public ActionResult Index(LoginInfoVM postedObj)
{
int hour = DateTime.Now.Hour;
ViewBag.Greeting = hour < 12 ? "Good Morning" : "Good Afternoon";
if (ModelState.IsValid && Authentication.AuthenticateUser(postedObj.OnePerson.Email, postedObj.Password))
{
Session["hash"] = Authentication.HashPassword(postedObj.OnePerson.Email, postedObj.Password);
LoginInfoVM info = Loader.queryLoginfoPersonBySession((string)Session["hash"]);
Loader.updateLoginTime(info.LoginId, DateTime.Now);
if (info.Role >= (int)SharedCode.Security.RoleEnum.Admin)
{
return(RedirectToAction(WebConstants.HOME_ADMIN_PAGE));
}
else
{
return(RedirectToAction(WebConstants.HOME_USER_PAGE));
}
}
return(View(postedObj));
}
// Requires role >= user
public ActionResult EditUser(int PersonId)
{
// don't allow regular user to forgery "PersonId", that he can only view his own infomation
//LoginInfoVM loginUser = Loader.queryLoginfoPersonBySession((string)Session["hash"]);
//if( !UnForgeryLink.CheckLinkForPersonId(role, PersonId, loginUser))
//{
// ViewBag.UserRoleLimit = "Forgery link is not allowed!";
// return View();
//}
LoginInfoVM savedInfo = Loader.queryLoginPersonByPersonId(PersonId);
ViewBag.myRole = this.role;
if (this.role >= (int)SharedCode.Security.RoleEnum.Admin)
{
return(View(savedInfo));
}
else if (savedInfo.IsLive == false && this.role < (int)SharedCode.Security.RoleEnum.Admin)
{
ViewBag.UserRoleLimit = "As a deactive user, you need require admin to active you!";
return(View());
}
return(View(savedInfo));
}
public static LoginInfoVM queryLoginPersonByPersonId(int personId)
{
LoginInfoVM info = null;
using (DatabaseModel.ErrorModelDbContext db = new DatabaseModel.ErrorModelDbContext())
{
// Initialize the DB - false doesn't force reinitialization if the DB already exists
db.Database.Initialize(false);
var query = (from n in db.LoginSet
where n.OnePerson.PersonId == personId
select n).First();
PersonVM person = new PersonVM()
{
PersonId = query.OnePerson.PersonId,
FirstName = query.OnePerson.FirstName,
LastName = query.OnePerson.LastName,
Email = query.OnePerson.Email
};
info = new LoginInfoVM()
{
LoginId = query.LoginId,
LoginTime = query.LoginTime,
Password = query.Password,
Role = query.Role,
IsLive = query.IsLive,
OnePerson = person
};
}
return(info);
}
//public static BlockingQueue<ApplicationVM> recvErrQ = new BlockingQueue<ApplicationVM>();
//static Loader()
//{
// var logThread = new Thread(
// () =>
// {
// while(true)
// {
// List<ApplicationVM> appErrList = new List<ApplicationVM>();
// var appVM = recvErrQ.deQ(); // could be blocked here
// appErrList.Add(appVM);
// int size = recvErrQ.size();
// for( int i=0; i<size; ++i)
// {
// appErrList.Add(recvErrQ.deQ());
// }
// insertLogs(appErrList);
// Thread.Sleep(5000); // every 5s to check whether insert logs to database.
