public static int AuthenticateUser(string username, string password, string ip)
{
// start task
TaskManager.StartTask("USER", "AUTHENTICATE", username);
TaskManager.WriteParameter("IP", ip);
try
{
int result = 0;
// try to get user from database
UserInfoInternal user = GetUserInternally(username);
// check if the user exists
if (user == null)
{
TaskManager.WriteWarning("Wrong username");
return(BusinessErrorCodes.ERROR_USER_WRONG_USERNAME);
}
// check if the user is disabled
if (user.LoginStatus == UserLoginStatus.Disabled)
{
TaskManager.WriteWarning("User disabled");
return(BusinessErrorCodes.ERROR_USER_ACCOUNT_DISABLED);
}
// check if the user is locked out
if (user.LoginStatus == UserLoginStatus.LockedOut)
{
TaskManager.WriteWarning("User locked out");
return(BusinessErrorCodes.ERROR_USER_ACCOUNT_LOCKEDOUT);
}
//Get the password policy
UserSettings userSettings = UserController.GetUserSettings(user.UserId, UserSettings.WEBSITEPANEL_POLICY);
int lockOut = -1;
if (!string.IsNullOrEmpty(userSettings["PasswordPolicy"]))
{
string passwordPolicy = userSettings["PasswordPolicy"];
try
{
// parse settings
string[] parts = passwordPolicy.Split(';');
lockOut = Convert.ToInt32(parts[7]);
}
catch { /* skip */ }
}
// compare user passwords
if ((CryptoUtils.SHA1(user.Password) == password) || (user.Password == password))
{
switch (user.OneTimePasswordState)
{
case OneTimePasswordStates.Active:
result = BusinessSuccessCodes.SUCCESS_USER_ONETIMEPASSWORD;
OneTimePasswordHelper.FireSuccessAuth(user);
break;
case OneTimePasswordStates.Expired:
if (lockOut >= 0)
{
DataProvider.UpdateUserFailedLoginAttempt(user.UserId, lockOut, false);
}
TaskManager.WriteWarning("Expired one time password");
return(BusinessErrorCodes.ERROR_USER_EXPIRED_ONETIMEPASSWORD);
break;
}
}
else
{
if (lockOut >= 0)
{
DataProvider.UpdateUserFailedLoginAttempt(user.UserId, lockOut, false);
}
TaskManager.WriteWarning("Wrong password");
return(BusinessErrorCodes.ERROR_USER_WRONG_PASSWORD);
}
DataProvider.UpdateUserFailedLoginAttempt(user.UserId, lockOut, true);
// check status
if (user.Status == UserStatus.Cancelled)
{
TaskManager.WriteWarning("Account cancelled");
return(BusinessErrorCodes.ERROR_USER_ACCOUNT_CANCELLED);
}
if (user.Status == UserStatus.Pending)
{
TaskManager.WriteWarning("Account pending");
return(BusinessErrorCodes.ERROR_USER_ACCOUNT_PENDING);
}
return(result);
}
catch (Exception ex)
{
throw TaskManager.WriteError(ex);
}
finally
{
TaskManager.CompleteTask();
}
}
public static int SendPasswordReminder(string username, string ip)
{
// place log record
TaskManager.StartTask("USER", "SEND_REMINDER", username);
TaskManager.WriteParameter("IP", ip);
try
{
// try to get user from database
UserInfoInternal user = GetUserInternally(username);
if (user == null)
{
TaskManager.WriteWarning("Account not found");
// Fix for item #273 (NGS-9)
//return BusinessErrorCodes.ERROR_USER_NOT_FOUND;
return(0);
}
UserSettings settings = UserController.GetUserSettings(user.UserId, UserSettings.PASSWORD_REMINDER_LETTER);
string from = settings["From"];
string cc = settings["CC"];
string subject = settings["Subject"];
string body = user.HtmlMail ? settings["HtmlBody"] : settings["TextBody"];
bool isHtml = user.HtmlMail;
MailPriority priority = MailPriority.Normal;
if (!String.IsNullOrEmpty(settings["Priority"]))
{
priority = (MailPriority)Enum.Parse(typeof(MailPriority), settings["Priority"], true);
}
if (body == null || body == "")
{
return(BusinessErrorCodes.ERROR_SETTINGS_PASSWORD_LETTER_EMPTY_BODY);
}
// One Time Password feature
user.Password = OneTimePasswordHelper.SetOneTimePassword(user.UserId);
// set template context items
Hashtable items = new Hashtable();
items["user"] = user;
items["Email"] = true;
// get reseller details
UserInfoInternal reseller = UserController.GetUser(user.OwnerId);
if (reseller != null)
{
items["reseller"] = new UserInfo(reseller);
}
subject = PackageController.EvaluateTemplate(subject, items);
body = PackageController.EvaluateTemplate(body, items);
// send message
MailHelper.SendMessage(from, user.Email, cc, subject, body, priority, isHtml);
return(0);
}
catch (Exception ex)
{
throw TaskManager.WriteError(ex);
}
finally
{
TaskManager.CompleteTask();
}
}
public UserInfo GetUserByUsername(string username)
{
UserInfoInternal uinfo = UserController.GetUser(username);
return((uinfo != null) ? new UserInfo(uinfo) : null);
}
public static ContractAccount GetContractAccountSettings(string contractId, bool internally)
{
//
ContractAccount account = new ContractAccount();
//
IDataReader dr = null;
//
try
{
int customerId = -1;
dr = EcommerceProvider.GetContract(contractId);
//
if (dr.Read())
{
string propertyNames = Convert.ToString(dr["PropertyNames"]);
string propertyValues = Convert.ToString(dr["PropertyValues"]);
if (dr["CustomerID"] != DBNull.Value)
{
customerId = Convert.ToInt32(dr["CustomerID"]);
}
else
{
SecurityUtils.DeserializeGenericProfile(propertyNames, propertyValues, account);
}
}
//
if (customerId > -1)
{
ES.UserInfoInternal userInfo = (internally) ? ES.UserController.GetUserInternally(customerId) :
ES.UserController.GetUser(customerId);
//
if (internally)
{
account[ContractAccount.PASSWORD] = userInfo.Password;
}
//
account[ContractAccount.USERNAME] = userInfo.Username;
account[ContractAccount.FIRST_NAME] = userInfo.FirstName;
account[ContractAccount.LAST_NAME] = userInfo.LastName;
account[ContractAccount.EMAIL] = userInfo.Email;
account[ContractAccount.COMPANY_NAME] = userInfo.CompanyName;
account[ContractAccount.COUNTRY] = userInfo.Country;
account[ContractAccount.CITY] = userInfo.City;
account[ContractAccount.ADDRESS] = userInfo.Address;
account[ContractAccount.FAX_NUMBER] = userInfo.Fax;
account[ContractAccount.INSTANT_MESSENGER] = userInfo.InstantMessenger;
account[ContractAccount.PHONE_NUMBER] = userInfo.PrimaryPhone;
account[ContractAccount.STATE] = userInfo.State;
account[ContractAccount.ZIP] = userInfo.Zip;
account[ContractAccount.MAIL_FORMAT] = userInfo.HtmlMail ? "HTML" : "PlainText";
}
}
catch (Exception ex)
{
throw ex;
}
finally
{
if (dr != null)
{
dr.Close();
}
}
//
return(account);
}
public UserInfo GetUserById(int userId)
{
UserInfoInternal uinfo = UserController.GetUser(userId);
return((uinfo != null) ? new UserInfo(uinfo) : null);
}