//*****************USERS **********************************
public static int CreateT_OE_USERS(global::System.String uSER_ID, global::System.String pWD_HASH, global::System.String pWD_SALT, global::System.String fNAME, global::System.String lNAME, global::System.String eMAIL, global::System.Boolean aCT_IND, global::System.Boolean iNITAL_PWD_FLAG, global::System.DateTime?lASTLOGIN_DT, global::System.String pHONE, global::System.String pHONE_EXT, global::System.String cREATE_USER)
{
try
{
TOeUsers u = new TOeUsers();
u.UserId = uSER_ID;
u.PwdHash = pWD_HASH;
u.PwdSalt = pWD_SALT;
u.Fname = fNAME;
u.Lname = lNAME;
u.Email = eMAIL;
u.ActInd = aCT_IND;
u.InitalPwdFlag = iNITAL_PWD_FLAG;
u.EffectiveDt = System.DateTime.Now;
u.LastloginDt = lASTLOGIN_DT;
u.Phone = pHONE;
u.PhoneExt = pHONE_EXT;
u.CreateDt = System.DateTime.Now;
u.CreateUserid = cREATE_USER;
_db.TOeUsers.Add(u);
_db.SaveChanges();
return(u.UserIdx);
}
catch (Exception ex)
{
return(0);
}
}
public static void SetOrgSessionID(string UserID, string url, IHttpContextAccessor httpContextAccessor)
{
TOeUsers u = GetT_OE_USERSByID(UserID);
if (u != null)
{
if (u.DefaultOrgId == null)
{
List <TWqxOrganization> os = db_WQX.GetWQX_USER_ORGS_ByUserIDX(u.UserIdx, false);
//if user only belongs to 1 org, update the default org id
if (os.Count == 1)
{
UpdateT_OE_USERSDefaultOrg(u.UserIdx, os[0].OrgId);
//HttpContext.Current.Session["OrgID"] = os[0].OrgId;
httpContextAccessor.HttpContext.Session.SetString("OrgID", os[0].OrgId);
}
else if (os.Count > 1)
{
//TODO: Handle this
//HttpContext.Current.Response.Redirect("~/App_Pages/Secure/SetOrg.aspx?ReturnUrl=" + url);
}
else if (os.Count == 0)
{
//TODO: Handle this
//HttpContext.Current.Response.Redirect("~/App_Pages/Secure/WQXOrgNew.aspx");
}
}
else
{
//HttpContext.Current.Session["OrgID"] = u.DefaultOrgId;
httpContextAccessor.HttpContext.Session.SetString("OrgID", u.DefaultOrgId);
}
}
}
//public CustomMembership()
//{
// Initialize();
//}
public bool ChangePassword(string username, string oldPassword, string newPassword)
{
//validate new password length
if (!Utils.ValidateParameter(ref newPassword, true, true, false, 0, _MinRequiredPasswordLength))
{
return(false);
}
//Validate Non-AlphaNumeric characters
char[] charpwd = newPassword.ToCharArray();
int pwdNonNumericCount = 0;
for (int i = 1; i < newPassword.Length; i++)
{
if (!char.IsLetterOrDigit(charpwd[i]))
{
pwdNonNumericCount += 1;
}
}
if (pwdNonNumericCount < _MinRequiredNonalphanumericCharacters)
{
return(false);
}
TOeUsers u = _unitOfWork.oeUsersRepostory.GetFirstOrDefault(x => x.UserId == username);
if (u != null)
{
//first check accuracy of old password
if (!CheckPassword(oldPassword, u.PwdHash, u.PwdSalt))
{
return(false);
}
//generate new password
string salt = GenerateSalt();
string hashpass = HashPassword(newPassword, MembershipPasswordFormat.Hashed, salt);
//save updated information
u.PwdSalt = salt;
u.PwdHash = hashpass;
_unitOfWork.oeUsersRepostory.Update(u);
_unitOfWork.Save();
return(true);
//if (db_Accounts.UpdateT_OE_USERS(u.UserIdx, hashpass, salt, null, null, null, null, false, null, null, null, null, "system") > 0)
// return true;
//else
// return false;
}
return(true);
}
public static int DeleteT_OE_USERS(int idx)
{
try
{
TOeUsers row = new TOeUsers();
row = (from c in _db.TOeUsers where c.UserIdx == idx select c).First();
_db.TOeUsers.Remove(row);
_db.SaveChanges();
return(1);
}
catch (Exception ex)
{
return(0);
}
}
public static int UpdateT_OE_USERSDefaultOrg(int idx, string dEFAULT_ORG_ID)
{
try
{
TOeUsers row = new TOeUsers();
row = (from c in _db.TOeUsers where c.UserIdx == idx select c).First();
if (dEFAULT_ORG_ID != null)
{
row.DefaultOrgId = dEFAULT_ORG_ID;
}
