public override void OnResultExecuting(ResultExecutingContext filterContext)
{
if (filterContext.RequestContext.HttpContext.Request.IsAuthenticated)
{
string clientIp = filterContext.RequestContext.HttpContext.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (string.IsNullOrEmpty(clientIp))
{
clientIp = filterContext.RequestContext.HttpContext.Request.UserHostAddress;
}
//string SessionID = filterContext.RequestContext.HttpContext.Session.SessionID;
var httpCookie = filterContext.RequestContext.HttpContext.Request.Cookies["ELTSession"];
if (httpCookie != null)
{
string SessionID = httpCookie.Value;
AuthenticationBL sMgr = new AuthenticationBL();
string Msg = "";
bool isUserValid = sMgr.CheckSession(2, filterContext.RequestContext.HttpContext.Session["login_name"].ToString(), Convert.ToInt32(filterContext.RequestContext.HttpContext.Session["elt_account_number"]), "", SessionID, filterContext.RequestContext.HttpContext.Request.Url.PathAndQuery, out Msg);
if (!isUserValid)
{
try
{
HttpContext.Current.Response.Redirect("~/Account/LogOff?Msg=" + Msg);
}
catch (Exception) { }//There are casese when Redirection already took place. In this case, the redirection will not work.
}
}
}
base.OnResultExecuting(filterContext);
}
public ActionResult PageAccess(List <AuthorizedPage> model)
{
AuthenticationBL BL = new AuthenticationBL();
BL.UpdateAuthorizePage(Convert.ToInt32(Session["elt_account_number"]), model[0].user_id, model);
return(View(model));
}
private List <SelectListItem> GetManifestTypesDmMAWB(string DmMAWB)
{
DomesticFreightBL aeBL = new DomesticFreightBL();
AuthenticationBL bl = new AuthenticationBL();
ELTUser authBLGetELTUser = null;
authBLGetELTUser = bl.GetELTUser(User.Identity.Name);
int ELT_ACCOUNT_NUMBER = Convert.ToInt32(authBLGetELTUser.elt_account_number);
List <ManifestAgentInfo> agents = aeBL.GetAgentsInDmMAWB(ELT_ACCOUNT_NUMBER, DmMAWB);
List <SelectListItem> items = new List <SelectListItem>();
items.Add(new SelectListItem {
Text = "Consolidated Manifest", Value = "All"
});
foreach (var agent in agents)
{
string text = agent.agent_name;
string value = String.Format("mawb={0}&Agent={1}&MasterAgentNo=0", DmMAWB, agent.agent_no);
items.Add(new SelectListItem {
Text = text, Value = HttpUtility.HtmlEncode(value)
});
}
return(items);
}
public int SendRegisterOtp(string MobileNo)
{
using (EAharaDB context = new EAharaDB())
{
if (MobileNo != "" && MobileNo != null)
{
var old = context.Customers.FirstOrDefault(x => x.IsActive && x.MobileNo == MobileNo);
if (old != null)
{
return(2);
}
AuthenticationBL authBl = new AuthenticationBL();
int Otp = authBl.GenerateUserOtp(MobileNo);
if (Otp > 0)
{
MessageController messagectrl = new MessageController();
string msg = Otp + " is your Eahara verification code no, which expires in few minutes.";
messagectrl.sendOTPSMS(msg, MobileNo);
return(Otp);
}
}
}
return(0);
}
public JsonResult Authentications(string UserName, string Password)
{
AuthenticationBL obj = new AuthenticationBL(_context, _httpContextAccessor);
bool result = obj.AuthenticateUser(UserName, Password);
return(Json(result));
}
public bool LogOutWithToken(TokenInfoDto tokenInfo)
{
if (tokenInfo != null)
{
return(AuthenticationBL.LogOutWithToken(tokenInfo.Token));
}
return(false);
}
public ActionResult SignOut()
{
AuthenticationBL sMgr = new AuthenticationBL();
string Msg = "";
var httpCookie = Request.Cookies["ELTSession"];
sMgr.CheckSession(3, Session["login_name"].ToString(), Convert.ToInt32(Session["elt_account_number"]), "", httpCookie.Value, "", out Msg);
WebSecurity.Logout();
authBL.PerformDBLogOutFromLegacyASPNET();
return(RedirectToAction("Index", "Home"));
}
public ActionResult PageAccess(string UID)
{
List <AuthorizedPage> pages = new List <AuthorizedPage>();
if (UID != null)
{
AuthenticationBL BL = new AuthenticationBL();
pages = BL.GetAuthorizedPages(Convert.ToInt32(Session["elt_account_number"]), int.Parse(UID));
}
return(View(pages));
}
protected void CheckAccess()
{
ViewBag.NotAllowed = false;
AuthenticationBL BL = new AuthenticationBL();
string url = HttpUtility.UrlDecode(Request.Url.PathAndQuery);
if (Request.Url.Query != "")
{
url = url.Replace(Request.Url.Query, "");
}
