Exemple #1
0
        public int UpdateLoginAttempts(LoginAttemptsModels objLAM)
        {
            SqlParameter[] param = new SqlParameter[]
            {
                new SqlParameter("@LoginAttempts", objLAM.LoginAttempts),
                new SqlParameter("@UserId", objLAM.UserId),
            };
            var details = SqlHelper.ExecuteNonQuery(Utility.GetConString(), CommandType.StoredProcedure, "[dbo].[UpdateLoginAttempts]", param);

            if (details >= 1)
            {
                return(1);
            }
            return(0);
        }
Exemple #2
0
        public LoginAttemptsModels GetLoginAttempts(string UserId)
        {
            LoginAttemptsModels objLAM = new LoginAttemptsModels();

            SqlParameter[] param = new SqlParameter[]
            {
                new SqlParameter("@UserId", UserId),
            };
            SqlDataReader rdr = SqlHelper.ExecuteReader(Utility.GetConString(), CommandType.StoredProcedure, "[dbo].[GetLoginAttempts]", param);

            if (rdr.HasRows)
            {
                while (rdr.Read())
                {
                    objLAM.IntervalPending = Convert.ToInt32(rdr["IntervalPending"]);
                    objLAM.LoginAttempts   = Convert.ToInt32(rdr["LoginAttempts"].ToString());
                }
            }
            return(objLAM);
        }
        //[ValidateAntiForgeryToken]
        public ActionResult Login(FormCollection collection, string pwd)
        {
            try
            {
                Account             objA   = new Account();
                LoginAttemptsModels objLAM = new LoginAttemptsModels();

                string clientCaptcha = collection["clientCaptcha"];
                string serverCaptcha = Convert.ToString(Session["Captcha"]);