_db.TOeUsers.Update(row);
_db.SaveChanges();
return(row.UserIdx);
}
catch (Exception ex)
{
return(0);
}
}
public bool ValidateUser(string username, string password)
{
//raise error if null username/password or too long
//if (!Utils.ValidateParameter(ref username, true, true, false, 25))
// return false;
//if (!Utils.ValidateParameter(ref password, true, true, false, 100))
// return false;
//check if password matches hashed/salted password
TOeUsers u = _unitOfWork.oeUsersRepostory.GetFirstOrDefault(x => x.Email == username);
if (u != null)
{
if (u.ActInd == false)
{
return(false); //fail if user is inactive
}
if (CheckPassword(password, u.PwdHash, u.PwdSalt))
{
return(true);
}
else
{
//db_Accounts.UpdateT_OE_USERS(u.USER_IDX, null, null, null, null, null, null, u.LOG_ATMPT.ConvertOrDefault<int>() < MaxInvalidPasswordAttempts, null, null, null, null, null, u.LOG_ATMPT.ConvertOrDefault<int>() + 1, null, null, null);
//user account is locked due to too many invalid login attempts
//if (u.LOG_ATMPT.ConvertOrDefault<int>() + 1 > MaxInvalidPasswordAttempts)
// Utils.SendEmail(null, u.EMAIL, "Your account is locked.", "Your user account has been locked due to too many incorrect login attempts. Please contact the system administrator to reset your user account.");
return(false);
}
}
else
{
return(false);
}
}
public string ResetPassword(string username, string answer)
{
//T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);
TOeUsers u = _unitOfWork.oeUsersRepostory.GetFirstOrDefault(x => x.UserId == username);
if (u != null)
{
//generate new password
string newPass = RandomString(8);
string salt = GenerateSalt();
string hashpass = HashPassword(newPass, _PasswordFormat, salt);
//save updated information
u.PwdHash = hashpass;
_unitOfWork.oeUsersRepostory.Update(u);
_unitOfWork.Save();
//send email
string msg = "Your password has been reset. Your new temporary password is: " + "\r\n\r\n";
msg += newPass + "\r\n\r\n";
msg += "When you login for the first time you will be asked to set a permanent password.";
if (string.IsNullOrEmpty(u.Email))
{
return("User does not have email address.");
}
if (Utils.SendEmail(null, u.Email.Split(';').ToList(), null, null, "Open Waters Password Reset", msg, null))
{
return("Email has been sent.");
}
else
{
return("Error in sending email");
}
}
else
{
return("Email does not exist in the system.");
}
}
public static int UpdateT_OE_USERS(int idx, string newPWD_HASH, string newPWD_SALT, string newFNAME, string newLNAME, string newEMAIL, bool?newACT_IND, bool?newINIT_PWD_FLG, DateTime?newEFF_DATE, DateTime?newLAST_LOGIN_DT, string newPHONE, string newPHONE_EXT, string newMODIFY_USR)
{
try
{
TOeUsers row = new TOeUsers();
row = (from c in _db.TOeUsers where c.UserIdx == idx select c).First();
if (newPWD_HASH != null)
{
row.PwdHash = newPWD_HASH;
}
if (newPWD_SALT != null)
{
row.PwdSalt = newPWD_SALT;
}
if (newFNAME != null)
{
row.Fname = newFNAME;
}
if (newLNAME != null)
{
row.Lname = newLNAME;
}
if (newEMAIL != null)
{
row.Email = newEMAIL;
}
if (newACT_IND != null)
{
row.ActInd = (bool)newACT_IND;
}
if (newINIT_PWD_FLG != null)
{
row.InitalPwdFlag = (bool)newINIT_PWD_FLG;
}
if (newEFF_DATE != null)
{
row.EffectiveDt = (DateTime)newEFF_DATE;
}
if (newLAST_LOGIN_DT != null)
{
row.LastloginDt = (DateTime)newLAST_LOGIN_DT;
}
if (newPHONE != null)
{
row.Phone = newPHONE;
}
if (newPHONE_EXT != null)
{
row.PhoneExt = newPHONE_EXT;
}
if (newMODIFY_USR != null)
{
row.ModifyUserid = newMODIFY_USR;
}
row.ModifyDt = System.DateTime.Now;
_db.TOeUsers.Update(row);
_db.SaveChanges();
return(row.UserIdx);
}
catch (Exception ex)
{
return(0);
}
}
//***************** EXCEL EXPORT *****************************************
/// <summary>
/// Excel Export
