
            if (string.IsNullOrEmpty(package.Output))
            {
                response.Successful = false;
                response.Package = Guid.Empty;
            }
            request.Package.Password = package.Output;

            string hashFromDb = Security.ClientHashPassword(user.Password);
            string hashFromWeb = Security.ClientHashPassword(request.Package.Password);
            
            if (MembershipService.ValidateUser(request.Package.Username, request.Package.Password))
            {
                Common.Models.External.ExternalSession session =
                    Data.External.ExternalSession.Get(request.Package.AppName, request.Package.MachineId, request.Package.Username);
                user = Data.Account.Users.Get(request.Package.Username);

                if (session == null)
                { // create
                    session = Data.External.ExternalSession.Create(new Common.Models.External.ExternalSession()
                    {
                        MachineId = request.Package.MachineId,
                        User = user,
                        AppName = request.Package.AppName
                    });
                }
                else
                { // update
                    session = Data.External.ExternalSession.Update(new Common.Models.External.ExternalSession()
                    {
                        Id = session.Id,
                        MachineId = request.Package.MachineId,
                        User = user,
                        AppName = request.Package.AppName
                    });
                }

                response.Successful = true;
                response.Package = session.Id.Value;
            }
            else
            {
                response.Successful = false;
                response.Package = Guid.Empty;
                response.Error = "Invalid security credentials.";
            }

            response.ResponseSent = DateTime.Now;

            return Json(response, JsonRequestBehavior.AllowGet);
        }
Example #4
0
        public ActionResult Authenticate()
        {
            Common.Net.AuthPackage     authPackage;
            Common.Net.Response <Guid> response = new Common.Net.Response <Guid>();

            response.RequestReceived = DateTime.Now;

            authPackage = Request.InputStream.JsonDeserialize <Common.Net.AuthPackage>();

            using (Data.Transaction trans = Data.Transaction.Create(true))
            {
                try
                {
                    dynamic profile;
                    Common.Models.Account.Users user = Data.Account.Users.Get(trans, authPackage.Username);
                    profile = ProfileBase.Create(user.Username);

                    // decrypt password
                    Common.Encryption         enc = new Common.Encryption();
                    Common.Encryption.Package package;
                    enc.IV = authPackage.IV;
                    if (profile != null && profile.ExternalAppKey != null &&
                        !string.IsNullOrEmpty(profile.ExternalAppKey))
                    {
                        enc.Key = profile.ExternalAppKey;
                    }
                    else
                    {
                        response.Successful   = false;
                        response.Package      = Guid.Empty;
                        response.ResponseSent = DateTime.Now;
                        return(Json(response, JsonRequestBehavior.AllowGet));
                    }
                    package = enc.Decrypt(new Common.Encryption.Package()
                    {
                        Input = authPackage.Password
                    });
                    if (string.IsNullOrEmpty(package.Output))
                    {
                        response.Successful   = false;
                        response.Package      = Guid.Empty;
                        response.ResponseSent = DateTime.Now;
                        return(Json(response, JsonRequestBehavior.AllowGet));
                    }
                    authPackage.Password = package.Output;

                    string hashFromDb  = Security.ClientHashPassword(user.Password);
                    string hashFromWeb = Security.ClientHashPassword(authPackage.Password);

                    if (MembershipService.ValidateUser(authPackage.Username, authPackage.Password))
                    {
                        Common.Models.External.ExternalSession session =
                            Data.External.ExternalSession.Get(trans, authPackage.AppName, authPackage.MachineId, authPackage.Username);
                        user = Data.Account.Users.Get(trans, authPackage.Username);

                        if (session == null)
                        { // create
                            session = Data.External.ExternalSession.Create(trans, new Common.Models.External.ExternalSession()
                            {
                                MachineId = authPackage.MachineId,
                                User      = user,
                                AppName   = authPackage.AppName
                            });
                        }
                        else
                        { // update
                            session = Data.External.ExternalSession.Update(trans, new Common.Models.External.ExternalSession()
                            {
                                Id        = session.Id,
                                MachineId = authPackage.MachineId,
                                User      = user,
                                AppName   = authPackage.AppName
                            });
                        }