if (url.ToLower().Contains("/dataready"))
{
url = url.Substring(0, url.ToLower().IndexOf("/dataready"));
}
if (url.ToLower().Contains("/window"))
{
url = url.Substring(0, url.ToLower().IndexOf("/window"));
}
if (url.ToLower().Contains("/parm"))
{
url = url.Substring(0, url.ToLower().IndexOf("/parm"));
}
if (url.ToLower().Contains("="))
{
url = url.Substring(0, url.ToLower().IndexOf("="));
url = url.Substring(0, url.ToLower().LastIndexOf("/") + 1);
}
if (url.EndsWith("/"))
{
url = url.Substring(0, url.ToLower().LastIndexOf("/"));
}
if (!BL.CheckAllowed(url, Session["login_name"].ToString()))
{
ViewBag.NotAllowed = true;
string return_url = "/SiteAdmin/";
if (Session["PevUrl"] != null)
{
// return_url = Convert.ToString(Session["PevUrl"]);
}
ViewBag.Referer = return_url;
}
else
{
Session["PevUrl"] = url;
}
}
public ActionResult CreateSystemUser()
{
if (ConfigurationManager.AppSettings["SysAdmin"] == "True")
{
string UserName = "******";
if (!WebSecurity.UserExists(UserName))
{
AuthenticationBL bl = new AuthenticationBL();
WebSecurity.CreateUserAndAccount(UserName, "elt1234_forever", new { elt_account_number = 80002000 });
bl.CopyUser(80002000, bl.GetELTUser("80002000", 1000).login_name, "system");
}
}
return(new EmptyResult());
}
public HttpResponseMessage SignInUser(SignInRequest request)
{
try
{
var session = AuthenticationBL.SignInUser(request.Email, request.Password);
return(Request.CreateResponse(HttpStatusCode.OK, session));
}
catch (WrongEmailOrPasswordException)
{
return(Request.CreateResponse(HttpStatusCode.Unauthorized, new { Message = "Wrong email or password." }));
}
catch (Exception ex)
{
return(HandleInternalServerError(ex));
}
}
public TokenInfoDto LoginWithUserName(UserDto loginInfo)
{
TokenInfoDto sessionDto = new TokenInfoDto();
if (loginInfo.UserName != null && loginInfo.Password != null)
{
var userSession = AuthenticationBL.LoginWithUserName(loginInfo.UserName, loginInfo.Password);
if (userSession != null)
{
sessionDto.Role = userSession.User.Role;
sessionDto.UserId = userSession.User.Id;
sessionDto.UserName = userSession.User.UserName;
sessionDto.Token = userSession.Token;
return(sessionDto);
}
}
return(null);
}
public ActionResult InitAuthPages()
{
// public void InitAuthorizePage(int elt_account_number, int user_id, int user_type)
int user_id = Convert.ToInt32(Request.QueryString["user_id"]);
int user_type = Convert.ToInt32(Request.QueryString["user_type"]);
AuthenticationBL bl = new AuthenticationBL();
string elt_account_number = Request.Cookies["CurrentUserInfo"]["elt_account_number"];
var me = bl.GetELTUser(User.Identity.Name);
bool result = false;
if (me.user_type == "9")
{
result = bl.InitAuthorizePage(int.Parse(elt_account_number), user_id, user_type);
}
return(new ContentResult()
{
Content = result.ToString()
});
}
public SmsPostDto SendTroubleOtp(string MobileNo)
{
using (EAharaDB context = new EAharaDB())
{
SmsPostDto smsdto = new SmsPostDto();
if (MobileNo != "" && MobileNo != null)
{
var old = context.Customers.FirstOrDefault(x => x.IsActive && x.MobileNo == MobileNo);
if (old == null)
{
smsdto.Message = "NotRegistered";
return(smsdto);
}
AuthenticationBL authBl = new AuthenticationBL();
int Otp = authBl.GenerateUserOtp(MobileNo);
if (Otp > 0)
{
MessageController messagectrl = new MessageController();
string msg = Otp + " is your Eahara verification code no, which expires in few minutes.";
messagectrl.sendOTPSMS(msg, MobileNo);
var user = context.Users.FirstOrDefault(x => x.CustomerId == old.Id);
if (user != null)
{
smsdto.OTP = Otp;
smsdto.UserId = user.Id;
smsdto.Message = "Done";
return(smsdto);
}
else
{
smsdto.Message = "NoUser";
return(smsdto);
}
}
}
}
return(null);
}
//
// GET: /Account/Manage
public ActionResult ResetPWD()
{
int user_id = Convert.ToInt32(Request.QueryString["user_id"]);
string word = Request.QueryString["word"];
AuthenticationBL bl = new AuthenticationBL();
string elt_account_number = Request.Cookies["CurrentUserInfo"]["elt_account_number"];
var me = bl.GetELTUser(User.Identity.Name);
bool result = false;
if (me.user_type == "9")
{
string user_login = bl.GetEltLoginName(int.Parse(elt_account_number), user_id);
string token = WebSecurity.GeneratePasswordResetToken(user_login);
