public ActionResult Edit(long id, Roles roleId)
{
var currentSession = _sessionContext.UserSession.CurrentOrganizationRole;
if (currentSession.UserId == id && currentSession.RoleId == (long)roleId)
{
var profileEditModel = _userProfileService.GetProfileEditModel(id);
if (string.IsNullOrEmpty(profileEditModel.Secret))
{
string secret = "", enc = "";
secret = TimeBasedOneTimePassword.GenerateSecret(out enc);
TempData["EncodedSecret"] = secret;
profileEditModel.EncodedSecret = enc;
}
else
{
TempData["EncodedSecret"] = profileEditModel.Secret;
profileEditModel.EncodedSecret = TimeBasedOneTimePassword.EncodeSecret(profileEditModel.Secret);
}
if (roleId == Roles.Technician)
{
var technicianProfile = _technicianRepository.GetTechnician(currentSession.OrganizationRoleUserId);
profileEditModel.TechnicianPin = technicianProfile != null ? technicianProfile.Pin : "0000";
}
return(View(profileEditModel));
}
Response.RedirectUser("/Home/UnauthorizeAccess");
return(null);
}
public ActionResult Setup()
{
//to do : if user pastes the url then move him to dashboard based on condition if the entry is present in the database
if (_sessionContext.UserSession == null)
{
return(RedirectToAction("Index"));
}
var IsOnGlobalSettingChange = false;
var loginSettings = _loginSettingRepository.Get(_sessionContext.UserSession.UserId);
if (TempData["IsOnGlobalSettingChange"] != null)
{
IsOnGlobalSettingChange = (bool)TempData["IsOnGlobalSettingChange"];
}
var setPinOnly = TempData["setPinOnly"];
if (loginSettings != null && loginSettings.IsFirstLogin == false && IsOnGlobalSettingChange == false && (setPinOnly == null || (bool)setPinOnly == false))
{
Response.RedirectUser("/Users/Role/Switch?roleId=" + _sessionContext.UserSession.CurrentOrganizationRole.RoleId + "&organizationId=" + _sessionContext.UserSession.CurrentOrganizationRole.OrganizationId);
return(null);
}
var isTwoFactorAuthrequired = (bool)TempData["IsTwoFactorAuthrequired"];
string secret = "", enc = "";
secret = TimeBasedOneTimePassword.GenerateSecret(out enc);
TempData["EncodedSecret"] = secret;
var role = _roleRepository.GetByRoleId(_sessionContext.UserSession.CurrentOrganizationRole.RoleId);
var model = new SetupViewModel()
{
EncodedSecret = enc,
IsPinRequired = role.IsPinRequired,
UserLoginId = _sessionContext.UserSession.CurrentOrganizationRole.UserId
};
if (isTwoFactorAuthrequired)
{
model.IsOtpBySmsEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms) == "True";
model.IsOtpByEmailEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail) == "True";
model.IsOtpByAppEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator) == "True";
}
if (setPinOnly != null && (bool)setPinOnly)
{
model.IsOtpBySmsEnabled = false;
model.IsOtpByEmailEnabled = false;
model.IsOtpByAppEnabled = false;
}
TempData.Keep("setPinOnly");
TempData.Keep("IsTwoFactorAuthrequired");
TempData.Keep("IsOnGlobalSettingChange");
return(View(model));
}
public ActionResult GetQrCode(long userId)
{
var loginSettings = _loginSettingRepository.Get(userId);
if (loginSettings != null)
{
var secret = loginSettings.GoogleAuthenticatorSecretKey;
Session["EncodedSecret"] = secret;
if (string.IsNullOrEmpty(secret))
{
string enc = "";
secret = TimeBasedOneTimePassword.GenerateSecret(out enc);
Session["EncodedSecret"] = secret;
ViewBag.EncodedSecret = enc;
}
else
{
Session["EncodedSecret"] = secret;
ViewBag.EncodedSecret = TimeBasedOneTimePassword.EncodeSecret(secret);
}
}
return(View());
}