                        response.Successful = true;
                        response.Package    = session.Id.Value;
                        trans.Commit();
                    }
                    else
                    {
                        response.Successful = false;
                        response.Package    = Guid.Empty;
                        response.Error      = "Invalid security credentials.";
                    }
                }
                catch
                {
                    trans.Rollback();
                    response.Successful = false;
                    response.Package    = Guid.Empty;
                    response.Error      = "Unexpected server error.";
                }
            }

            response.ResponseSent = DateTime.Now;

            return(Json(response, JsonRequestBehavior.AllowGet));
        }
Example #5
0
        public Response <dynamic> Authenticate(string password)
        {
            JsonWebClient      web;
            AuthPackage        authPackage;
            Response <Guid>    result;
            string             authUrl;
            Response <dynamic> resp;

            Common.Encryption         enc;
            Common.Encryption.Package encPackage;

            enc     = new Common.Encryption();
            enc.Key = Globals.ThisAddIn.Settings.Key;
            enc.GenerateIV();
            encPackage = new Common.Encryption.Package()
            {
                Input = password.Trim()
            };
            encPackage = enc.Encrypt(encPackage);

            authPackage = new AuthPackage()
            {
                AppName   = "OpenLawOffice.Word",
                MachineId = Globals.ThisAddIn.Settings.MachineId,
                Username  = Globals.ThisAddIn.Settings.Username.Trim(),
                IV        = enc.IV,
                Password  = encPackage.Output
            };

            if (string.IsNullOrEmpty(Globals.ThisAddIn.Settings.ServerUrl))
            {
                throw new InvalidOperationException("Invalid Server URL");
            }
            if (string.IsNullOrEmpty(Globals.ThisAddIn.Settings.Username))
            {
                throw new InvalidOperationException("Invalid Username");
            }

            web     = new JsonWebClient();
            authUrl = Globals.ThisAddIn.Settings.ServerUrl + "JsonInterface/Authenticate";

            if (Globals.ThisAddIn.CanLog)
            {
                LogManager.GetCurrentClassLogger().Debug("Sending authentication request to: " + authUrl);
            }

            result = web.Request <AuthPackage, Guid>(authUrl, "POST", authPackage);
            resp   = new Common.Net.Response <dynamic>();

            if (result == null)
            {
                string error;

                if (Globals.ThisAddIn.CanLog)
                {
                    LogManager.GetCurrentClassLogger().Info("Login error for user: "******"User logged in successfully: " + authPackage.Username);
                    }
                    else
                    {
                        LogManager.GetCurrentClassLogger().Debug("Failed login for: " + authPackage.Username);
                    }
                }
            }

            return(resp);
        }
        public ActionResult Profile()
        {
            int? contactId = null;
            string externalAppKey = null;
            dynamic profile;
            List<ViewModels.Contacts.ContactViewModel> employeeList;
            
            profile = ProfileBase.Create(Membership.GetUser().UserName);

            if (profile != null && profile.ContactId != null 
                && !string.IsNullOrEmpty(profile.ContactId))
                contactId = int.Parse(profile.ContactId);

            if (profile != null && profile.ExternalAppKey != null
                && !string.IsNullOrEmpty(profile.ExternalAppKey))
                externalAppKey = profile.ExternalAppKey;

            if (string.IsNullOrEmpty(externalAppKey) || 
                (Request["newAppKey"] != null && Request["newAppKey"] == "true"))
            {
                Common.Encryption enc = new Common.Encryption();
                enc.GenerateKey();
                externalAppKey = enc.Key;
            }

            employeeList = new List<ViewModels.Contacts.ContactViewModel>();
            employeeList.Add(new ViewModels.Contacts.ContactViewModel()
            {
                Id = null,
                DisplayName = "< None >"
            });

            Data.Contacts.Contact.ListEmployeesOnly().ForEach(x =>
            {
                employeeList.Add(Mapper.Map<ViewModels.Contacts.ContactViewModel>(x));
            });

            ViewData["EmployeeContactList"] = employeeList;

            return View(new ViewModels.Account.ProfileViewModel() { ContactId = contactId, ExternalAppKey = externalAppKey });
        }