public ActionResult ChangePassword(ChangePasswordViewModel model)
{
if (WebHelper.VerifyCurrentPassword(model.OldPassword))
{
var svc = new UserAppService();
var usr = svc.GetUserByName(HealthAuthentication.SessionInfo.UserName);
string newsalt;
usr.Password = WebHelper.EncryptPassword(model.NewPassword, out newsalt);
usr.Salt = newsalt;
svc.SaveUser(usr);
ViewBag.Error = "0";
}
else
{
ViewBag.Error = "1";
}
return View(model);
}
public static bool ExistUserName(string userName)
{
var svc = new UserAppService();
var usr = svc.GetUserByName(userName);
return usr != null;
}
public ActionResult Auth(string userName, string password) {
var wa = new WebAuthenticator();
var result = wa.Authenticate(userName, password);
var maxTry = 3;
string salt;
var pwd = WebHelper.EncryptPassword(password, out salt);
if (!result){
var userSvc = new UserAppService();
var user = userSvc.GetUserByName(userName);
if (user != null){
if (user.UserStateId == 3) return this.Json("BLOCKED");
this.Session["AccessTryCounter"] = user.TryAccessCount;
var counter = Convert.ToInt32(this.Session["AccessTryCounter"]);
this.Session["AccessTryCounter"] = counter + 1;
counter = Convert.ToInt32(this.Session["AccessTryCounter"]);
if (counter >= maxTry){
WebHelper.UpdateUserTryCounter(userName, counter);
WebHelper.UpdateUserState(userName, 3); //Block User
new BuildRecord().Add(user, 2);
return this.Json("BLOCKED");
}
WebHelper.UpdateUserTryCounter(userName, counter);
}
} else{
var userSvc = new UserAppService();
var user = userSvc.GetUserByName(userName);
if (user.UserStateId == 3) return this.Json("BLOCKED");
WebHelper.UpdateUserTryCounter(userName, 0);
this.Session["LastLoginDate"] = user.LastLoginDate;
WebHelper.UpdateLastLoginDate(user.UserId);
this.Session["AccessTryCounter"] = 0;
new BuildRecord().Add(user, 1);
}
return this.Json(result ? "OK" : string.Empty);
}
public static bool VerifyCurrentPassword(string password) {
var svc = new UserAppService();
var user = svc.GetUserByName(HealthAuthentication.SessionInfo.UserName);
if (user == null) return false;
return VerifyPassword(user.Salt, user.Password, password);
}
public static void UpdateUserState(string userName, int userStateId) {
var svc = new UserAppService();
var user = svc.GetUserByName(userName);
user.UserStateId = userStateId;
svc.SaveUser(user);
}
public static void UpdateUserTryCounter(string userName, int accessTryCount) {
var svc = new UserAppService();
var user = svc.GetUserByName(userName);
user.TryAccessCount = accessTryCount;
svc.SaveUser(user);
}
public ActionResult Index()
{
var model = new EmployeeViewModel();
var userSvc = new UserAppService();
var usr = userSvc.GetUserByName(HealthAuthentication.SessionInfo.UserName);
var employee = usr.Employees.SingleOrDefault();
var svc = new EmployeeAppService();
var o = svc.GetEmployee(employee.EmployeeId);
model.UserId = o.UserId;
model.FullName = o.FullName;
model.EmployeeId = o.EmployeeId;
model.EMail = o.EMail;
model.Phone = o.Phone;
model.Mobile = o.Mobile;
model.Photo = o.Photo;
var blankPath = Server.MapPath("~/Content/images/Photos/blank-user.jpg");
if (!String.IsNullOrEmpty(o.Photo))
{
var imagePath = Server.MapPath("~/Employee_Files/" + o.EmployeeId + "/" + o.Photo);
if (!System.IO.File.Exists(imagePath)) imagePath = blankPath;
byte[] image =
System.IO.File.ReadAllBytes(imagePath);
var base64 = Convert.ToBase64String(image);
var imgSrc = String.Format("data:image/png;base64,{0}", base64);
model.PhotoEncodeSource = "<img src=\"" + imgSrc + "\" class=\"photo-image\"/>";
}
else
{
byte[] image =
System.IO.File.ReadAllBytes(blankPath);
var base64 = Convert.ToBase64String(image);
var imgSrc = String.Format("data:image/png;base64,{0}", base64);
model.PhotoEncodeSource = "<img src=\"" + imgSrc + "\" class=\"photo-image\"/>";
}
return View(model);
}
public ActionResult Index(EmployeeViewModel model)
{
var userSvc = new UserAppService();
var usr = userSvc.GetUserByName(HealthAuthentication.SessionInfo.UserName);
var employee = usr.Employees.SingleOrDefault();
try
{
var svc = new EmployeeAppService();
var o = svc.GetEmployee(model.EmployeeId);
o.EmployeeId = employee.EmployeeId;
o.FullName = model.FullName;
o.EmployeeId = model.EmployeeId;
o.EMail = model.EMail;
o.Phone = model.Phone;
o.Mobile = model.Mobile;
o.Photo = model.Photo;
svc.SaveEmployee(o);
ViewBag.Feed = 0;
}
catch (Exception)
{
ViewBag.Feed = 1;
}
return View(model);
}
