//
// POST: /Account/LogOff
//[HttpPost]
//[ValidateAntiForgeryToken]
public ActionResult LogOff()
{
//AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
SessionPersister.LogOut();
return(RedirectToAction("Login"));
//return RedirectToAction("Login", "Account");
}
public Account tryLoginAccountByAccount(Account account)
{
using (var db = new BaseDbContext())
{
var encPassword = account.MakeEncryptedPassword(account.Password);
Account _account = findAccountByAccountUsername(account);
if (_account != null)
{
if (_account.Password == encPassword)
{
if (!_account.isEnabled)
{
return(_account);
}
else if (_account.LoginFails < 3)
{
db.Entry(_account).State = EntityState.Modified;
_account.LastLogin = DateTimeExtensions.GetServerTime();
_account.LoginFails = 0;
db.SaveChanges();
SessionPersister.createSessionForAccount(_account);
}
}
else
{
db.Entry(_account).State = EntityState.Modified;
_account.LoginFails = _account.LoginFails + 1;
db.SaveChanges();
return(null);
}
}
return(_account);
}
}
public string tryChangePassword(Account account, String newPassword, bool shouldInvalidateResetPasswordNeeds = false)
{
var encPassword = account.MakeEncryptedPassword(newPassword);
Account _account = findAccountByID(account.AccountID);
if (_account != null)
{
var passwords = _account.historyPasswordList();
// check if this password is already used in the list
// if yes, then return error message
for (var i = 0; i < passwords.Count; i++)
{
var pass = passwords[i];
if (pass == encPassword)
{
return("New password must be different from your 9 previously used passwords");
}
}
using (var db = new BaseDbContext())
{
db.Entry(_account).State = EntityState.Modified;
_account.Password = encPassword;
_account.ConfirmPassword = encPassword;
_account.LastPasswordModifiedAt = DateTimeExtensions.GetServerTime();
if (shouldInvalidateResetPasswordNeeds)
{
_account.NeedChangePassword = false;
}
passwords.Add(encPassword);
while (passwords.Count > 9)
{
passwords.RemoveAt(0);
}
_account.historyPasswords = _account.historyPasswordsFromList(passwords);
db.SaveChanges();
SessionPersister.updateSessionForAccount();
account.Password = _account.Password;
account.ConfirmPassword = _account.ConfirmPassword;
}
AuditLogDbContext.getInstance().createAuditLogAccountAction(account, AuditLogDbContext.ACTION_CHANGE_PASSWORD);
return(null);
}
else
{
return("Change password failed: Account not found");
}
}
public void Cerrar()
{
try
{
SessionPersister.LogOutSession();
}
catch (Exception ex)
{
string me = ex.Message;
}
}
public async Task <ActionResult> Bid(BuyItemView viewCollection)
{
if (await services.UserClient().CheckTokenTimeAsync(SessionPersister.Token))
{
// no bid there right now
if (viewCollection.ServiceItem.WinningBid != null)
{
// check if the amount is higher than the previous bid
if (viewCollection.WebItem.Amount <= viewCollection.ServiceItem.WinningBid.Amount)
{
Information("Your offer is too low! ");
return(View(viewCollection));
}
}
// offer is beneath the initial price
if (viewCollection.WebItem.Amount <= viewCollection.ServiceItem.InitialPrice)
{
Information("Your offer is too low! ");
return(View(viewCollection));
}
// seller and buyer is the same
if (string.Equals(SessionPersister.Username, viewCollection.ServiceItem.SellerUser.UserName))
{
Danger("You can't bid on your own item ");
return(View(viewCollection));
}
// Place bid
if (await services.BidClient().BidOnItemAsync(viewCollection.WebItem.ItemId, viewCollection.WebItem.Amount, SessionPersister.Token))
{
viewCollection.ServiceItem = null;
viewCollection.WebItem.Amount = 0;
viewCollection.ServiceItem = await services.ItemClient().GetItemByIdAsync(viewCollection.WebItem.ItemId);
Success("Your bid was placed");
return(View(viewCollection));
}
Danger("Your bid was not placed");
return(View(viewCollection));
}
else
{
SessionPersister.Logout();
Danger("Your session timed out");
return(RedirectToAction("Login", "Account"));
}
}
// GET: Account
public ActionResult Index()
{
if (!SessionPersister.IsInRole("user"))
{
return(Redirect("/Home/Index"));
}
UserEntity user = userService.GetByLogin(SessionPersister.Username);
AccountViewModel avm = new AccountViewModel()
{
Login = user.Login,
Email = user.Email,
FirstName = user.FirstName,
SecondName = user.SecondName,
ThirdName = user.ThirdName
};
return(View(avm));
}
public ActionResult LogOut()
{
SessionPersister.LogOut();
return(RedirectToAction("Login"));
}
public RedirectToRouteResult Deslogar()
{
SessionPersister.Deslogar();
return(RedirectToAction("Index", "Home"));
}
public string tryChangeProfile(Account account)
{
List <string> modified_fields = new List <string>();
Account _account = findAccountByID(account.AccountID);
if (_account != null)
{
using (var db = new BaseDbContext())
{
db.Entry(_account).State = EntityState.Modified;
if (account.RoleList != null)
{
account.Role = String.Join(",", account.RoleList);
}
else if (account.Role == null)
{
account.Role = "";
}
if (_account.Role != account.Role)
{
modified_fields.Add("Role");
}
if (_account.Username != account.Username)
{
modified_fields.Add("Username");
}
if (_account.Email != account.Email)
{
modified_fields.Add("Email");
}
if (_account.Firstname != account.Firstname)
{
modified_fields.Add("Firstname");
}
if (_account.Lastname != account.Lastname)
{
modified_fields.Add("Lastname");
}
if (_account.GroupID != account.GroupID)
{
modified_fields.Add("GroupID");
}
if (_account.isEnabled != account.isEnabled)
{
modified_fields.Add("isEnabled");
}
_account.Role = account.Role;
_account.Username = account.Username;
_account.Email = account.Email;
_account.Firstname = account.Firstname;
_account.Lastname = account.Lastname;
_account.GroupID = account.GroupID;
_account.isEnabled = account.isEnabled;
SessionPersister.updateSessionForAccount();
db.SaveChanges();
}
AuditLogDbContext.getInstance().createAuditLogAccountAction(account, AuditLogDbContext.ACTION_EDIT, modified_fields);
return(null);
}
else
{
return("Change password failed: Account not found");
}
}
public void tryLogout()
{
SessionPersister.removeSession();
}
public ActionResult LogOut()
{
SessionPersister.LogOutSession();
FormsAuthentication.SignOut();
return(RedirectToAction("Login", "Seguridad"));
}
public ActionResult Logout()
{
SessionPersister.Logout();
return(RedirectToAction("Index", "Home"));
}
