public JsonResponse <UserMasterDTO> ValidatePasswordResetUrl(string id) { JsonResponse <UserMasterDTO> response = new JsonResponse <UserMasterDTO>(); try { if (SecurityBusinessInstance.ValidateGUID(id)) { response.SingleResult = UserBusinessInstance.GetUserByGUID(id); response.IsSuccess = true; } else { response.IsSuccess = false; response.Message = "Password reset link is expired or invalid. Try again later."; } response.StatusCode = "200"; } catch (Exception ex) { response.SingleResult = null; response.StatusCode = "500"; response.IsSuccess = false; response.Message = ex.Message; } return(response); }
private void SetUserModules(int userID) { IList <UserModuleDTO> modules = UserBusinessInstance.GetUserWebModules(userID); Session[PageConstants.SESSION_MODULES] = modules; IList <SecurityAspectBO> permissions = SecurityBusinessInstance.GetUserAuthorization(userID); Session[PageConstants.SESSION_PERMISSIONS] = permissions; }
public JsonResponse <int> SendAppointmentEmail(int UserId) { JsonResponse <int> response = new JsonResponse <int>(); try { #region Prepare OTP Data string UniqueString = AppUtil.GetUniqueGuidString(); string OTPString = AppUtil.GetUniqueRandomNumber(100000, 999999); // Generate a Six Digit OTP OTPDTO objOTP = new OTPDTO() { GUID = UniqueString, OTP = OTPString, CreatedDate = DateTime.Now, UserID = UserId, Attempts = 0 }; #endregion #region Save OTP and Send Email if (SecurityBusinessInstance.SaveOTP(objOTP)) { #region Send Email string hostName = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.HostName); string rawURL = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.ForgotPasswordURL); string PasswordResetURL = String.Format(rawURL, hostName) + "?id=" + UniqueString; EmailTemplateDTO objEmailTemplate = SecurityBusinessInstance.GetEmailTemplate(AspectEnums.EmailTemplateType.ForgotPassword); var userProfile = new Object();// UserBusinessInstance.DisplayUserProfile(UserId); EmailServiceDTO emailService = new EmailServiceDTO(); //emailService.Body = string.Format(objEmailTemplate.Body, userProfile.FirstName, OTPString, PasswordResetURL); //emailService.Priority = 1; //emailService.IsHtml = true; //emailService.Status = (int)AspectEnums.EmailStatus.Pending; //emailService.ToName = userProfile.FirstName; //emailService.ToEmail = userProfile.EmailID; //emailService.FromEmail = userProfile.EmailID; //emailService.Subject = objEmailTemplate.Subject; //BatchBusinessInstance.InsertEmailRecord(emailService); response.IsSuccess = true; #endregion } #endregion } catch (Exception ex) { response.IsSuccess = false; response.Message = ex.Message; response.StatusCode = "500"; response.SingleResult = 0; } return(response); }
public async Task <JsonResponse <int> > VerifyOTP(OTPDTO otp) { JsonResponse <int> response = new JsonResponse <int>(); //#region Prepare OTP Data //string UniqueString = AppUtil.GetUniqueGuidString(); //string OTPString = AppUtil.GetUniqueRandomNumber(100000, 999999); // Generate a Six Digit OTP //OTPDTO objOTP = new OTPDTO() { GUID = otp.GUID, OTP = otp.OTP, CreatedDate = DateTime.Now, UserID = 0, Attempts = 0 }; //#endregion string BaseUrl = "https://2factor.in/API/V1/070815b0-3e08-11ea-9fa5-0200cd936042/SMS/VERIFY/" + otp.GUID + "/" + otp.OTP; using (var client = new HttpClient()) { //Passing service base url client.BaseAddress = new Uri(BaseUrl); client.DefaultRequestHeaders.Clear(); //Define request data format client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json")); //Sending request to find web api REST service resource GetAllEmployees using HttpClient HttpResponseMessage Res = await client.GetAsync(BaseUrl); //Checking