public JsonResult GenerateOTP(string UserName)
{
//if(
string[] emailRegex = { "-", "<", ">", ";", "'" };
for (var i = 0; i < emailRegex.Length; i++)
{
if (UserName != null)
{
UserName = UserName.Replace(emailRegex[i], " ");
}
}
Teckraft.Web.Models.DbActionResult <string> result = new Teckraft.Web.Models.DbActionResult <string>();
Teckraft.Data.Sql.InitiativeHubFinalEntities DbContext = new Teckraft.Data.Sql.InitiativeHubFinalEntities();
var UserExist = DbContext.UserProfiles.FirstOrDefault(it => it.UserName.ToLower() == UserName.ToLower());
if (UserExist != null && WebSecurity.IsConfirmed(UserName))
{
var User = DbContext.UserDetails.FirstOrDefault(it => it.UserName.ToLower() == UserName.ToLower());
if (string.IsNullOrEmpty(User.MobileNo) && string.IsNullOrEmpty(User.Email))
{
result.Message = "User's Email address and Mobile number are not updated";
result.Success = false;
}
else
{
TestOTPWebService.WebServiceSoapClient pilcrsOTP = new TestOTPWebService.WebServiceSoapClient();
var res = false;
if (string.IsNullOrEmpty(User.MobileNo))
{
User.MobileNo = "2222222222";
}
if (!(string.IsNullOrEmpty(User.MobileNo)))
{
try
{
res = pilcrsOTP.Password(Encryptdata(UserName), Encryptdata(User.MobileNo), Encryptdata("SSOEMP"), Encryptdata("SSOEMP"), Encryptdata("0"));
result.Message = "An OTP message has been sent to your number or email";
result.Success = true;
}
catch (Exception ex) {
result.Message = "Error sending OTP please try later";
}
}
if (!(string.IsNullOrEmpty(User.Email)))
{
try
{
//Models.OTP.OTPEntities dbcontext = new Models.OTP.OTPEntities();
//var otp = dbcontext.OTPs.OrderByDescending(it => it.Time).FirstOrDefault(it => it.UserName == User.UserName && it.ApplnCode == "ASF");
//if (otp != null)
//{
// System.Net.Mail.SmtpClient client = new System.Net.Mail.SmtpClient();
// client.Send("*****@*****.**", User.Email, "OTP for Pidilite ASF System", "Dear user\n Your OTP for Pidilite ASF System is " + otp.Password + "\nRegards\nASF System Team");
// result.Message = "An OTP message has been sent to your number or email";
//}
}
catch (Exception ex) {
result.Message = "Error sending OTP please try later";
}
}
}
}
else
{
result.Message = "Invalid Username";
result.Success = false;
}
return(Json(result));
}
public ActionResult Login(LoginModel model, string returnUrl)
{
ViewBag.multipleLogin = "******";
if (Settings.EnableOTP)
{
TestOTPWebService.WebServiceSoapClient objOTP = new TestOTPWebService.WebServiceSoapClient();
string uname = model.UserName;
string pass = model.Password;
string[] emailRegex = { "-", "<", ">", ";", "'" };
for (var i = 0; i < emailRegex.Length; i++)
{
if (model.UserName != null)
{
model.UserName = model.UserName.Replace(emailRegex[i], " ");
}
if (model.Password != null)
{
model.Password = model.Password.Replace(emailRegex[i], " ");
}
}
string appName = "SSOEMP";
string appCode = "SSOEMP";
var result = objOTP.Login(Encryptdata(uname), Encryptdata(pass), Encryptdata(appName), Encryptdata(appCode));
if (WebSecurity.IsAccountLockedOut(model.UserName, 5, 100))
{
ModelState.AddModelError("", "Account is locked due to multiple failed login attempts.");
}
else if (WebSecurity.IsConfirmed(model.UserName) == false)
{
ModelState.AddModelError("", "Account disabled");
}
else if (ModelState.IsValid && result)
{
FormsAuthentication.SetAuthCookie(model.UserName, false);
var usr = WebSecurity.GetUserId(model.UserName);
Teckraft.Data.Sql.InitiativeHubFinalEntities DbContext = new Teckraft.Data.Sql.InitiativeHubFinalEntities();