/// </summary>
/// <param name="fileName"></param>
/// <param name="gv"></param>
//TODO: Web.UI not supported in core, need to fix
//public static void RenderGridToExcelFormat(string fileName, GridView gv)
//{
// HttpContext.Current.Response.Clear();
// HttpContext.Current.Response.AddHeader("content-disposition", string.Format("attachment; filename={0}", fileName));
// HttpContext.Current.Response.ContentType = "application/vnd.ms-excel";
// using (StringWriter sw = new StringWriter())
// {
// using (HtmlTextWriter htw = new HtmlTextWriter(sw))
// {
// // Create a form to contain the grid
// Table table = new Table();
// // add the header row to the table
// if (gv.HeaderRow != null)
// {
// PrepareControlForExport(gv.HeaderRow);
// table.Rows.Add(gv.HeaderRow);
// }
// // add each of the data rows to the table
// foreach (GridViewRow row in gv.Rows)
// {
// PrepareControlForExport(row);
// table.Rows.Add(row);
// }
// // add the footer row to the table
// if (gv.FooterRow != null)
// {
// PrepareControlForExport(gv.FooterRow);
// table.Rows.Add(gv.FooterRow);
// }
// // render the table into the htmlwriter
// table.RenderControl(htw);
// // render the htmlwriter into the response
// HttpContext.Current.Response.Write(sw.ToString());
// HttpContext.Current.Response.End();
// }
// }
//}
/// <summary>
/// Replace any of the contained controls with literals
/// </summary>
/// <param name="control"></param>
//TODO: Web.UI not supported in core, need to fix
//private static void PrepareControlForExport(Control control)
//{
// for (int i = 0; i < control.Controls.Count; i++)
// {
// Control current = control.Controls[i];
// if (current is LinkButton)
// {
// control.Controls.Remove(current);
// control.Controls.AddAt(i, new LiteralControl((current as LinkButton).Text));
// }
// else if (current is ImageButton)
// {
// control.Controls.Remove(current);
// control.Controls.AddAt(i, new LiteralControl((current as ImageButton).AlternateText));
// }
// else if (current is Image)
// {
// control.Controls.Remove(current);
// }
// else if (current is HyperLink)
// {
// control.Controls.Remove(current);
// control.Controls.AddAt(i, new LiteralControl((current as HyperLink).Text));
// }
// else if (current is DropDownList)
// {
// control.Controls.Remove(current);
// control.Controls.AddAt(i, new LiteralControl((current as DropDownList).SelectedItem.Text));
// }
// else if (current is CheckBox)
// {
// control.Controls.Remove(current);
// control.Controls.AddAt(i, new LiteralControl((current as CheckBox).Checked ? "True" : "False"));
// }
// if (current.HasControls())
// {
// PrepareControlForExport(current);
// }
// }
//}
/// <summary>
/// Returns the internal ID of the authenticated user. If using membership, returns membership user. If using external ID provider, returns IPrincipal USERIDX claim
/// </summary>
/// <param name="User"></param>
/// <returns></returns>
//public static int GetUserIDX(System.Security.Principal.IPrincipal User)
//{
// try
// {
// if (System.Configuration.ConfigurationManager.AppSettings["UseIdentityServer"] == "true")
// {
// var identity = (System.Security.Claims.ClaimsIdentity)User.Identity;
// IEnumerable<System.Security.Claims.Claim> claims2 = identity.Claims;
// var UserIDXLoc = (from p in claims2 where p.Type == "UserIDX" select p.Value).FirstOrDefault();
// return UserIDXLoc.ConvertOrDefault<int>();
// }
// else
// return (int)System.Web.Security.Membership.GetUser().ProviderUserKey;
// }
// catch
// {
// //if fails, we don't care why, but need to return 0 to indicate not authenticated
// return 0;
// }
//}
public static void PostLoginUser(string UserID, IHttpContextAccessor httpcontextaccessor)
{
TOeUsers u = db_Accounts.GetT_OE_USERSByID(UserID);
