Example #1
0
        public JsonResponse <UserMasterDTO> ValidatePasswordResetUrl(string id)
        {
            JsonResponse <UserMasterDTO> response = new JsonResponse <UserMasterDTO>();

            try
            {
                if (SecurityBusinessInstance.ValidateGUID(id))
                {
                    response.SingleResult = UserBusinessInstance.GetUserByGUID(id);
                    response.IsSuccess    = true;
                }
                else
                {
                    response.IsSuccess = false;
                    response.Message   = "Password reset link is expired or invalid. Try again later.";
                }

                response.StatusCode = "200";
            }
            catch (Exception ex)
            {
                response.SingleResult = null;
                response.StatusCode   = "500";
                response.IsSuccess    = false;
                response.Message      = ex.Message;
            }
            return(response);
        }
Example #2
0
        private void SetUserModules(int userID)
        {
            IList <UserModuleDTO> modules = UserBusinessInstance.GetUserWebModules(userID);

            Session[PageConstants.SESSION_MODULES] = modules;
            IList <SecurityAspectBO> permissions = SecurityBusinessInstance.GetUserAuthorization(userID);

            Session[PageConstants.SESSION_PERMISSIONS] = permissions;
        }
Example #3
0
        public JsonResponse <int> SendAppointmentEmail(int UserId)
        {
            JsonResponse <int> response = new JsonResponse <int>();

            try
            {
                #region Prepare OTP Data
                string UniqueString = AppUtil.GetUniqueGuidString();
                string OTPString    = AppUtil.GetUniqueRandomNumber(100000, 999999); // Generate a Six Digit OTP
                OTPDTO objOTP       = new OTPDTO()
                {
                    GUID = UniqueString, OTP = OTPString, CreatedDate = DateTime.Now, UserID = UserId, Attempts = 0
                };
                #endregion

                #region Save OTP and Send Email
                if (SecurityBusinessInstance.SaveOTP(objOTP))
                {
                    #region Send Email
                    string hostName         = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.HostName);
                    string rawURL           = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.ForgotPasswordURL);
                    string PasswordResetURL = String.Format(rawURL, hostName) + "?id=" + UniqueString;

                    EmailTemplateDTO objEmailTemplate = SecurityBusinessInstance.GetEmailTemplate(AspectEnums.EmailTemplateType.ForgotPassword);
                    var             userProfile       = new Object();// UserBusinessInstance.DisplayUserProfile(UserId);
                    EmailServiceDTO emailService      = new EmailServiceDTO();
                    //emailService.Body = string.Format(objEmailTemplate.Body, userProfile.FirstName, OTPString, PasswordResetURL);
                    //emailService.Priority = 1;
                    //emailService.IsHtml = true;
                    //emailService.Status = (int)AspectEnums.EmailStatus.Pending;
                    //emailService.ToName = userProfile.FirstName;
                    //emailService.ToEmail = userProfile.EmailID;
                    //emailService.FromEmail = userProfile.EmailID;
                    //emailService.Subject = objEmailTemplate.Subject;
                    //BatchBusinessInstance.InsertEmailRecord(emailService);

                    response.IsSuccess = true;
                    #endregion
                }
                #endregion
            }
            catch (Exception ex)
            {
                response.IsSuccess    = false;
                response.Message      = ex.Message;
                response.StatusCode   = "500";
                response.SingleResult = 0;
            }

            return(response);
        }
Example #4
0
        public async Task <JsonResponse <int> > VerifyOTP(OTPDTO otp)
        {
            JsonResponse <int> response = new JsonResponse <int>();

            //#region Prepare OTP Data
            //string UniqueString = AppUtil.GetUniqueGuidString();
            //string OTPString = AppUtil.GetUniqueRandomNumber(100000, 999999); // Generate a Six Digit OTP
            //OTPDTO objOTP = new OTPDTO() { GUID = otp.GUID, OTP = otp.OTP, CreatedDate = DateTime.Now, UserID = 0, Attempts = 0 };
            //#endregion

            string BaseUrl = "https://2factor.in/API/V1/070815b0-3e08-11ea-9fa5-0200cd936042/SMS/VERIFY/" + otp.GUID + "/" + otp.OTP;

            using (var client = new HttpClient())
            {
                //Passing service base url
                client.BaseAddress = new Uri(BaseUrl);

                client.DefaultRequestHeaders.Clear();
                //Define request data format
                client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));

                //Sending request to find web api REST service resource GetAllEmployees using HttpClient
                HttpResponseMessage Res = await client.GetAsync(BaseUrl);