// }
// }
// );
// logThread.Start();
// //logThread.Join();
//}
#region ----< QUERY >-----
public static LoginInfoVM queryLoginfoPersonBySession(string hash)
{
LoginInfoVM info = new LoginInfoVM();
using (DatabaseModel.ErrorModelDbContext db = new DatabaseModel.ErrorModelDbContext())
{
// Initialize the DB - false doesn't force reinitialization if the DB already exists
db.Database.Initialize(false);
if (db.LoginSet.Any(x => x.Password == hash))
{
var dbinfo = db.LoginSet.Where(x => x.Password == hash).FirstOrDefault();
info.LoginId = dbinfo.LoginId;
info.LoginTime = dbinfo.LoginTime;
info.Password = dbinfo.Password;
info.IsLive = dbinfo.IsLive;
info.Role = dbinfo.Role;
info.OnePerson = new PersonVM()
{
PersonId = dbinfo.OnePerson.PersonId,
FirstName = dbinfo.OnePerson.FirstName,
LastName = dbinfo.OnePerson.LastName,
Email = dbinfo.OnePerson.Email
};
}
}
return(info);
}
public LoginInfoVM getLoginInfo(int seatId)
{
string username = _db.Users.Where(u => u.SeatInfoId == seatId).FirstOrDefault().UserName;
LoginInfoVM vm = null;
if (seatId < 4)
{
vm = new LoginInfoVM
{
Username = username,
Password = "******"
};
}
else
{
vm = new LoginInfoVM
{
Username = username,
Password = "******"
};
}
return(vm);
}
public ActionResult Register(LoginInfoVM postedObj)
{
if (ModelState.IsValid && Authentication.RegisterUser(postedObj.OnePerson.Email, postedObj.Password))
{
Loader.createLoginPerson(postedObj); // this only create a Use-Role
return(RedirectToAction(WebConstants.HOME_PAGE));
}
return(View());
}
public ActionResult AddUser(LoginInfoVM postedObj)
{
//ViewBag.Command = "view_detail";
if (ModelState.IsValid && Authentication.RegisterUser(postedObj.OnePerson.Email, postedObj.Password))
{
Loader.createLoginPerson(postedObj);
return(RedirectToAction(WebConstants.HOME_ADMIN_PAGE));
}
return(View(postedObj));
}
public async Task <ActionResult <LoginVM> > GetUsers(LoginInfoVM loginInfo)
{
var info = await _account.CheckLoginSV(loginInfo.AccEmail, loginInfo.AccPassword).FirstOrDefaultAsync();
if (info == null)
{
return(NotFound());
}
else
{
return(Ok(info));
}
//return await _context.Users.ToListAsync();
}
public ActionResult EditUser(LoginInfoVM postedObj)
{
if (ModelState.IsValid)
{
Loader.updateLoginPersion(postedObj);
if (this.role >= (int)SharedCode.Security.RoleEnum.Admin)
{
return(RedirectToAction(WebConstants.HOME_ADMIN_PAGE));
}
else
{
return(RedirectToAction(WebConstants.HOME_USER_PAGE));
}
}
return(View(postedObj));
}
public static void updateLoginPersion(LoginInfoVM lg)
{
using (DatabaseModel.ErrorModelDbContext db = new DatabaseModel.ErrorModelDbContext())
{
db.Database.Initialize(false);
var dbinfo = (from n in db.LoginSet
where n.LoginId == lg.LoginId
select n).First();
dbinfo.Password = SharedCode.Authentication.Authentication.HashPassword(lg.OnePerson.Email, lg.Password);
dbinfo.Role = lg.Role;
dbinfo.IsLive = lg.IsLive;
dbinfo.OnePerson.FirstName = lg.OnePerson.FirstName;
dbinfo.OnePerson.LastName = lg.OnePerson.LastName;
dbinfo.OnePerson.Email = lg.OnePerson.Email;
dbinfo.LoginTime = dbinfo.LoginTime < lg.LoginTime ? lg.LoginTime : dbinfo.LoginTime;
db.SaveChanges();
}
}
// toDo, use SALT, prevent duplicate registering
public static void createLoginPerson(LoginInfoVM lo)
{
using (DatabaseModel.ErrorModelDbContext db = new DatabaseModel.ErrorModelDbContext())
{
// Initialize the DB - false doesn't force reinitialization if the DB already exists
db.Database.Initialize(false);
Person person = new Person()
{
FirstName = lo.OnePerson.FirstName,
LastName = lo.OnePerson.LastName,
Email = lo.OnePerson.Email
};
string hashedPwd = SharedCode.Authentication.Authentication.HashPassword(person.Email, lo.Password);
db.LoginSet.Add(new LoginInfo()
{
Password = hashedPwd, IsLive = true, Role = (int)RoleEnum.User, OnePerson = person
});
db.SaveChanges();
}
}
//POST : /api/ApplicationUser/Register
public async Task <Object> PostApplicationUser(LoginInfoVM model)
{
var applicationUser = new LoginInfo()
{
AccountType = model.AccountType,
UserName = model.Username,
Email = model.Email,
FirstName = model.Firstname,
LastName = model.Lastname
};
try
{
var result = await _userManager.CreateAsync(applicationUser, model.Password);
return(Ok(result));
}
catch (Exception ex)
{
throw ex;
}
}
// Requires User role
public ActionResult UserPage()
{
LoginInfoVM info = Loader.queryLoginfoPersonBySession((string)Session["hash"]);
return(View(info));
}
