public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(GetErrorResult(model));
}
bool errorMsg = CheckPasswordValidation(ApplicationSetting, model.NewPassword);
if (errorMsg == true)
{
ModelState.AddModelError("a", "Password must be " + ApplicationSetting.aps_security_password_length_value + " to 16 characters and contain:");
ModelState.AddModelError("b", "1 Capital Letter");
ModelState.AddModelError("c", "1 Lower Case Letter");
ModelState.AddModelError("d", "1 Number");
ModelState.AddModelError("e", "1 Special Character(!,@,#,$,%,^,*,_,+,=)");
return(GetErrorResult(model, true));
}
var userForPassUpdate = await UserManager.FindByIdAsync(User.Identity.GetUserId());
var hashOldPassword = userForPassUpdate.PasswordHash;
var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
if (result.Errors.Count() > 0 && ((string[])result.Errors)[0] == "Incorrect password.")
{
ModelState.AddModelError("Password", ((string[])result.Errors)[0]);
return(GetErrorResult(model));
}
else
{
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
var hashNewPassword = user.PasswordHash;
if (user != null)
{
// This is for password Age
if (ApplicationSetting.aps_security_password_age_value > 0)
{
user.PasswordExpirationDate = DateTime.UtcNow.ToEST().AddDays(ApplicationSetting.aps_security_password_age_value);
}
else
{
user.PasswordExpirationDate = null;
}
// This is for password history
if (ApplicationSetting.aps_security_password_history_value.HasValue)
{
var userPasswordLog = _userLogService.GetUserLog(user.Id, (int)ApplicationSetting.aps_security_password_history_value);
foreach (var item in userPasswordLog)
{
var passResult = UserManager.PasswordHasher.VerifyHashedPassword(item.PasswordHash_New, model.NewPassword);
switch (passResult)
{
case PasswordVerificationResult.Success:
ModelState.AddModelError("Password", "You cannot use your previous " + ApplicationSetting.aps_security_password_history_value + " passwords.");
return(GetErrorResult(model));
}
}
}
var objUserLog = new AspNetUsers_Log
{
PasswordHash_Old = hashOldPassword,
SecurityStamp_Old = user.SecurityStamp,
PasswordHash_New = hashNewPassword,
CreatedBy = User.Identity.GetUserId(),
CreatedDate = DateTime.Now.ToEST(),
CreatedByName = loggedInUser.FullName,
ModifiedBy = User.Identity.GetUserId(),
ModifiedDate = DateTime.Now.ToEST(),
ModifiedByName = loggedInUser.FullName,
AspNetUsersId = loggedInUser.Id
};
_userLogService.Create(objUserLog);
user.PasswordHash = hashNewPassword;
//After change the password the user must need to reset the password if it is set to true from security
user.RequirePasswordReset = true;
user.ModifiedBy = user.Id;
user.ModifiedByName = user.FullName;
user.ModifiedDate = DateTime.Now.ToEST();
if (string.IsNullOrEmpty(user.SecurityStamp))
{
user.SecurityStamp = Guid.NewGuid().ToString();
}
var resultUser = await UserManager.UpdateAsync(user);
if (!resultUser.Succeeded)
{
ModelState.AddModelError("", resultUser.Errors.First());
return(View(model));
}
LogAuditRecord(user.UserName, AuditRecordLogStatus.PasswordChange.ToDescription());
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
}
return(GetSuccessResult(Url.Action("Index", "Home")));
}
}
public void Edit(AspNetUsers_Log entity)
{
_unitOfWork.AspNetUsersLogRepository.Update(entity);
_unitOfWork.Save();
_unitOfWork.Commit();
}
public async Task <ActionResult> ChangePassword(UpdateUserViewModel userviewmodel)
{
try
{
if (ModelState.IsValid)
{
var dbuser = await UserManager.FindByIdAsync(userviewmodel.Id);
var hashOldPassword = dbuser.PasswordHash;
var hashNewPassword = UserManager.PasswordHasher.HashPassword(userviewmodel.Password);
var IsApiUser = UserManager.GetRoles(dbuser.Id).Contains(UserRoles.TeleCareApi.ToDescription());
if (IsApiUser)
{
if (string.IsNullOrEmpty(userviewmodel.APISecretKey))
{
ModelState.AddModelError("APISecretKey", "API Secret Key field is required");
}