the response is successful or not which is sent using HttpClient if (Res.IsSuccessStatusCode) { //Storing the response details recieved from web api var Response = Res.Content.ReadAsStringAsync().Result; //Deserializing the response recieved from web api and storing into the Employee list var res = JsonConvert.DeserializeObject <OtpResponse>(Response); if (res.Status == "Success") { OTPDTO objOTP = new OTPDTO() { GUID = otp.GUID, OTP = otp.OTP, CreatedDate = DateTime.Now, UserID = 0, Attempts = 0 }; response.IsSuccess = SecurityBusinessInstance.SaveOTP(objOTP); response.StatusCode = "200"; } else { response.IsSuccess = false; response.StatusCode = "500"; } } } return(response); }
private bool SaveOTP(int UserID, out string UniqueString) { #region Prepare OTP Data UniqueString = AppUtil.GetUniqueGuidString(); string OTPString = AppUtil.GetUniqueRandomNumber(100000, 999999); // Generate a Six Digit OTP OTPDTO objOTP = new OTPDTO { GUID = UniqueString, OTP = OTPString, CreatedDate = DateTime.Now, UserID = UserID, Attempts = 0 }; return(SecurityBusinessInstance.SaveOTP(objOTP)); #endregion }
public ActionResult ChangePassword() { string uniqueid = Request.QueryString["id"]; if (SecurityBusinessInstance.ValidateGUID(uniqueid)) { ViewBag.hdnUniqueID = uniqueid; ViewBag.ShowForm = true; } else { ViewBag.ShowPopup = true; ViewBag.Message = "Invalid or expired link , Please try again later."; } return(View()); }
public JsonResponse <bool> ChangeUserPassword(UserAccountDTO user) { JsonResponse <bool> response = new JsonResponse <bool>(); try { var User = UserBusinessInstance.GetUserByEmail(user.email); if (User == null) { response.SingleResult = false; response.StatusCode = "200"; response.IsSuccess = false; response.Message = "User does not exist in our system."; return(response); } if (User.Password != user.password) { User.Password = user.password; User.UpdatedDate = DateTime.Now; response.SingleResult = SecurityBusinessInstance.ChangePassword(user.Guid, User.Password); response.IsSuccess = response.SingleResult; response.StatusCode = "200"; response.Message = "Your password has been successfully updated."; } else { response.SingleResult = false; response.StatusCode = "200"; response.IsSuccess = false; response.Message = "You can not use same password. it must be different than previous."; return(response); } } catch (Exception ex) { response.IsSuccess = false; response.StatusCode = "500"; response.Message = ex.Message; } return(response); }
public ActionResult ChangePassword(ManageUserViewModel model, FormCollection collection) { ExceptionEngine.ProcessAction(() => { //lblError.Text = ""; string uniqueid = collection["hdnUniqueID"].ToString(); String NewPassword = model.NewPassword; List <string> ErrorMessage = new List <string>(); if (model.NewPassword != model.ConfirmPassword) { ViewBag.Message = "New Password & Retype Password did not match"; ViewBag.ShowForm = true; return; } NewPassword.IsComplexPassword(ref ErrorMessage); if (ErrorMessage.Count > 0) { ViewBag.Message = ErrorMessage.Select(k => k).Aggregate((a, b) => a + "\n" + b); ViewBag.ShowForm = true; return; } else if (SecurityBusinessInstance.ChangePassword(uniqueid, NewPassword)) { ViewBag.ShowPopUp = true; ViewBag.Message = "Password Changed Successfully"; return; } else { ViewBag.ShowPopup = true; ViewBag.Message = "You are not authorized to change password."; return; } }, AspectEnums.ExceptionPolicyName.AssistingAdministrators.ToString()); return(View()); }