var dt = DateTime.Now.AddMinutes(-22);
foreach (var item in DbContext.CurrentUserSessions.Where(it => it.UserId == usr && it.RCT < dt))
{
DbContext.CurrentUserSessions.Remove(item);
}
DbContext.SaveChanges();
var curSession = DbContext.CurrentUserSessions.FirstOrDefault(it => it.UserId == usr);
if (curSession != null && !model.ForcefullLogout)
{
ViewBag.multipleLogin = "******";
ModelState.AddModelError("", "Mutiple login not allowed");
WebSecurity.Logout();
}
else
{
if (curSession != null)
{
System.Web.HttpContext.Current.Application[curSession.SessionId] = null;
DbContext.CurrentUserSessions.Remove(curSession);
}
DbContext.CurrentUserSessions.Add(new Teckraft.Data.Sql.CurrentUserSession()
{
UserId = usr, RCT = DateTime.Now, SessionId = Session.SessionID
});
DbContext.SaveChanges();
Session["sessionid"] = Session.SessionID;
System.Web.HttpContext.Current.Application[Session.SessionID.ToString()] = Session.SessionID;
return(RedirectToLocal(returnUrl));
}
}
else
{
if (WebSecurity.UserExists(model.UserName) && !WebSecurity.IsConfirmed(model.UserName))
{
ModelState.AddModelError("", "Your account has been blocked. Please contact SSO admin.");
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
}
else
{
string[] emailRegex = { "-", "<", ">", ";", "'" };
for (var i = 0; i < emailRegex.Length; i++)
{
if (model.UserName != null)
{
model.UserName = model.UserName.Replace(emailRegex[i], " ");
}
if (model.Password != null)
{
model.Password = model.Password.Replace(emailRegex[i], " ");
}
}
if (WebSecurity.IsAccountLockedOut(model.UserName, 5, 100))
{
ModelState.AddModelError("", "Account is locked due to multiple failed login attempts.");
}
else if (ModelState.IsValid && WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
{
if (String.IsNullOrEmpty(returnUrl))
{
// returnUrl = "/";
}
FormsAuthentication.SetAuthCookie(model.UserName, false);
var usr = WebSecurity.GetUserId(model.UserName);
Teckraft.Data.Sql.InitiativeHubFinalEntities DbContext = new Teckraft.Data.Sql.InitiativeHubFinalEntities();
var dt = DateTime.Now.AddMinutes(-22);
foreach (var item in DbContext.CurrentUserSessions.Where(it => it.UserId == usr && it.RCT < dt))
{
DbContext.CurrentUserSessions.Remove(item);
}
DbContext.SaveChanges();
var curSession = DbContext.CurrentUserSessions.FirstOrDefault(it => it.UserId == usr);
if (curSession != null && !model.ForcefullLogout)
{
ModelState.AddModelError("", "Mutiple login not allowed");
ViewBag.multipleLogin = "******";
WebSecurity.Logout();
}
else
{
if (curSession != null)
{
System.Web.HttpContext.Current.Application[curSession.SessionId] = null;
DbContext.CurrentUserSessions.Remove(curSession);
}
DbContext.CurrentUserSessions.Add(new Teckraft.Data.Sql.CurrentUserSession()
{
UserId = usr, RCT = DateTime.Now, SessionId = Session.SessionID
});
DbContext.SaveChanges();
Session["sessionid"] = Session.SessionID;
System.Web.HttpContext.Current.Application[Session.SessionID.ToString()] = Session.SessionID;
Session["ASP.NET_SessionId"] = Session.SessionID;
Response.Cookies["ASP.NET_SessionId"].Value = Session.SessionID;
Response.Cookies["LogOutState"].Value = "false";
return(RedirectToLocal(returnUrl));
}
}
else
{
if (WebSecurity.UserExists(model.UserName) && !WebSecurity.IsConfirmed(model.UserName))
{
ModelState.AddModelError("", "Your account has been blocked. Please contact SSO admin.");
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
