public ActionResult SetPassword(string Code) { //For company specific url.. auto fill company name string ClientName = ""; string currentURL = HttpContext.Request.Url.AbsoluteUri; int index = currentURL.IndexOf("//"); string RemoveProtocol = ""; RemoveProtocol = currentURL.Substring(index + 2); ClientName = RemoveProtocol.Split('.')[0].ToLower(); if (ClientName == "axisbank") { ClientName = "axis bank"; } LoginUserDetails objLoginUserDetails = (LoginUserDetails)Common.Common.GetSessionValue(ConstEnum.SessionValue.UserDetails); PasswordPolicyDTO objPasswordPolicy = new PasswordPolicyDTO(); //When the Hash code contains + in it then it gets encoded to space because of which the HshCode gets changed and further when changing password for user it gives invalid Link error. //So as space is not generated in the generated hash code so we can assume that when there is sapce in the hash code it should be + there and so are replacing it before using it. Code = Code.Replace(" ", "+"); if (objLoginUserDetails != null) { ViewBag.ErrorMessage = objLoginUserDetails.ErrorMessage; objLoginUserDetails.ErrorMessage = ""; Common.Common.SetSessionValue(ConstEnum.SessionValue.UserDetails, objLoginUserDetails); } Dictionary <string, string> objCompaiesDictionary = new Dictionary <string, string>(); objCompaiesDictionary.Add("", "Select Company"); CompaniesSL objCompanySL = new CompaniesSL(); List <InsiderTradingDAL.CompanyDTO> lstCompanies = new List <InsiderTradingDAL.CompanyDTO>(); lstCompanies = objCompanySL.getAllCompanies(Common.Common.getSystemConnectionString()); foreach (InsiderTradingDAL.CompanyDTO objCompanyDTO in lstCompanies) { objCompaiesDictionary.Add(objCompanyDTO.sCompanyDatabaseName, objCompanyDTO.sCompanyName); } if (objCompaiesDictionary.ContainsValue(ClientName.ToLower())) { ViewBag.URLCompanyName = ClientName; } else { ViewBag.URLCompanyName = "IgnoreCompanyName"; } ViewBag.CompaniesDropDown = objCompaiesDictionary; PasswordManagementModel objPwdMgmtModel = new PasswordManagementModel(); objPwdMgmtModel.HashValue = Code; ViewBag.Hashcode = Code; ViewBag.CalledFrom = "ForgetPassword"; return(View("SetPassword", objPwdMgmtModel)); }
/// <summary> /// /// </summary> /// <param name="i_sConnectionString"></param> /// <param name="i_objUserInfoDTO"></param> /// <returns></returns> public InsiderTradingDAL.PasswordPolicyDTO GetPasswordPolicy(string i_sConnectionString) { PasswordPolicyDTO res = null; try { using (var objUserInfoDAL = new InsiderTradingDAL.UserInfoDAL()) { res = objUserInfoDAL.GetPasswordPolicy(i_sConnectionString); } } catch (Exception exp) { throw exp; } return(res); }
public bool GetpasswordPolicybyRoleMasterid(string RoleMasterid, string Password) { bool Ismatched = false; PasswordPolicyDTO passwordPolicyDto = new PasswordPolicyDTO(); using (var client = ServiceClient <IPasswordPolicyManager> .Create(ObjectConstants.PasswordPolicyManager)) { var objPasswordPolicyDto = new PasswordPolicyDTO { RoleMasterId = Convert.ToInt64(RoleMasterid) }; passwordPolicyDto.PasswordPolicyList = client.Instance.GetPasswordPolicyByRoleMasterId(objPasswordPolicyDto).PasswordPolicyList; if (passwordPolicyDto.PasswordPolicyList.Count > 0) { // "^(?