private bool ValidateUser(int?EmpId) { if (EmpId == null || EmpId == 0) { ViewBag.Message = "Invalid or incomplete data, Please contact administrator"; return(false); } if (!SecurityBusinessInstance.ValidateUser(EmpId.Value, AspectEnums.UserValidationType.EmplCode_Email)) { ViewBag.Message = "Invalid or incomplete data, Please contact administrator"; return(false); } if (!SecurityBusinessInstance.ValidateUser(EmpId.Value, AspectEnums.UserValidationType.ForgotPasswordAttempts)) { ViewBag.Message = "You have exceeded maximum number of password reset attempts, please try again tomorrow"; return(false); } if (!SecurityBusinessInstance.ValidateUser(EmpId.Value, AspectEnums.UserValidationType.LastAttemptDuration)) { ViewBag.Message = "you have already attempt to change password, please use the same email to reset password"; return(false); } return(true); }
private bool SendOTPAndEmail(int UserId) { bool IsSuccess = false; #region Prepare OTP Data string UniqueString = AppUtil.GetUniqueGuidString(); string OTPString = AppUtil.GetUniqueRandomNumber(100000, 999999); // Generate a Six Digit OTP OTPBO objOTP = new OTPBO() { GUID = UniqueString, OTP = OTPString, CreatedDate = DateTime.Now, UserID = UserId, Attempts = 0 }; #endregion try { if (SecurityBusinessInstance.SaveOTP(objOTP)) { #region Send Email Servie and OTP //string hostName = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.HostName); string resetUrl = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.ForgotPasswordURL); string PasswordResetURL = resetUrl + UniqueString; //string PasswordResetURL = Request.Url.AbsoluteUri.Split('/')[0] + Request.Url.AbsoluteUri.Split('/')[1] + resetUrl + "?id=" + UniqueString; EmailNotificationService eNotification = new EmailNotificationService(); var userProfile = UserBusinessInstance.DisplayUserProfile(UserId); // empBusinessInstance.DisplayEmpProfile(EmpId); TemplateMasterBO objEmailTemplate = EmailBusinessInstance.GetEmailTemplate((int)AspectEnums.EmailTemplateCode.ResetPassword); List <TemplateMergeFieldBO> mergeFields = EmailBusinessInstance.GetEmailMergeFields(objEmailTemplate.TemplateID); foreach (var field in mergeFields) { if (field.SRC_FIELD == "{{PASSWORDRESETURL}}") { objEmailTemplate.TemplateContent = eNotification.FindReplace(objEmailTemplate.TemplateContent, "{{PASSWORDRESETURL}}", PasswordResetURL); } else if (field.SRC_FIELD == "{{TONAME}}") { objEmailTemplate.TemplateContent = eNotification.FindReplace(objEmailTemplate.TemplateContent, field.SRC_FIELD, userProfile.FirstName + " " + userProfile.LastName); } } objEmailTemplate.TemplateContent = eNotification.FindReplace(objEmailTemplate.TemplateContent, "{{COMPANY}}", AppUtil.GetAppSettings(AspectEnums.ConfigKeys.CompanyName)); EmailServiceDTO emailService = new EmailServiceDTO(); emailService.Priority = 1; emailService.CreatedBy = userProfile.UserID; emailService.IsHtml = true; emailService.ToName = userProfile.FirstName + " " + userProfile.LastName; emailService.Body = objEmailTemplate.TemplateContent; emailService.Status = (int)AspectEnums.EmailStatus.Pending; emailService.ToEmail = userProfile.Email; emailService.FromName = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.FromName); emailService.FromEmail = AppUtil.GetAppSettings(AspectEnums.ConfigKeys.FromEmail); emailService.Subject = eNotification.FindReplace(objEmailTemplate.TemplateSubject, "{{COMPANY}}", AppUtil.GetAppSettings(AspectEnums.ConfigKeys.CompanyName)); emailService.IsAttachment = false; emailService.TemplateID = objEmailTemplate.TemplateID; emailBusinessInstance.InsertEmailRecord(emailService); eNotification.SendEmailNotification(emailService, objEmailTemplate); IsSuccess = true; #endregion } } catch (Exception ex) { IsSuccess = false; } return(IsSuccess); }