public MessageModuleController()
{
_messageModuleServices = new ServiceMessageModule();
_auditLogService = new ServiceAuditLog();
_userId = Convert.ToInt32(((ClaimsIdentity)User.Identity).Claims.Where(c => c.Type == "user_id")
.Select(c => c.Value).SingleOrDefault());
}
public ComServerClusterController()
{
_comServerClusterService = new ServiceComServerCluster();
_auditLogService = new ServiceAuditLog();
_userId = Convert.ToInt32(((ClaimsIdentity)User.Identity).Claims.Where(c => c.Type == "user_id")
.Select(c => c.Value).SingleOrDefault());
}
public ApprovalRequestController()
{
_approvalRequestService = new ServiceApprovalRequest();
_auditLogService = new ServiceAuditLog();
_userId = Convert.ToInt32(((ClaimsIdentity)User.Identity).Claims.Where(c => c.Type == "user_id")
.Select(c => c.Value).SingleOrDefault());
}
public GroupController()
{
_groupServices = new ServiceGroup();
_auditLogService = new ServiceAuditLog();
_userId = Convert.ToInt32(((ClaimsIdentity)User.Identity).Claims.Where(c => c.Type == "user_id")
.Select(c => c.Value).SingleOrDefault());
}
public ActiveImagingTaskController()
{
_activeImagingTaskService = new ServiceActiveImagingTask();
_auditLogService = new ServiceAuditLog();
_userId = Convert.ToInt32(((ClaimsIdentity)User.Identity).Claims.Where(c => c.Type == "user_id")
.Select(c => c.Value).SingleOrDefault());
}
public DtoValidationResult GlobalLogin(string userName, string password, string loginType)
{
var validationResult = new DtoValidationResult
{
ErrorMessage = "Incorrect Username Or Password",
Success = false
};
var auditLog = new EntityAuditLog();
var auditLogService = new ServiceAuditLog();
auditLog.ObjectId = -1;
auditLog.ObjectName = userName;
auditLog.UserId = -1;
auditLog.ObjectType = "User";
auditLog.AuditType = EnumAuditEntry.AuditType.FailedLogin;
//Check if user exists in database
var user = _userServices.GetUser(userName);
if (user == null)
{
//Check For a first time LDAP User Group Login
if (ServiceSetting.GetSettingValue(SettingStrings.LdapEnabled) == "1")
{
foreach (var ldapGroup in _userGroupServices.GetLdapGroups())
{
if (new LdapServices().Authenticate(userName, password, ldapGroup.GroupLdapName))
{
//user is a valid ldap user via ldap group that has not yet logged in.
//Add the user and allow login.
var cdUser = new EntityToemsUser
{
Name = userName,
Salt = Utility.CreateSalt(64),
IsLdapUser = 1,
Membership = "User",
Theme = "dark",
};
//Create a local random db pass, should never actually be possible to use.
cdUser.Password = Utility.CreatePasswordHash(Utility.GenerateKey(), cdUser.Salt);
if (_userServices.AddUser(cdUser).Success)
{
//add user to group
var newUser = _userServices.GetUser(userName);
_userGroupServices.AddNewGroupMember(ldapGroup.Id, newUser.Id);
auditLog.UserId = newUser.Id;
auditLog.ObjectId = newUser.Id;
validationResult.Success = true;
auditLog.AuditType = EnumAuditEntry.AuditType.SuccessfulLogin;
break;
}
}
}
}
auditLogService.AddAuditLog(auditLog);
return(validationResult);
}
if (_userLockoutServices.AccountIsLocked(user.Id))
{
_userLockoutServices.ProcessBadLogin(user.Id);
validationResult.ErrorMessage = "Account Is Locked";
auditLog.UserId = user.Id;
auditLog.ObjectId = user.Id;
auditLogService.AddAuditLog(auditLog);
return(validationResult);
}
//Check against AD
if (user.IsLdapUser == 1 && ServiceSetting.GetSettingValue(SettingStrings.LdapEnabled) == "1")
{
//Check if user is authenticated against an ldap group
if (user.UserGroupId != -1)
{
//user is part of a group, is the group an ldap group?
var userGroup = _userGroupServices.GetUserGroup(user.UserGroupId);
if (userGroup != null)
{
if (userGroup.IsLdapGroup == 1)
{
//the group is an ldap group
//make sure user is still in that ldap group
if (new LdapServices().Authenticate(userName, password, userGroup.GroupLdapName))
{
validationResult.Success = true;
}
else
{
//user is either not in that group anymore, not in the directory, or bad password
validationResult.Success = false;
if (new LdapServices().Authenticate(userName, password))
{
//password was good but user is no longer in the group
//delete the user
_userServices.DeleteUser(user.Id);
}
}
}
else
{
//the group is not an ldap group
//still need to check creds against directory
if (new LdapServices().Authenticate(userName, password))
{
validationResult.Success = true;
}
}
}
else
{
//group didn't exist for some reason
//still need to check creds against directory
if (new LdapServices().Authenticate(userName, password))
{
validationResult.Success = true;
}
}
}
else
{
//user is not part of a group, check creds against directory
if (new LdapServices().Authenticate(userName, password))
{
validationResult.Success = true;
}
}
}
else if (user.IsLdapUser == 1 && ServiceSetting.GetSettingValue(SettingStrings.LdapEnabled) != "1")
{
//prevent ldap user from logging in with local pass if ldap auth gets turned off
validationResult.Success = false;
}
//Check against local DB
else
{
var hash = Utility.CreatePasswordHash(password, user.Salt);
if (user.Password == hash)
{
validationResult.Success = true;
}
}
if (validationResult.Success)
{
auditLog.AuditType = EnumAuditEntry.AuditType.SuccessfulLogin;
auditLog.UserId = user.Id;
auditLog.ObjectId = user.Id;
auditLogService.AddAuditLog(auditLog);
_userLockoutServices.DeleteUserLockouts(user.Id);
return(validationResult);
}
auditLog.AuditType = EnumAuditEntry.AuditType.FailedLogin;
auditLog.UserId = user.Id;
auditLog.ObjectId = user.Id;
auditLogService.AddAuditLog(auditLog);
_userLockoutServices.ProcessBadLogin(user.Id);
return(validationResult);
}