=.*?[A-Z])(?=(.*[a-z]){1,})(?=(.*[\d]){1,})(?=(.*[\W]){1,})(?!.*\s).{8,}$" // "^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&]{2,})[A-Za-z\d@$!%*?&]{8,}$" var Passpolicy = passwordPolicyDto.PasswordPolicyList[0]; bool IsLowerCaseAllowed = Passpolicy.IsLowerCaseAllowed ?? false; bool IsNumberAllowed = Passpolicy.IsNumberAllowed ?? false; bool IsSpecialCharacterAllowed = Passpolicy.IsSpecialCharacterAllowed ?? false; bool IsUpperCaseAllowed = Passpolicy.IsUpperCaseAllowed ?? false; string pattern = "^"; string pattern12 = "["; if (IsUpperCaseAllowed) { pattern = pattern + "(?=(.*[A-Z]){" + Passpolicy.MinimumUppercaseCharactersRequired + ",})"; pattern12 = pattern12 + "A-Z"; } if (IsLowerCaseAllowed) { pattern = pattern + "(?=(.*[a-z]){" + Passpolicy.MinimumLowercaseCharactersRequired + ",})"; pattern12 = pattern12 + "a-z"; } if (IsNumberAllowed) { pattern = pattern + @"(?=(.*[\d]){" + Passpolicy.MinimumNumericsRequired + ",})"; pattern12 = pattern12 + @"\d"; } if (IsSpecialCharacterAllowed) { string SpecialChar = "@$!%*?&:;.#+-"; if (Passpolicy.SpecialCharactersToBeExcluded != null) { var splitChar = (Passpolicy.SpecialCharactersToBeExcluded).Split(','); foreach (var item in splitChar) { SpecialChar = SpecialChar.Replace(item, ""); } } pattern = pattern + @"(?=(.*[" + SpecialChar + "]){" + Passpolicy.MinimumSpecialCharactersRequired + ",})" + @"(?!.*\s)"; pattern12 = pattern12 + SpecialChar; } pattern12 = pattern12 + "]"; pattern = pattern + pattern12 + "{" + Passpolicy.MinimumPasswordLength + "," + Passpolicy.MaximumPasswordLength + "}$"; if (!string.IsNullOrEmpty(Password)) { if (!Regex.IsMatch(Password, pattern)) { Ismatched = false; } else { Ismatched = true; } } } else { Ismatched = true; } } return(Ismatched); }
public long ResetPasswordBySelf(string currentPassword, string userPassword, string userIpAddress, string apiAccessKey, string userId, bool ChangePasswordonFirstLoginRequired) { //var loginHistoryDto = new PasswordHistoryDTO(); var loginDto = new LoginDTO(); //var loginDto1 = new LoginDTO(); long retVal = 0; try { int currentPasswordsalt = Password.CreateRandomSalt(); int salt = Password.CreateRandomSalt(); string haspassword = Password.HashPassword(userPassword, salt); byte[] toEncodeAsBytes = System.Text.ASCIIEncoding.ASCII.GetBytes(userPassword); string returnValue = System.Convert.ToBase64String(toEncodeAsBytes); if (AccesKey == apiAccessKey) { using (var client = ServiceClient <ILoginManager> .Create(ObjectConstants.LoginManager)) { var objloginDto1 = new LoginDTO { LoginId = Convert.ToInt64(userId) }; loginDto = client.Instance.GetLoginUserProfileByUserLoginId(objloginDto1); } string currentPasswordHaspassword = Password.HashPassword(currentPassword, int.Parse(Convert.ToString(loginDto.LoginList[0].PasswordSalt))); if (currentPasswordHaspassword == loginDto.LoginList[0].HashedPassword) { bool IsAllowSameaslastpassword = false; PasswordPolicyDTO passwordPolicyDto = new PasswordPolicyDTO(); using (var client = ServiceClient <IPasswordPolicyManager> .Create(ObjectConstants.PasswordPolicyManager)) { var objPasswordPolicyDto = new PasswordPolicyDTO { RoleMasterId = Convert.ToInt64(loginDto.LoginList[0].RoleMasterId) }; passwordPolicyDto.PasswordPolicyList = client.Instance.GetPasswordPolicyByRoleMasterId(objPasswordPolicyDto).PasswordPolicyList; if (passwordPolicyDto.PasswordPolicyList.Count > 0) { IsAllowSameaslastpassword = passwordPolicyDto.PasswordPolicyList.FirstOrDefault().NewPasswordShouldNotMatchNoOfLastPassword ?? false; } } if (IsAllowSameaslastpassword) { if (currentPassword != userPassword) { bool ststus = GetpasswordPolicybyRoleMasterid(Convert.ToString(loginDto.LoginList[0].RoleMasterId), userPassword); if (ststus) { using (var client = ServiceClient <ILoginManager> .Create(ObjectConstants.LoginManager)) { var objloginDto = new LoginDTO { ProfileId = Convert.ToInt64(userId), }; loginDto = client.Instance.GetLoginByUserProfileId(objloginDto); } using (var client = ServiceClient <ILoginManager> .Create(ObjectConstants.LoginManager)) { loginDto.LoginList[0].PasswordSalt = salt; loginDto.LoginList[0].HashedPassword = haspassword; loginDto.LoginList[0].IPAddress = userIpAddress; loginDto.LoginList[0].ChangePasswordonFirstLoginRequired = ChangePasswordonFirstLoginRequired; //loginDto.LoginList[0].Base64Password = returnValue; loginDto.LoginList[0].UpdatedBy = Convert.ToInt64(userId); loginDto.LoginList[0].UpdatedDate = DateTime.Now; retVal = client.Instance.UpdateLoginPassword(loginDto.LoginList[0]); } } else { return(retVal = 3); } } else { return(retVal = 2); } } else { using (var client = ServiceClient <ILoginManager> .Create(ObjectConstants.LoginManager)) { var objloginDto = new LoginDTO { ProfileId = Convert.ToInt64(userId), }; loginDto = client.Instance.GetLoginByUserProfileId(objloginDto); } using (var client = ServiceClient <ILoginManager> .Create(ObjectConstants.LoginManager)) { loginDto.LoginList[0].PasswordSalt = salt; loginDto.LoginList[0].HashedPassword = haspassword; loginDto.LoginList[0].IPAddress = userIpAddress; loginDto.LoginList[0].ChangePasswordonFirstLoginRequired = ChangePasswordonFirstLoginRequired; loginDto.LoginList[0].UpdatedBy = Convert.ToInt64(userId); loginDto.LoginList[0].UpdatedDate = DateTime.Now; retVal = client.Instance.UpdateLoginPassword(loginDto.LoginList[0]); } } } else { return(retVal = 2); } if (haspassword != loginDto.LoginList[0].HashedPassword) { //using (var client = ServiceClient<ILoginManager>.Create(ObjectConstants.LoginManager)) //{ // var objloginDto = new LoginDTO // { // ProfileId = Convert.ToInt64(userId), // }; // loginDto = client.Instance.GetLoginByUserProfileId(objloginDto); //} using (var client = ServiceClient <ILoginManager> .Create(ObjectConstants.LoginManager)) { loginDto.LoginList[0].PasswordSalt = salt; loginDto.LoginList[0].HashedPassword = haspassword; loginDto.LoginList[0].IPAddress = userIpAddress; loginDto.LoginList[0].ChangePasswordonFirstLoginRequired = ChangePasswordonFirstLoginRequired; //loginDto.LoginList[0].Base64Password = returnValue; loginDto.LoginList[0].UpdatedBy = Convert.ToInt64(userId); loginDto.LoginList[0].UpdatedDate = DateTime.Now; retVal = client.Instance.UpdateLoginPassword(loginDto.LoginList[0]); } } } } catch (Exception ex) { LogWsData("Exception CheckQuestionsAnswer: " + ex); } return(retVal); }