                if (!clientCaptcha.Equals(serverCaptcha))
                {
                    ViewBag.ShowCAPTCHA  = serverCaptcha;
                    ViewBag.CaptchaError = "Sorry, please write exact text as written above.";
                    Session["Captcha"]   = GetRandomText();
                    GetCaptchaImage();
                    return(View());
                }
                Session["Captcha"] = "";
                CS4HJ obj = new CS4HJ();
                obj.CreatSession();
                if (ModelState.IsValid)
                {
                    EncryptionService objES  = new EncryptionService();
                    GetBasicInfo      objGBI = new GetBasicInfo();
                    Login             objL   = new Login
                    {
                        UserName = Microsoft.Security.Application.Sanitizer.GetSafeHtmlFragment(collection.Get("username"))
                    };
                    objL.UserName = XCCPrevent.FilterBadchars1(objL.UserName);
                    objL.Salt     = objA.GetEncrptedSalt(objL.UserName);
                    if (!string.IsNullOrEmpty(objL.Salt))
                    {
                        GenerateHashKeyForStore();
                        objL.Password = collection.Get("Password");
                        objL.Password = Microsoft.Security.Application.Sanitizer.GetSafeHtmlFragment(objL.Password);
                        objL.Password = XCCPrevent.FilterBadchars1(objL.Password);
                        objL.Password = objES.EncryptPassword(objL.Password, objL.Salt);
                        Int64 result = objA.ValidateUser(objL);
                        if (result >= 1)
                        {
                            LoginUserDetails objLUD          = new LoginUserDetails();
                            LoginUserDetails objLUDCheckRole = new LoginUserDetails();
                            objLUDCheckRole = objA.GetRoleId(result);
                            if (objLUDCheckRole.Role == 5)
                            {
                                objLUD.Role               = 5;
                                objLUD.SocietyTransId     = objLUDCheckRole.SocietyTransId;
                                objLUD.BackLogResetStatus = objLUDCheckRole.BackLogResetStatus;
                                objLUD.UserId             = objLUDCheckRole.UserId;
                                objLUD.SocietyStatus      = objLUDCheckRole.SocietyStatus;
                            }
                            else
                            {
                                objLUD = objA.GetLoginUserDetails(result);
                            }
                            objLAM = objA.GetLoginAttempts(objL.UserName);
                            if (objLAM.IntervalPending <= 5 && objLAM.LoginAttempts >= 2)
                            {
                                int a = 5 - (objLAM.IntervalPending);
                                if (a == 0)
                                {
                                    ViewBag.Err = "you can try login after " + 1 + " mintues";
                                }
                                else
                                {
                                    ViewBag.Err = "you can try login after " + Convert.ToString(5 - (objLAM.IntervalPending)) + " mintues";
                                }
                                Session["Captcha"] = GetRandomText();
                                GetCaptchaImage();
                                return(View());
                            }
                            if (objLUD.Role == 1)
                            {
                                //UserInfo.CitizenInfo.Name = objLUD.Name.ToString();
                                //UserInfo.CitizenInfo.RoleId = objLUD.Role;
                                //UserInfo.CitizenInfo.UserId = objLUD.UserId;
                                //UserInfo.CitizenInfo.EncrptedDecruptedKey = "sblw-3hn8-sqoy19";
                                //= Convert.ToInt32(Session["SocietyStatus"]) = objLUD.SocietyStatus;
                                //UserInfo.CitizenInfo.StatusEditable = objLUD.StatusEditable;
                                //UserInfo.CitizenInfo.UserType = objLUD.UserType;
                                //UserInfo.CitizenInfo.FormE = objLUD.FormE;
                                Session["Name"]   = objLUD.Name.ToString();
                                Session["RoleId"] = objLUD.Role;
                                Session["UserId"] = objLUD.UserId;
                                Session["EncrptedDecruptedKey"] = "sblw-3hn8-sqoy19";
                                Session["SocietyStatus"]        = objLUD.SocietyStatus;
                                Session["StatusEditable"]       = objLUD.StatusEditable;
                                Session["UserType"]             = objLUD.UserType;
                                if (!string.IsNullOrEmpty(objLUD.SocietyTransId))
                                {
                                    //UserInfo.CitizenInfo.SocietyTransID = objLUD.SocietyTransId;
                                    Session["SocietyTransID"] = objLUD.SocietyTransId;
                                }
                                else
                                {
                                    Session["SocietyTransID"] = "0";
                                }
                                if (objLUD.Total > 0)
                                {
                                    //UserInfo.CitizenInfo.NoOfMembers = objLUD.Total;
                                    Session["NoOfMembers"] = objLUD.Total;
                                }
                                else
                                {
                                    Session["NoOfMembers"] = 0;
                                }
                                Session["FormE"] = objLUD.FormE;
                                return(RedirectToAction("Application", "Society"));
                            }
                            else if (objLUD.Role == 2)
                            {
                                //UserInfo.CitizenInfo.Name = objLUD.Name.ToString();
                                Session["Name"] = objLUD.Name.ToString();
                                //UserInfo.CitizenInfo.ARCSCode = objLUD.ARCSCode;
                                Session["ARCSCode"] = objLUD.ARCSCode;
                                //UserInfo.CitizenInfo.RoleId = objLUD.Role;
                                Session["RoleId"] = objLUD.Role;
                                //UserInfo.CitizenInfo.UserId = objLUD.UserId;
                                Session["UserId"] = objLUD.UserId;
                                //UserInfo.CitizenInfo.EncrptedDecruptedKey = "sblw-3hn8-sqoy19";
                                Session["EncrptedDecruptedKey"] = "sblw-3hn8-sqoy19";
                                //UserInfo.CitizenInfo.UserType = objLUD.UserType;
