public ActionResult FailedLogin(AuthStartRequestModel model, string ReturnUrl) { ViewData["LoginMessage"] = ModelState.Last().Value; return(Login(model, ReturnUrl)); }
public ActionResult Login(AuthStartRequestModel model, string ReturnUrl) { Dictionary <int, string> tenantList = (Dictionary <int, string>)Session["TenantList"]; if (ModelState.IsValid) { var userInfo = _coreService.LoadModel <IRISUserModel>(conName: "IrisAuth").FirstOrDefault(u => u.UserName == model.Username); if (userInfo != null) { var hashPassword = CryptoHelper.ComputeHash(model.Password, userInfo.SALT); if (userInfo.HashPassword != hashPassword) { ModelState.AddModelError(string.Empty, "Invalid email and/or password."); return(View("Login", model)); } if (userInfo.LoginChangePassword.HasValue ? !userInfo.LoginChangePassword.Value : false) { HttpCookie sessionCookie = _userService.StartSessionCookie(model.Username, model.Password); if (sessionCookie != null) { Session["DefaultTenantKey"] = userInfo.DefaultTenant_Key; Session["CurrentTenantKey"] = userInfo.DefaultTenant_Key; Session["CurrentGeneralAccessLevel"] = userInfo.GeneralAccessLevel; Session["CurrentUserKey"] = userInfo.User_Key; Session["CurrentUserName"] = userInfo.UserName; Session["ConString"] = "User" + userInfo.DefaultTenant_Key.ToString(); pageHelper.CreateTables(); Response.Cookies.Set(sessionCookie); if (string.IsNullOrEmpty(ReturnUrl)) { return(RedirectToAction(actionName: "ReportMain", controllerName: "ReportApp")); } else { return(Redirect(ReturnUrl)); } } else { ModelState.AddModelError(string.Empty, "Invalid email and/or password."); return(View("Login", model)); } } else { if (Session["ExpirationTime"] != null && (DateTime)Session["ExpirationTime"] < DateTime.Now) { ModelState.AddModelError(string.Empty, "Your temporary password has expired. Click the Forgot Your Password link to receive a new one."); LostPasswordModel expiredPassword = new LostPasswordModel(); expiredPassword.Email = model.Username; expiredPassword.FirstName = userInfo.FirstName; ForgotPassword(expiredPassword); return(View("Login", model)); } else { var IRISUserModel = new ChangePasswordViewModel { UserName = model.Username }; return(RedirectToAction("ChangePassword", "ReportApp", IRISUserModel)); } } } else { ModelState.AddModelError(string.Empty, "Invalid email and/or password."); return(View("Login", model)); } } return(View("ReportMain", model)); }