public ActionResult Login(PartnerCredentialDTO credential) { if (ModelState.IsValid) { PartnerSessionBLL sessionBLL = new PartnerSessionBLL(WebApp.Connector); PartnerSessionBLL.LoginResult result = sessionBLL.Login(credential, IPAddress.Parse(Request.UserHostAddress), false, out PartnerSessionDTO session); switch (result) { case PartnerSessionBLL.LoginResult.OK: Session.Abandon(); Response.Cookies.Add(new HttpCookie("Session", FormatHelper.FromArrayToHexString(session.Id))); return(RedirectToAction("Home", "Management")); case PartnerSessionBLL.LoginResult.AccountDoesntExist: case PartnerSessionBLL.LoginResult.EmailAddressHasNotBeenVerified: case PartnerSessionBLL.LoginResult.AccountIsLocked: AddError("Username", result.ToString()); return(View(credential)); case PartnerSessionBLL.LoginResult.PasswordDoesntMatch: AddError("Password", result.ToString()); return(View(credential)); default: return(BadRequest()); } } else { return(BadRequestWithErrors(credential)); } }
public ActionResult SignupStep1(PartnerCredentialDTO credential) { if (ModelState.IsValid) { Session["Signup$Credential"] = credential; return(RedirectToAction("SignupStep2")); } else { return(BadRequestWithErrors(credential)); } }
public ActionResult SignupStep4(PartnerPreferencesDTO preferences) { if (ModelState.IsValid) { PartnerBLL partnerBLL = new PartnerBLL(WebApp.Connector) { EmailAddressVerificationSubject = LocalizationProvider["VerifyYourEmailAddress"], EmailAddressVerificationTemplate = LocalizationProvider["EmailVerificationTemplate"] }; PartnerDTO partner = new PartnerDTO(); PartnerCredentialDTO credential = Session["Signup$Credential"] as PartnerCredentialDTO; PartnerPersonalInfoDTO personalInfo = Session["Signup$PersonalInfo"] as PartnerPersonalInfoDTO; PartnerCompanyInfoDTO companyInfo = Session["Signup$CompanyInfo"] as PartnerCompanyInfoDTO; partner.Join(credential); partner.Join(personalInfo); partner.Join(companyInfo); partner.Join(preferences); Uri requestUrl = Request.Url; string baseUrl = new UriBuilder(requestUrl.Scheme, requestUrl.Host, requestUrl.Port).ToString(); PartnerBLL.SignupResult result = partnerBLL.Signup(partner, baseUrl, Url.Action("VerifyEmailAddress")); switch (result) { case PartnerBLL.SignupResult.OK: Session["Signup$Preferences"] = preferences; return(RedirectToAction("VerifyEmailAddress")); case PartnerBLL.SignupResult.UsernameAlreadyUsed: TempData["Errors"] = new Dictionary <string, string>() { { "Username", result.ToString() } }; return(RedirectToAction("SignupStep1")); case PartnerBLL.SignupResult.EmailAddressAlreadyUsed: TempData["Errors"] = new Dictionary <string, string>() { { "EmailAddress", result.ToString() } }; return(RedirectToAction("SignupStep2")); default: return(BadRequest()); } } else { return(BadRequestWithErrors(preferences)); } }
public ActionResult SignupStep1() { PartnerCredentialDTO credential = Session["Signup$credential"] as PartnerCredentialDTO; return(View(credential)); }
public LoginResult Login(PartnerCredentialDTO credential, IPAddress ipAddress, bool keepOpened, out PartnerSessionDTO session) { Connector.IsTransaction = true; PartnerBLL partnerBLL = new PartnerBLL(Connector); PartnerDTO partner = partnerBLL.ReadByUsername(credential.Username); if (partner != null) { if (!partner.IsLocked) { byte[] credentialPassword = SHA512Hasher.Hash(credential.Password); if (BinaryComparer.AreEqual(credentialPassword, partner.Password)) { if (partner.HasEmailAddressBeenVerified) { DateTime loggedAt = DateTime.UtcNow; session = new PartnerSessionDTO() { Partner = partner, IPAddress = ipAddress, LoggedAt = loggedAt }; if (!keepOpened) { session.ExpiresOn = loggedAt.AddMinutes(16); } Create(session); Connector.CommitTransaction(); return(LoginResult.OK); } else { Connector.RollbackTransaction(); session = null; return(LoginResult.EmailAddressHasNotBeenVerified); } } else { PartnerLoginAttemptBLL loginAttemptBLL = new PartnerLoginAttemptBLL(Connector); PartnerLoginAttemptDTO loginAttempt = new PartnerLoginAttemptDTO() { Partner = partner, IPAddress = ipAddress }; loginAttemptBLL.Create(loginAttempt); Guid partnerId = partner.Id; PartnerSessionDTO lastSession = ReadLastByPartner(partnerId); List <PartnerLoginAttemptDTO> loginAttempts = loginAttemptBLL.ReadByPartnerAndTimeStampAsDate(partnerId, lastSession?.LoggedAt ?? DateTime.UtcNow.Date).ToList(); if (loginAttempts.Count >= 3) { partnerBLL.Update(partnerId, new Dictionary <string, object>() { { "IsLocked", true } }); } Connector.CommitTransaction(); session = null; return(LoginResult.PasswordDoesntMatch); } } else { Connector.RollbackTransaction(); session = null; return(LoginResult.AccountIsLocked); } } else { Connector.RollbackTransaction(); session = null; return(LoginResult.AccountDoesntExist); } }