public virtual void SignIn(TTUsuario user, bool createPersistentCookie)
{
var now = DateTime.UtcNow.ToLocalTime();
var ticket = new FormsAuthenticationTicket(
1 /*version*/,
user.Clave_de_Acceso,
now,
now.Add(_expirationTimeSpan),
createPersistentCookie,
user.Clave_de_Acceso,
FormsAuthentication.FormsCookiePath);
var encryptedTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
cookie.HttpOnly = true;
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
cookie.Secure = FormsAuthentication.RequireSSL;
cookie.Path = FormsAuthentication.FormsCookiePath;
if (FormsAuthentication.CookieDomain != null)
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
_httpContext.Response.Cookies.Add(cookie);
_cachedUser = user;
//throw new NotImplementedException();
}
public int Update(TTUsuario entity, GlobalData UserInformation, Core.Domain.Data.DataLayerFieldsBitacora DataReference)
{
var rta = 0;
try
{
_usersRepository.Update(entity);
rta = entity.IdUsuario;
}
catch (ExceptionBase ex)
{
throw ex;
}
catch (Exception ex)
{
throw new ServiceException(ex.Message, ex);
}
return(rta);
}
public virtual TTUsuario GetAuthenticatedUSer()
{
if (_cachedUser != null)
{
return(_cachedUser);
}
if (_httpContext == null ||
_httpContext.Request == null ||
!_httpContext.Request.IsAuthenticated ||
!(_httpContext.User.Identity is FormsIdentity))
{
return(null);
}
var formsIdentity = (FormsIdentity)_httpContext.User.Identity;
var user = GetAuthenticatedCustomerFromTicket(formsIdentity.Ticket);
if (user != null)
{
_cachedUser = user;
}
return(_cachedUser);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
string controller = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
string action = filterContext.ActionDescriptor.ActionName;
Authentication auth = null;
if (CurrentUser != null && CurrentUser.Identity != null && CurrentUser.Identity.IsAuthenticated && SessionHelper.Relogin == false)
{
// Get cookies values of user
HttpCookie authCookie =
filterContext.HttpContext.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null && !string.IsNullOrWhiteSpace(authCookie.Value))
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
AuthenticationSerialize serialiseAuth = serializer.Deserialize <AuthenticationSerialize>(authTicket.UserData);
auth = new Authentication(authTicket.Name);
// set user context from cookies
if (authCookie != null && !string.IsNullOrWhiteSpace(authCookie.Value))
{
auth.UserContext = serialiseAuth.UserContext;
}
if (SessionHelper.UserEntity == null || SessionHelper.UserCredential == null)
{
ISpartan_UserApiConsumer _IUseroApiConsumer = new Spartan_UserApiConsumer();
ISpartane_FileApiConsumer _ISpartane_FileApiConsumer = new Spartane_FileApiConsumer();
// Call Validate User API for user Exists in application
Spartan_User_Core UserDetails = _IUseroApiConsumer.ValidateUser(1, 10, "Username = '******' COLLATE SQL_Latin1_General_CP1_CS_AS And Password = '******' COLLATE SQL_Latin1_General_CP1_CS_AS").Resource;
if (UserDetails.Spartan_Users != null && UserDetails.Spartan_Users.Count > 0)
{
if (UserDetails.Spartan_Users[0].Status == 1)
{
TTUsuario user = new TTUsuario
{
/*CODMANINI-UPD*/
IdUsuario = Convert.ToInt32(UserDetails.Spartan_Users[0].Id_User),
/*CODMANFIN-UPD*/
Nombre = Convert.ToString(UserDetails.Spartan_Users[0].Name),
Clave_de_Acceso = UserDetails.Spartan_Users[0].Username,
//Activo = UserDetails.Spartan_Users[0].Status
};
//Adding user Core entity Data
SessionHelper.UserEntity = UserDetails.Spartan_Users[0];
var userImage =
_ISpartane_FileApiConsumer.GetByKey(Convert.ToInt32(UserDetails.Spartan_Users[0].Image))
.Resource;
if (userImage != null && userImage.File != null)
{
SessionHelper.UserImage = userImage.File;
}
//Saving Credentials
SessionHelper.UserCredential = new Spartane_Credential
{
Password = auth.UserContext.CurrentUser.Password,
UserName = auth.UserContext.CurrentUser.UserName,
};
// save role id in session
SessionHelper.Role = UserDetails.Spartan_Users[0].Role;
// save role object in session
SessionHelper.Sprtan_Role = new RoleSpartanUserRole
{
Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Id,
Description = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Description,
Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status,
Status_Spartan_User_Role_Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status_Spartan_User_Role_Status,
User_Role_Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id,
};
HttpContext.Current.Session["USERID"] = user.IdUsuario;
HttpContext.Current.Session["USERROLEID"] = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id;
}
}