if (string.IsNullOrEmpty(userviewmodel.APIPassword))
{
ModelState.AddModelError("APIPassword", "API Password field is required");
}
if (ModelState.IsValid)
{
dbuser.APISecretKey = userviewmodel.APISecretKey;
dbuser.APIPassword = Functions.EncodeTo64UTF8($"{userviewmodel.Username}:{userviewmodel.Password}:{userviewmodel.APISecretKey}");
}
}
bool errorMsg = CheckPasswordValidation(ApplicationSetting, userviewmodel.Password);
if (errorMsg == true)
{
ModelState.AddModelError("a", "Password must be " + ApplicationSetting.aps_security_password_length_value + " to 16 characters and contain:");
ModelState.AddModelError("b", "1 Capital Letter");
ModelState.AddModelError("c", "1 Lower Case Letter");
ModelState.AddModelError("d", "1 Number");
ModelState.AddModelError("e", "1 Special Character(!,@,#,$,%,^,&,*,_,+,=)");
return(GetErrorResult(userviewmodel, true));
}
//bool err = CheckPasswordErrors(settings, userviewmodel.Password);
//if (err)
// return GetErrorResult(userviewmodel, true);
if (ModelState.IsValid)
{
// This is for password Age
if (ApplicationSetting.aps_security_password_age_value > 0)
{
dbuser.PasswordExpirationDate = DateTime.UtcNow.ToEST().AddDays(ApplicationSetting.aps_security_password_age_value);
}
else
{
dbuser.PasswordExpirationDate = null;
}
// This is for password history
if (ApplicationSetting.aps_security_password_history_value.HasValue)
{
var userPasswordLog = _userLogService.GetUserLog(dbuser.Id, (int)ApplicationSetting.aps_security_password_history_value);
foreach (var item in userPasswordLog)
{
var passResult = UserManager.PasswordHasher.VerifyHashedPassword(item.PasswordHash_New, userviewmodel.Password);
switch (passResult)
{
case PasswordVerificationResult.Success:
ModelState.AddModelError("Password", "You cannot use your previous " + ApplicationSetting.aps_security_password_history_value + " passwords.");
return(GetErrorResult(userviewmodel));
}
}
}
//Saving user log : Start
var objUserLog = new AspNetUsers_Log
{
PasswordHash_Old = hashOldPassword,
SecurityStamp_Old = dbuser.SecurityStamp,
PasswordHash_New = hashNewPassword,
CreatedBy = User.Identity.GetUserId(),
CreatedDate = DateTime.Now.ToEST(),
CreatedByName = loggedInUser.FullName,
ModifiedBy = User.Identity.GetUserId(),
ModifiedDate = DateTime.Now.ToEST(),
ModifiedByName = loggedInUser.FullName,
AspNetUsersId = dbuser.Id
};
_userLogService.Create(objUserLog);
//Saving user log : End
dbuser.PasswordHash = hashNewPassword;
//After change the password the user must need to reset the password if it is set to true from security
dbuser.RequirePasswordReset = false;
dbuser.ModifiedBy = dbuser.Id;
dbuser.ModifiedByName = dbuser.FullName;
dbuser.ModifiedDate = DateTime.Now.ToEST();
if (string.IsNullOrEmpty(dbuser.SecurityStamp))
{
dbuser.SecurityStamp = Guid.NewGuid().ToString();
}
var result = await UserManager.UpdateAsync(dbuser);
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
return(GetErrorResult(userviewmodel));
}
var action = string.Format("{0} for {1}", AuditRecordLogStatus.PasswordChange.ToDescription(), dbuser.UserName);
LogAuditRecord(loggedInUser.UserName, action);
return(GetSuccessResult(Url.Action("Users"), "Password has been updated!"));
}
}
return(GetErrorResult(userviewmodel));
}
catch (Exception ex)
{
Elmah.ErrorSignal.FromCurrentContext().Raise(ex);
ModelState.AddModelError("", "Error! Please try again.");
}
return(GetSuccessResult(Url.Action("Users")));
}
public void Create(AspNetUsers_Log entity)
{
_unitOfWork.AspNetUsersLogRepository.Insert(entity);
_unitOfWork.Save();
_unitOfWork.Commit();
}
public async Task <ActionResult> AddUser(RegisterViewModel userViewModel)
{
bool PasswordError = false;
try
{
if (ModelState.IsValid)
{
if (userViewModel.Role == "0029737b-f013-4e0b-8a31-1b09524194f9")
{
var intialsCount = _adminService.GetUsersByInitial(userViewModel.UserInitial).Count();
if (intialsCount > 0)
{
