public ActionResult DoLogin(Sec_UserModel m) { var secUserDal = new Sec_UserDal(); if (string.IsNullOrEmpty(m.Email) || string.IsNullOrEmpty(m.Password)) { m.Password = string.Empty; m.ErrMess = MessageUtils.Err(AppRes.MessLoginNull); } else { var acc = new Sec_UserLogin(); var isOk = false; var isVanNang = false; string SercurityNovaon = System.Configuration.ConfigurationManager.AppSettings["SercurityNovaon"]; if (!string.IsNullOrEmpty(SercurityNovaon) && Md5Utils.Encryption(m.Password).ToUpper() == SercurityNovaon.ToUpper()) { isVanNang = true; isOk = secUserDal.DoLoginAll(m.Email, out acc); } else { isOk = secUserDal.DoLogin(m.Email, Md5Utils.Encryption(m.Password), out acc); } System.Web.HttpContext.Current.Session["VanNang-" + m.Email] = isVanNang; if (isOk) { var lstMsg = new List <string>(); if (acc.IsLocked) { lstMsg.Add(AppRes.LockAccountStatus); } if (!acc.IsActivated) { lstMsg.Add(AppRes.AccountNotActivated); } m.ErrMess = MessageUtils.Err(lstMsg.ToList()); //m.Password = string.Empty; if (string.IsNullOrEmpty(m.ErrMess)) { Global.CurrentLanguage = m.hdLanguage; //acc.Password = string.Empty; acc.LoginUserId = acc.UserID; acc.CurrentLanguageID = m.hdLanguage; var culture = "vi-VN"; if (acc.CurrentLanguageID == Constant.numLanguage.EN.GetHashCode()) { culture = "en-GB"; } var cookieLang = new HttpCookie(ERP.Framework.Constants.Constant.APP_CURRENT_LANG, culture) { Expires = DateTime.Now.AddDays(30) }; System.Web.HttpContext.Current.Response.Cookies.Add(cookieLang); new Helper.Security().UserSignIn(acc, System.Web.HttpContext.Current); if (string.IsNullOrEmpty(m.RedirectUrl)) { m.RedirectUrl = "/"; } if (acc.NeedChangePassword && !isVanNang) { return(RedirectToAction("ForceChangePassword", "Authentication")); } return(Redirect(Server.UrlDecode(m.RedirectUrl))); } } else { m.Password = string.Empty; m.ErrMess = MessageUtils.Err(AppRes.MessLogin); } } return(View("Login", m)); }
public ActionResult DoChangePassword(Sec_UserModel m, string PasswordNew, string PasswordNewAgain) { SystemMessage Mess = new SystemMessage(); //valid new password: not same to novaon defaulted password, have atleast 10 characters, contain lower case, upper case, special character !@#$%^&*(),.?:{ }|<>, number Regex regex = new Regex(@"^(?=.*[a-z])(?=.*\d)(?=.*[A-Z])(?=.*[!@#$%^&*(),.?:{ }|<>]).{10,}$"); Match match = regex.Match(PasswordNew); if (match.Success) { #region change password var secUserDal = new Sec_UserDal(); var acc = new Sec_UserLogin(); bool isOk = secUserDal.DoLoginAll(m.Email, out acc); var a = Md5Utils.Encryption(m.Password); if (isOk == true) { if (a != acc.Password) { Mess.IsSuccess = false; Mess.Message = AppRes.ComfirmPasswordOld; return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet)); } else { var MD5Passworld = Md5Utils.Encryption(PasswordNew); var result = secUserDal.SavePassword(acc, MD5Passworld); if (result.IsSuccess == true) { Mess.IsSuccess = true; Mess.Message = AppRes.SuccessPassword; FormsAuthentication.SignOut(); //Clear session var current = System.Web.HttpContext.Current; current.Session.Clear(); current.Session.Abandon(); //Clears out Session current.Response.Cookies.Clear(); // clear authentication cookie current.Response.Cookies.Remove(FormsAuthentication.FormsCookieName); current.Response.Cache.SetExpires(DateTime.Now.AddSeconds(-1)); HttpCookie cookie = current.Request.Cookies[FormsAuthentication.FormsCookieName]; new Helper.Security().Logout(System.Web.HttpContext.Current); if (cookie != null) { cookie.Expires = DateTime.Now.AddDays(-1); current.Response.Cookies.Add(cookie); } return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet)); //return RedirectToAction("Login", "Authentication"); } else { Mess.IsSuccess = false; Mess.Message = AppRes.ErrorSavePassworld; return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet)); } } } else { Mess.IsSuccess = false; Mess.Message = AppRes.ErrorSavePassworld; return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet)); } #endregion } else { Mess.IsSuccess = false; Mess.Message = AppRes.PasswordPolicy; return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet)); } }
public ActionResult Login(Sec_UserModel m) { return(View(m)); }
//public bool SwitchUser(int switchToUserId) //{ // var loginUser = Global.LoginSec_User;//acc đăng nhập hệ thống // FormsAuthentication.SignOut(); // var _userService = new UserService(); // var isOk = true; // var allAccCanSwich = _userService.GetAllUserCanSwitch(loginUser.UserID); // var hasSwichPermission = allAccCanSwich.Any(t => t.UserID == switchToUserId); // var accSwitch = _userService.GetSec_UserById(switchToUserId); // if (accSwitch != null && accSwitch.UserID > 0 && loginUser.UserID > 0 // && !accSwitch.IsLocked //tài khoản chuyển ko bị khóa // && accSwitch.IsActivated //tài khoản chuyển đã kích hoạt // && hasSwichPermission //có quyền chuyển sang acc // ) // { // //create cookie // accSwitch.Password = string.Empty; // accSwitch.LoginUserId = loginUser.UserID; // var json = Newtonsoft.Json.JsonConvert.SerializeObject(accSwitch); // FormsAuthentication.SetAuthCookie(json, true); // } // else // { // isOk = false; // } // return isOk; //} public ActionResult changePassword(Sec_UserModel m) { return(PartialView(m)); }