else if (controller != "Account" && action != "Login")
{
filterContext.Controller.TempData["cssClass"] = "error";
filterContext.Controller.TempData["message"] = "You are not logged in.";
filterContext.Result = new RedirectResult("~/Account/Login"); //new RedirectResult("/Account/Login");
auth = null;
}
}
HttpContext.Current.User = auth;
}
}
// write code here as per role RoleType
else if (controller != "Account" && action != "Login")
{
if ((controller == "General") && (action == "ExecuteQueryTable"))
{
}
else
{
filterContext.Controller.TempData["cssClass"] = "error";
filterContext.Controller.TempData["message"] = "You are not logged in.";
filterContext.Result = new RedirectResult("~/Account/Login"); //new RedirectResult("/Account/Login");
}
}
}
public ActionResult ReLogin(LoginViewModel model, string returnUrl)
{
if (ModelState.ContainsKey("LanguageList"))
{
ModelState["LanguageList"].Errors.Clear();
}
SessionHelper.Relogin = true;
if (Session.Count <= 1)
{
LoginViewModel oLoginViewModel = new LoginViewModel();
oLoginViewModel.LanguageList = GetLanguage();
oLoginViewModel.UserName = model.UserName;
oLoginViewModel.Password = model.Password;
return(Login(oLoginViewModel));
}
if (ModelState.IsValid)
{
if (!_tokenManager.GenerateToken(model.UserName, EncryptHelper.CalculateMD5Hash(model.Password)))
{
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
return(Json(Resources.LoginResources.InvalidUserPassword));
}
_IUseroApiConsumer.SetAuthHeader(_tokenManager.Token);
// Call Validate User API for user Exists in application
Spartan_User_Core UserDetails = _IUseroApiConsumer.ValidateUser(1, 10, "Username = '******' COLLATE SQL_Latin1_General_CP1_CS_AS And Password = '******' COLLATE SQL_Latin1_General_CP1_CS_AS").Resource;
if (UserDetails.Spartan_Users != null && UserDetails.Spartan_Users.Count() > 0)
{
//return Json(string.Empty);
if (UserDetails.Spartan_Users[0].Status == 1)
{
TTUsuario user = new TTUsuario
{
IdUsuario = Convert.ToInt16(UserDetails.Spartan_Users[0].Id_User),
Nombre = Convert.ToString(UserDetails.Spartan_Users[0].Name),
Clave_de_Acceso = UserDetails.Spartan_Users[0].Username,
//Activo = UserDetails.Spartan_Users[0].Status
};
SetAuthentication(UserDetails);
//_authenticationService.SignIn(user, model.RememberMe);
//Saving Credentials
SessionHelper.UserCredential = new Spartane_Credential
{
Password = EncryptHelper.CalculateMD5Hash(model.Password),
UserName = model.UserName,
};
// save role id in session
SessionHelper.Role = UserDetails.Spartan_Users[0].Role;
// save role object in session
SessionHelper.Sprtan_Role = new RoleSpartanUserRole
{
Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Id,
Description = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Description,
Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status,
Status_Spartan_User_Role_Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status_Spartan_User_Role_Status,
User_Role_Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id,
};
Session["USERID"] = user.IdUsuario;
Session["USERROLEID"] = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id;
Session.Timeout = Convert.ToInt32(ConfigurationManager.AppSettings["SessionTimeOut"]);
SessionHelper.Relogin = false;
return(Json(string.Empty));
}
else
{
ModelState.AddModelError("", Resources.LoginResources.DeactivateAccount);
return(Json(Resources.LoginResources.DeactivateAccount));
}
}
else
{
ModelState.AddModelError("", Resources.LoginResources.InvalidPassword);
return(Json(Resources.LoginResources.InvalidPassword));
}
}
return(Json("SessionExpired"));
}
public ActionResult Login(LoginViewModel model, string returnUrl = "")
{
Session["BlockUser"] = null;
if (ModelState.ContainsKey("LanguageList"))
{
ModelState["LanguageList"].Errors.Clear();
}
if (ModelState.IsValid)
{
string passwordEncripted = EncryptHelper.CalculateMD5Hash(model.Password);
if (!_tokenManager.GenerateToken(model.UserName, passwordEncripted))
{
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
if (SessionHelper.Relogin)
{
return(Json(Resources.LoginResources.InvalidUserPassword));
}
}
_ISpartan_SettingsApiConsumer.SetAuthHeader(_tokenManager.Token);
var FailedAttemptDB = _ISpartan_SettingsApiConsumer.GetByKey("FailedAttempts", false).Resource;
int FailedAttempts = Convert.ToInt32(FailedAttemptDB.Valor);
model.MaxFailedAttempts = FailedAttempts;
if (Session["UserName"] != null && Session["UserName"].ToString() != model.UserName)
{
model.FailedAttempts = 1;
}
Session["UserName"] = model.UserName;
_IUseroApiConsumer.SetAuthHeader(_tokenManager.Token);
Spartan_Security_Log oSecurityLog = new Spartan_Security_Log();