                //Checking the response is successful or not which is sent using HttpClient
                if (Res.IsSuccessStatusCode)
                {
                    //Storing the response details recieved from web api
                    var Response = Res.Content.ReadAsStringAsync().Result;

                    //Deserializing the response recieved from web api and storing into the Employee list
                    var res = JsonConvert.DeserializeObject <OtpResponse>(Response);
                    if (res.Status == "Success")
                    {
                        OTPDTO objOTP = new OTPDTO()
                        {
                            GUID = otp.GUID, OTP = otp.OTP, CreatedDate = DateTime.Now, UserID = 0, Attempts = 0
                        };
                        response.IsSuccess  = SecurityBusinessInstance.SaveOTP(objOTP);
                        response.StatusCode = "200";
                    }
                    else
                    {
                        response.IsSuccess  = false;
                        response.StatusCode = "500";
                    }
                }
            }
            return(response);
        }
Example #5
0
        private bool SaveOTP(int UserID, out string UniqueString)
        {
            #region Prepare OTP Data

            UniqueString = AppUtil.GetUniqueGuidString();
            string OTPString = AppUtil.GetUniqueRandomNumber(100000, 999999); // Generate a Six Digit OTP
            OTPDTO objOTP    = new OTPDTO {
                GUID = UniqueString, OTP = OTPString, CreatedDate = DateTime.Now, UserID = UserID, Attempts = 0
            };

            return(SecurityBusinessInstance.SaveOTP(objOTP));

            #endregion
        }
Example #6
0
        public ActionResult ChangePassword()
        {
            string uniqueid = Request.QueryString["id"];

            if (SecurityBusinessInstance.ValidateGUID(uniqueid))
            {
                ViewBag.hdnUniqueID = uniqueid;
                ViewBag.ShowForm    = true;
            }
            else
            {
                ViewBag.ShowPopup = true;
                ViewBag.Message   = "Invalid or expired link , Please try again later.";
            }
            return(View());
        }
Example #7
0
        public JsonResponse <bool> ChangeUserPassword(UserAccountDTO user)
        {
            JsonResponse <bool> response = new JsonResponse <bool>();

            try
            {
                var User = UserBusinessInstance.GetUserByEmail(user.email);
                if (User == null)
                {
                    response.SingleResult = false;
                    response.StatusCode   = "200";
                    response.IsSuccess    = false;
                    response.Message      = "User does not exist in our system.";
                    return(response);
                }

                if (User.Password != user.password)
                {
                    User.Password    = user.password;
                    User.UpdatedDate = DateTime.Now;

                    response.SingleResult = SecurityBusinessInstance.ChangePassword(user.Guid, User.Password);
                    response.IsSuccess    = response.SingleResult;
                    response.StatusCode   = "200";
                    response.Message      = "Your password has been successfully updated.";
                }
                else
                {
                    response.SingleResult = false;
                    response.StatusCode   = "200";
                    response.IsSuccess    = false;
                    response.Message      = "You can not use same password. it must be different than previous.";
                    return(response);
                }
            }
            catch (Exception ex)
            {
                response.IsSuccess  = false;
                response.StatusCode = "500";
                response.Message    = ex.Message;
            }

            return(response);
        }
Example #8
0
        public ActionResult ChangePassword(ManageUserViewModel model, FormCollection collection)
        {
            ExceptionEngine.ProcessAction(() =>
            {
                //lblError.Text = "";
                string uniqueid = collection["hdnUniqueID"].ToString();

                String NewPassword = model.NewPassword;

                List <string> ErrorMessage = new List <string>();

                if (model.NewPassword != model.ConfirmPassword)
                {
                    ViewBag.Message  = "New Password & Retype Password did not match";
                    ViewBag.ShowForm = true;
                    return;
                }

                NewPassword.IsComplexPassword(ref ErrorMessage);

                if (ErrorMessage.Count > 0)
                {
                    ViewBag.Message  = ErrorMessage.Select(k => k).Aggregate((a, b) => a + "\n" + b);
                    ViewBag.ShowForm = true;
                    return;
                }
                else if (SecurityBusinessInstance.ChangePassword(uniqueid, NewPassword))
                {
                    ViewBag.ShowPopUp = true;
                    ViewBag.Message   = "Password Changed Successfully";
                    return;
                }
                else
                {
                    ViewBag.ShowPopup = true;
                    ViewBag.Message   = "You are not authorized to change password.";
                    return;
                }
            }, AspectEnums.ExceptionPolicyName.AssistingAdministrators.ToString());