if (u != null)
{
//if user only belongs to 1 org, update the default org id
if (u.DefaultOrgId == null)
{
List <TWqxOrganization> os = db_WQX.GetWQX_USER_ORGS_ByUserIDX(u.UserIdx, false);
if (os.Count == 1)
{
db_Accounts.UpdateT_OE_USERSDefaultOrg(u.UserIdx, os[0].OrgId);
httpcontextaccessor.HttpContext.Session.SetString("OrgID", os[0].OrgId);
//HttpContext.Current.Session["OrgID"] = os[0].OrgId; //added 1/6/2014
}
}
if (u.InitalPwdFlag == false)
{
db_Accounts.UpdateT_OE_USERS(u.UserIdx, null, null, null, null, null, null, null, null, System.DateTime.Now, null, null, "system");
//set important session variables
httpcontextaccessor.HttpContext.Session.SetInt32("UserIDX", u.UserIdx);
//HttpContext.Current.Session["UserIDX"] = u.USER_IDX;
httpcontextaccessor.HttpContext.Session.SetString("UserIDX", u.DefaultOrgId);
//HttpContext.Current.Session["OrgID"] = u.DEFAULT_ORG_ID; //added 1/6/2014
httpcontextaccessor.HttpContext.Session.SetString("MLOC_HUC_EIGHT", "false");
//HttpContext.Current.Session["MLOC_HUC_EIGHT"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_HUC_TWELVE", "false");
//HttpContext.Current.Session["MLOC_HUC_TWELVE"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_TRIBAL_LAND", "false");
//HttpContext.Current.Session["MLOC_TRIBAL_LAND"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_SOURCE_MAP_SCALE", "false");
//HttpContext.Current.Session["MLOC_SOURCE_MAP_SCALE"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_HORIZ_COLL_METHOD", "true");
//HttpContext.Current.Session["MLOC_HORIZ_COLL_METHOD"] = true;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_HORIZ_REF_DATUM", "true");
//HttpContext.Current.Session["MLOC_HORIZ_REF_DATUM"] = true;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_VERT_MEASURE", "false");
//HttpContext.Current.Session["MLOC_VERT_MEASURE"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_COUNTRY_CODE", "true");
//HttpContext.Current.Session["MLOC_COUNTRY_CODE"] = true;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_STATE_CODE", "true");
//HttpContext.Current.Session["MLOC_STATE_CODE"] = true;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_COUNTY_CODE", "true");
//HttpContext.Current.Session["MLOC_COUNTY_CODE"] = true;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_WELL_DATA", "false");
//HttpContext.Current.Session["MLOC_WELL_DATA"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_WELL_TYPE", "false");
//HttpContext.Current.Session["MLOC_WELL_TYPE"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_AQUIFER_NAME", "false");
//HttpContext.Current.Session["MLOC_AQUIFER_NAME"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_FORMATION_TYPE", "false");
//HttpContext.Current.Session["MLOC_FORMATION_TYPE"] = false;
httpcontextaccessor.HttpContext.Session.SetString("MLOC_WELLHOLE_DEPTH", "false");
//HttpContext.Current.Session["MLOC_WELLHOLE_DEPTH"] = false;
httpcontextaccessor.HttpContext.Session.SetString("PROJ_SAMP_DESIGN_TYPE_CD", "false");
//HttpContext.Current.Session["PROJ_SAMP_DESIGN_TYPE_CD"] = false;
httpcontextaccessor.HttpContext.Session.SetString("PROJ_QAPP_APPROVAL", "false");
//HttpContext.Current.Session["PROJ_QAPP_APPROVAL"] = false;
httpcontextaccessor.HttpContext.Session.SetString("SAMP_ACT_END_DT", "false");
//HttpContext.Current.Session["SAMP_ACT_END_DT"] = false;
httpcontextaccessor.HttpContext.Session.SetString("SAMP_COLL_METHOD", "false");
//HttpContext.Current.Session["SAMP_COLL_METHOD"] = false;
httpcontextaccessor.HttpContext.Session.SetString("SAMP_COLL_EQUIP", "false");
//HttpContext.Current.Session["SAMP_COLL_EQUIP"] = false;
httpcontextaccessor.HttpContext.Session.SetString("SAMP_PREP", "false");