                                Session["UserType"] = objLUD.UserType;
                                return(RedirectToAction("Dashboard", "ARCS"));
                            }
                            else if (objLUD.Role == 3)
                            {
                                //UserInfo.CitizenInfo.Name = objLUD.Name.ToString();
                                Session["Name"] = objLUD.Name.ToString();
                                //Convert.ToInt32(Session["InsceptorCode"]) = objLUD.ARCSCode;
                                Session["InsceptorCode"] = objLUD.ARCSCode;
                                //UserInfo.CitizenInfo.RoleId = objLUD.Role;
                                Session["RoleId"] = objLUD.Role;
                                //UserInfo.CitizenInfo.UserId = objLUD.UserId;
                                Session["UserId"] = objLUD.UserId;
                                //UserInfo.CitizenInfo.UserType = objLUD.UserType;
                                Session["UserType"] = objLUD.UserType;
                                //UserInfo.CitizenInfo.EncrptedDecruptedKey = "sblw-3hn8-sqoy19";
                                Session["EncrptedDecruptedKey"] = "sblw-3hn8-sqoy19";
                                return(RedirectToAction("Dashboard", "Inspector"));
                            }
                            else if (objLUD.Role == 4)
                            {
                                //UserInfo.CitizenInfo.Name = objLUD.Name.ToString();
                                Session["Name"] = objLUD.Name.ToString();
                                //UserInfo.CitizenInfo.RoleId = objLUD.Role;
                                Session["RoleId"] = objLUD.Role;
                                //UserInfo.CitizenInfo.UserId = objLUD.UserId;
                                Session["UserId"] = objLUD.UserId;
                                //UserInfo.CitizenInfo.EncrptedDecruptedKey = "sblw-3hn8-sqoy19";
                                Session["EncrptedDecruptedKey"] = "sblw-3hn8-sqoy19";
                                //Convert.ToInt32(Session["SocietyStatus"]) = objLUD.SocietyStatus;
                                Session["SocietyStatus"] = objLUD.SocietyStatus;
                                //UserInfo.CitizenInfo.StatusEditable = objLUD.StatusEditable;
                                Session["StatusEditable"] = objLUD.StatusEditable;
                                //UserInfo.CitizenInfo.UserType = objLUD.UserType;
                                Session["UserType"] = objLUD.UserType;
                            }
                            else if (objLUD.Role == 5)
                            {
                                if (!string.IsNullOrEmpty(objLUD.SocietyTransId))
                                {
                                    //UserInfo.CitizenInfo.SocietyTransID = objLUD.SocietyTransId;
                                    Session["SocietyTransID"] = objLUD.SocietyTransId;
                                }
                                //UserInfo.CitizenInfo.RoleId = objLUD.Role;
                                Session["RoleId"] = objLUD.Role;
                                //UserInfo.CitizenInfo.Name= objLUD.Name.ToString();
                                Session["Name"] = objLUD.Name;
                                //UserInfo.CitizenInfo.UserId= objLUD.UserId;
                                Session["UserId"] = objLUD.UserId;
                                //UserInfo.CitizenInfo.UserType= objLUD.UserType;
                                //Convert.ToInt32(Session["SocietyStatus"]) = objLUD.SocietyStatus;
                                //UserInfo.CitizenInfo.BackLogResetStatus = objLUD.BackLogResetStatus;
                                Session["BackLogResetStatus"] = objLUD.BackLogResetStatus;
                                Session["SocietyStatus"]      = objLUD.SocietyStatus;
                                //UserInfo.CitizenInfo.EncrptedDecruptedKey = "sblw-3hn8-sqoy19";
                                Session["EncrptedDecruptedKey"] = "sblw-3hn8-sqoy19";
                                if (objLUD.BackLogResetStatus == 0)
                                {
                                    return(RedirectToAction("ResetPassword", "BackLog"));
                                }
                                else
                                {
                                    return(RedirectToAction("Dashboard", "BackLog"));
                                }
                            }
                        }
                        else if (result == 2)
                        {
                            Session["Captcha"] = GetRandomText();
                            GetCaptchaImage();
                            ViewBag.Err = "User doesn't exists!";
                            return(View());
                        }
                        else
                        {
                            objLAM        = objA.GetLoginAttempts(objL.UserName);
                            objLAM.UserId = objL.UserName;
                            if (objLAM.LoginAttempts >= 2)
                            {
                                Session["Captcha"] = GetRandomText();
                                GetCaptchaImage();
                                objLAM.LoginAttempts = objLAM.LoginAttempts + 1;
                                objA.UpdateLoginAttempts(objLAM);
                                ViewBag.Err = "Account has been locked, try after five mintues";
                                return(View());
                            }

                            if (objLAM.LoginAttempts >= 1)
                            {
                                objLAM.LoginAttempts = objLAM.LoginAttempts + 1;
                                objA.UpdateLoginAttempts(objLAM);
                            }
                            else
                            {
                                objLAM.LoginAttempts = 1;
                                objA.UpdateLoginAttempts(objLAM);
                            }
                            Session["Captcha"] = GetRandomText();
                            GetCaptchaImage();
                            ViewBag.Err = "invalid credentials!";
                            return(View());
                        }
                    }
                    else
                    {
                        Session["Captcha"] = GetRandomText();
                        GetCaptchaImage();
                        ViewBag.Err = "User doesn't exists!";
                        return(View());
                    }
                }
                return(View());
            }
            catch (Exception ex)
            {
                Session["Captcha"] = GetRandomText();
                GetCaptchaImage();
                return(View());

                throw ex;
            }
        }