            return(View());
        }
Example #9
0
 private bool ValidateUser(int?EmpId)
 {
     if (EmpId == null || EmpId == 0)
     {
         ViewBag.Message = "Invalid or incomplete data, Please contact administrator";
         return(false);
     }
     if (!SecurityBusinessInstance.ValidateUser(EmpId.Value, AspectEnums.UserValidationType.EmplCode_Email))
     {
         ViewBag.Message = "Invalid or incomplete data, Please contact administrator";
         return(false);
     }
     if (!SecurityBusinessInstance.ValidateUser(EmpId.Value, AspectEnums.UserValidationType.ForgotPasswordAttempts))
     {
         ViewBag.Message = "You have exceeded maximum number of password reset attempts, please try again tomorrow";
         return(false);
     }
     if (!SecurityBusinessInstance.ValidateUser(EmpId.Value, AspectEnums.UserValidationType.LastAttemptDuration))
     {
         ViewBag.Message = "you have already attempt to change password, please use the same email to reset password";
         return(false);
     }
     return(true);
 }
Example #10
0
        private bool SendOTPAndEmail(int UserId)
        {
            bool IsSuccess = false;

            #region Prepare OTP Data

            string UniqueString = AppUtil.GetUniqueGuidString();
            string OTPString    = AppUtil.GetUniqueRandomNumber(100000, 999999); // Generate a Six Digit OTP
            OTPBO  objOTP       = new OTPBO()
            {
                GUID = UniqueString, OTP = OTPString, CreatedDate = DateTime.Now, UserID = UserId, Attempts = 0
            };

            #endregion
            try
            {
                if (SecurityBusinessInstance.SaveOTP(objOTP))
                {
                    #region Send Email Servie and OTP
                    //string hostName = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.HostName);
                    string resetUrl         = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.ForgotPasswordURL);
                    string PasswordResetURL = resetUrl + UniqueString;
                    //string PasswordResetURL = Request.Url.AbsoluteUri.Split('/')[0] + Request.Url.AbsoluteUri.Split('/')[1]  + resetUrl + "?id=" + UniqueString;
                    EmailNotificationService eNotification = new EmailNotificationService();
                    var userProfile = UserBusinessInstance.DisplayUserProfile(UserId); // empBusinessInstance.DisplayEmpProfile(EmpId);
                    TemplateMasterBO            objEmailTemplate = EmailBusinessInstance.GetEmailTemplate((int)AspectEnums.EmailTemplateCode.ResetPassword);
                    List <TemplateMergeFieldBO> mergeFields      = EmailBusinessInstance.GetEmailMergeFields(objEmailTemplate.TemplateID);
                    foreach (var field in mergeFields)
                    {
                        if (field.SRC_FIELD == "{{PASSWORDRESETURL}}")
                        {
                            objEmailTemplate.TemplateContent = eNotification.FindReplace(objEmailTemplate.TemplateContent, "{{PASSWORDRESETURL}}", PasswordResetURL);
                        }

                        else if (field.SRC_FIELD == "{{TONAME}}")
                        {
                            objEmailTemplate.TemplateContent = eNotification.FindReplace(objEmailTemplate.TemplateContent, field.SRC_FIELD, userProfile.FirstName + " " + userProfile.LastName);
                        }
                    }
                    objEmailTemplate.TemplateContent = eNotification.FindReplace(objEmailTemplate.TemplateContent, "{{COMPANY}}", AppUtil.GetAppSettings(AspectEnums.ConfigKeys.CompanyName));


                    EmailServiceDTO emailService = new EmailServiceDTO();
                    emailService.Priority     = 1;
                    emailService.CreatedBy    = userProfile.UserID;
                    emailService.IsHtml       = true;
                    emailService.ToName       = userProfile.FirstName + " " + userProfile.LastName;
                    emailService.Body         = objEmailTemplate.TemplateContent;
                    emailService.Status       = (int)AspectEnums.EmailStatus.Pending;
                    emailService.ToEmail      = userProfile.Email;
                    emailService.FromName     = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.FromName);
                    emailService.FromEmail    = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.FromEmail);
                    emailService.Subject      = eNotification.FindReplace(objEmailTemplate.TemplateSubject, "{{COMPANY}}", AppUtil.GetAppSettings(AspectEnums.ConfigKeys.CompanyName));
                    emailService.IsAttachment = false;
                    emailService.TemplateID   = objEmailTemplate.TemplateID;
                    emailBusinessInstance.InsertEmailRecord(emailService);

                    eNotification.SendEmailNotification(emailService, objEmailTemplate);
                    IsSuccess = true;

                    #endregion
                }
            }
            catch (Exception ex)
            {
                IsSuccess = false;
            }


            return(IsSuccess);
        }