//HttpContext.Current.Session["SAMP_PREP"] = false;
httpcontextaccessor.HttpContext.Session.SetString("SAMP_DEPTH", "false");
//HttpContext.Current.Session["SAMP_DEPTH"] = false;
}
}
}
public User CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
{
status = MembershipCreateStatus.Success;
//******************************** BEGIN VALIDATION ********************************************************
//Validate Username Length
if (!Utils.ValidateParameter(ref username, true, true, true, 25))
{
status = MembershipCreateStatus.InvalidUserName;
return(null);
}
//T_OE_USERS u = db_Accounts.GetT_OE_USERSByID(username);
TOeUsers u = _unitOfWork.oeUsersRepostory.GetFirstOrDefault(x => x.UserId == username);
if (u != null)
{
//Duplicate username found -return error
status = MembershipCreateStatus.DuplicateUserName;
return(null);
}
if (Utils.IsEmail(email) == false)
{
status = MembershipCreateStatus.InvalidEmail;
return(null);
}
//******************************** END VALIDATION ***********************************************************
try
{
//Generate password and hash it
password = RandomString(10);
string salt = GenerateSalt();
string hashpass = HashPassword(password, MembershipPasswordFormat.Hashed, salt);
//create user record
//int createUser = db_Accounts.CreateT_OE_USERS(username, hashpass, salt, "", "", email, true, true, null, null, null, "system");
TOeUsers newUser = new TOeUsers
{
UserId = username,
PwdHash = hashpass,
PwdSalt = salt,
Email = email,
ActInd = true,
InitalPwdFlag = true,
CreateUserid = "system"
};
_unitOfWork.oeUsersRepostory.Add(newUser);
_unitOfWork.Save();
int createUser = newUser.UserIdx;
//Add user to PUBLIC Role
//db_Accounts.CreateT_VCCB_USER_ROLE(3, createUser, "system");
TOeUserRoles newUserRole = new TOeUserRoles
{
UserIdx = newUser.UserIdx,
RoleIdx = 3,
CreateUserid = "system"
};
_unitOfWork.oeUserRolesRepository.Add(newUserRole);
_unitOfWork.Save();
//encrypt username for email
string encryptOauth = new SimpleAES().Encrypt(password + "||" + username);
encryptOauth = System.Web.HttpUtility.UrlEncode(encryptOauth);
//send verification email to user
string message = "Welcome to Open Waters. Open Waters allows you to manage your water quality data and synchronize it with EPA-WQX. "
+ "\r\n\r\n Your username is: " + username
+ "\r\n\r\n You must activate your account by clicking the following link: "
+ "\r\n\r\n " + db_Ref.GetT_OE_APP_SETTING("Public App Path") + "Account/Verify.aspx?oauthcrd=" + encryptOauth
+ "\r\n\r\n After verifying your account you will be prompted to enter a permanent password.";
bool EmailStatus = Utils.SendEmail(null, email.Split(';').ToList(), null, null, "Confirm Your Open Waters Account", message, null);
if (EmailStatus == false)
{
status = MembershipCreateStatus.InvalidEmail;
//db_Accounts.DeleteT_OE_USERS(createUser);
_unitOfWork.oeUserRolesRepository.Remove(newUserRole);
_unitOfWork.Save();
}
//if enabled, send email to admin notifying of account creation
if (_unitOfWork.oeAppSettingsRepository.GetAppSetting("Notify Register") == "Y")
{
//T_OE_USERS adm = db_Accounts.GetT_OE_USERSInRole(2).FirstOrDefault();
TOeUsers adm = _unitOfWork.oeUsersRepostory.GetUserByRole(2).FirstOrDefault();
if (adm != null)
{
Utils.SendEmail(null, adm.Email.Split(';').ToList(), null, null, "Notification: Open Waters Account", "An Open Waters account has just been created by " + username + " (" + email + ")", null);
}
}
//return new MembershipUser("CustMembershipProvider", username, createUser, email, passwordQuestion, null, isApproved, false, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now, System.DateTime.Now);
return(new User(newUser.Fname, newUser.Lname, username, password, ""));
}
catch (Exception exp)
{
throw exp;
}
}