var UsersByName = _IUseroApiConsumer.ListaSelAll(0, 10, "Spartan_User.Username = '******'", "").Resource;
if (UsersByName.RowCount == 0)
{
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
model.LanguageList = GetLanguage();
SessionHelper.Relogin = false;
return(View(model));
}
// Call Validate User API for user Exists in application
Spartan_User_Core UserDetails = _IUseroApiConsumer.ValidateUser(1, 10, "Username = '******' COLLATE SQL_Latin1_General_CP1_CS_AS And Password = '******' COLLATE SQL_Latin1_General_CP1_CS_AS").Resource;
if (UserDetails.Spartan_Users != null && UserDetails.Spartan_Users.Count() > 0)
{
if (UserDetails.Spartan_Users[0].Status == 1)
{
var spartan_user = new Core.Domain.Spartan_User.Spartan_User
{
Id_User = UserDetails.Spartan_Users[0].Id_User,
Name = UserDetails.Spartan_Users[0].Name,
Password = UserDetails.Spartan_Users[0].Password
};
TTUsuario user = new TTUsuario
{
IdUsuario = Convert.ToInt16(UserDetails.Spartan_Users[0].Id_User),
Nombre = Convert.ToString(UserDetails.Spartan_Users[0].Name),
Clave_de_Acceso = UserDetails.Spartan_Users[0].Username,
//Activo = UserDetails.Spartan_Users[0].Status
};
SetSecurityLogging(ref oSecurityLog, (short)Event_Type.Login, UserDetails.Spartan_Users[0].Id_User, UserDetails.Spartan_Users[0].Role, (short)Result_Type.Granted);
int SecurityLogId = _ISpartanSecurityApiConsumer.Insert(oSecurityLog).Resource;
SetAuthentication(UserDetails);
//_authenticationService.SignIn(user, model.RememberMe);
//Adding user Core entity Data
SessionHelper.UserEntity = UserDetails.Spartan_Users[0];
//Getting User Image
_ISpartane_FileApiConsumer.SetAuthHeader(_tokenManager.Token);
var userImage =
_ISpartane_FileApiConsumer.GetByKey(Convert.ToInt32(UserDetails.Spartan_Users[0].Image))
.Resource;
if (userImage != null && userImage.File != null)
{
SessionHelper.UserImage = userImage.File;
}
Response.Cookies["UserSettings"]["SecurityLogId"] = SecurityLogId.ToString();
Spartan_Session_Log oSessionLog = new Spartan_Session_Log();
SetSessionLogging(ref oSessionLog, (short)Event_Type.Login, (short)Event_Type.Login, SecurityLogId, UserDetails.Spartan_Users[0].Id_User, UserDetails.Spartan_Users[0].Role, (short)Result_Type.Granted);
_ISpartanSessionApiConsumer.Insert(oSessionLog);
//Saving Credentials
SessionHelper.UserCredential = new Spartane_Credential
{
Password = EncryptHelper.CalculateMD5Hash(model.Password),
UserName = model.UserName,
};
// save role id in session
SessionHelper.Role = UserDetails.Spartan_Users[0].Role;
// save role object in session
SessionHelper.Sprtan_Role = new RoleSpartanUserRole
{
Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Id,
Description = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Description,
Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status,
Status_Spartan_User_Role_Status = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.Status_Spartan_User_Role_Status,
User_Role_Id = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id,
};
Session["USERID"] = user.IdUsuario;
Session["USERROLEID"] = UserDetails.Spartan_Users[0].Role_Spartan_User_Role.User_Role_Id;
Session.Timeout = Convert.ToInt32(ConfigurationManager.AppSettings["SessionTimeOut"]);
Session["LANGUAGEID"] = (model.SelectedLanguage.HasValue) ? model.SelectedLanguage.Value : 1;
SessionHelper.Relogin = false;
return(RedirectToLocal("~/Frontal/Home/Index"));
}
else
{
SetSecurityLogging(ref oSecurityLog, (short)Event_Type.Login, null, null, (short)Result_Type.Denied);
_ISpartanSecurityApiConsumer.Insert(oSecurityLog);
ModelState.AddModelError("", Resources.LoginResources.DeactivateAccount);
if (SessionHelper.Relogin)
{
return(Json(Resources.LoginResources.DeactivateAccount));
}
}
}
else
{
SetSecurityLogging(ref oSecurityLog, (short)Event_Type.Login, null, null, (short)Result_Type.Denied);
_ISpartanSecurityApiConsumer.Insert(oSecurityLog);
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
if (model.FailedAttempts < model.MaxFailedAttempts)
{
model.FailedAttempts = model.FailedAttempts + 1;
}
else
{
if (UsersByName.RowCount == 1)
{
var UserByName = UsersByName.Spartan_Users.First();
UserByName.Status = 2;
int status = _IUseroApiConsumer.Update(UserByName, null, null).Resource;
model.FailedAttempts = 1;
}
Session["BlockUser"] = true;
}
if (SessionHelper.Relogin)
{
return(Json(Resources.LoginResources.InvalidUserPassword));
}
}
}
model.LanguageList = GetLanguage();
// If we got this far, something failed, redisplay form
return(View(model));
}
public virtual void SignOut()
{
_cachedUser = null;
FormsAuthentication.SignOut();
}