ModelState.AddModelError("UserInitial", $"There is already a User in the system with the same initials. Please enter new Initials using up to three (3) alphanumeric characters.");
}
//Suggested Initial is {userViewModel.UserInitial}{intialsCount + 1}");
}
if (_adminService.ValidateNPINumber(userViewModel.UserInitial))
{
ModelState.AddModelError("NPINumber", "There is already a User in the system with the same NPI Number. Please enter a different NPI Number ");
}
if (ModelState.IsValid)
{
var user = new ApplicationUser
{
FirstName = userViewModel.FirstName,
LastName = userViewModel.LastName,
UserName = userViewModel.Username,
Email = userViewModel.Email,
IsActive = userViewModel.isActive,
IsDisable = userViewModel.isDisable,
EnableFive9 = userViewModel.EnableFive9,
MobilePhone = userViewModel.MobilePhone,
PhoneNumber = userViewModel.OtherPhone,
UserInitial = userViewModel.UserInitial,
NPINumber = userViewModel.NPINumber,
CaseReviewer = userViewModel.CaseReviewer,
CreatedBy = User.Identity.GetUserId(),
CreatedDate = DateTime.Now.ToEST(),
CreatedByName = loggedInUser.FullName,
IsEEG = userViewModel.IsEEG,
IsStrokeAlert = userViewModel.IsStrokeAlert,
NHAlert = userViewModel.NHAlert,
Address_line1 = userViewModel.Address_line1,
Address_line2 = userViewModel.Address_line2,
City = userViewModel.City,
Zip = userViewModel.Zip,
State_key = userViewModel.State_key,
IsSleep = userViewModel.IsSleep,
TwoFactorEnabled = userViewModel.TwoFactorEnabled
};
if (!string.IsNullOrEmpty(userViewModel.Role))
{
var userRole = RoleManager.Roles.FirstOrDefault(m => m.Id == userViewModel.Role);
if (userRole.Name == UserRoles.TeleCareApi.ToDescription())
{
user.APISecretKey = userViewModel.APISecretKey;
user.APIPassword = Functions.EncodeTo64UTF8($"{userViewModel.Username}:{userViewModel.Password}:{userViewModel.APISecretKey}");
}
}
bool errorMsg = CheckPasswordValidation(ApplicationSetting, userViewModel.Password);
if (errorMsg == true)
{
ModelState.AddModelError("a", "Password must be " + ApplicationSetting.aps_security_password_length_value + " to 16 characters and contain:");
ModelState.AddModelError("b", "1 Capital Letter");
ModelState.AddModelError("c", "1 Lower Case Letter");
ModelState.AddModelError("d", "1 Number");
ModelState.AddModelError("e", "1 Special Character(!,@,#,$,%,^,&,*,_,+,=)");
PasswordError = true;
}
if (!PasswordError)
{
var adminresult = await UserManager.CreateAsync(user, userViewModel.Password);
if (adminresult.Succeeded)
{
// Assigning Role to User
await AddUserToRole(new MyUserRole { RoleId = userViewModel.Role, UserId = user.Id });
var action = string.Format("{0} as {1}", AuditRecordLogStatus.UserCreated.ToDescription(), user.UserName);
LogAuditRecord(loggedInUser.UserName, action);
TempData["StatusMessage"] = "User has been Created";
//return RedirectToAction("Users");
string newId = user.Id;
var newCreatedUsre = await UserManager.FindByIdAsync(newId);
var objUserLog = new AspNetUsers_Log
{
PasswordHash_Old = newCreatedUsre.PasswordHash,
SecurityStamp_Old = newCreatedUsre.SecurityStamp,
PasswordHash_New = newCreatedUsre.PasswordHash,
CreatedBy = newCreatedUsre.Id,
CreatedByName = newCreatedUsre.FullName,
CreatedDate = DateTime.Now.ToEST(),
ModifiedBy = newCreatedUsre.Id,
ModifiedByName = newCreatedUsre.FullName,
ModifiedDate = DateTime.Now.ToEST(),
AspNetUsersId = newCreatedUsre.Id
};
_userLogService.Create(objUserLog);
return(GetSuccessResult(Url.Action("Users", new { level = userViewModel.Level })));
}
else
{
ModelState.AddModelError("", adminresult.Errors.First());
}
}
}
}
}
catch (Exception ex)
{
Elmah.ErrorSignal.FromCurrentContext().Raise(ex);
ModelState.AddModelError("", "Error! Please try again.");
}
ViewBag.Role = RoleManager.Roles
.Select(m => new SelectListItem
{
Text = m.Name,
Value = m.Id
}).ToList();
if (PasswordError)
{
return(GetErrorResult(userViewModel, true));
}
else
{
return(GetErrorResult(userViewModel));
}
}