result = WebSecurity.ResetPassword(token, word);
}
return(new ContentResult()
{
Content = result.ToString()
});
}
public bool ChangePassword(UserDto userDto)
{
if (userDto != null)
{
using (EcommerceDB context = new EcommerceDB())
{
//var token = Request.Headers.Authorization.Parameter;
//User User = AuthenticationBL.IsTokenValid(token);
var user = context.Users.FirstOrDefault(X => X.Id == userDto.Id);
var passwordSalt = AuthenticationBL.CreatePasswordSalt(Encoding.ASCII.GetBytes(userDto.Password));
user.PasswordSalt = Convert.ToBase64String(passwordSalt);
var password = AuthenticationBL.CreateSaltedPassword(passwordSalt, Encoding.ASCII.GetBytes(userDto.Password));
user.Password = Convert.ToBase64String(password);
context.Entry(user).State = EntityState.Modified;
context.SaveChanges();
return(true);
}
}
return(false);
}
public bool ResetTroublePswd(UserDto dataDto)
{
if (dataDto != null)
{
using (EAharaDB context = new EAharaDB())
{
var oldusr = context.Users.FirstOrDefault(x => x.IsActive && x.Id == dataDto.Id);
if (oldusr != null)
{
var passwordSalt = AuthenticationBL.CreatePasswordSalt(Encoding.ASCII.GetBytes(dataDto.Password));
oldusr.PasswordSalt = Convert.ToBase64String(passwordSalt);
var password = AuthenticationBL.CreateSaltedPassword(passwordSalt, Encoding.ASCII.GetBytes(dataDto.Password));
oldusr.Password = Convert.ToBase64String(password);
context.SaveChanges();
return(true);
}
}
}
return(false);
}
public HttpResponseMessage SignUpUser(SignUpRequest request)
{
try
{
var session = AuthenticationBL.SignUpUser(request.Email, request.Handle, request.DisplayName, request.Password);
return(Request.CreateResponse(HttpStatusCode.OK, session));
}
catch (EmailAlreadyInUseException)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, new { Message = "Email already in use." }));
}
catch (HandleAlreadyInUseException)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest, new { Message = "Handle already in use." }));
}
catch (Exception ex)
{
return(HandleInternalServerError(ex));
}
}
protected virtual BasicAuthenticationIdentity FetchAuthHeader(HttpActionContext filterContext)
{
string Token = null;
var authRequest = filterContext.Request.Headers.Authorization;
if (authRequest != null && !String.IsNullOrEmpty(authRequest.Scheme) && authRequest.Scheme == "Basic")
{
Token = authRequest.Parameter;
}
if (string.IsNullOrEmpty(Token))
{
return(null);
}
var user = AuthenticationBL.IsTokenValid(Token);
if (user != null)
{
var credentials = new BasicAuthenticationIdentity(user.UserName, Token, user.Id);
return(credentials);
}
return(null);
}
public ActionResult CreateNewUser()
{
bool result = false;
// if (ConfigurationManager.AppSettings["SysAdmin"] == "True")
{
int user_id = Convert.ToInt32(Request.QueryString["user_id"]);
int user_type = Convert.ToInt32(Request.QueryString["user_type"]);
string word = Request.QueryString["word"];
AuthenticationBL bl = new AuthenticationBL();
string elt_account_number = Request.Cookies["CurrentUserInfo"]["elt_account_number"];
var me = bl.GetELTUser(User.Identity.Name);
if (me.user_type == "9")
{
var newuser = bl.GetELTUser(elt_account_number, user_id);
try
{
string UserName = newuser.login_name;
if (!WebSecurity.UserExists(UserName))
{
WebSecurity.CreateUserAndAccount(UserName, word, new { elt_account_number = elt_account_number });
}
}
catch (MembershipCreateUserException e)
{
ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
}
result = bl.InitAuthorizePage(int.Parse(elt_account_number), user_id, user_type);
}
}
return(new ContentResult()
{
Content = result.ToString()
});
}
private ActionResult DoLogin(LoginModel model)
{
AuthenticationBL sMgr = new AuthenticationBL();
string Msg = "";
Session["login_name"] = model.UserName;
var sessionId = Guid.NewGuid().ToString();
Response.Cookies.Add(new HttpCookie("ELTSession", sessionId));
bool isUserValid = sMgr.CheckSession(1, model.UserName, Convert.ToInt32(model.ELT_account_number), "", sessionId, Request.Url.PathAndQuery,
out Msg);
if (!isUserValid)
{
ModelState.AddModelError("", Msg);
return(View(model));
//There are casese when Redirection already took place. In this case, the redirection will not work.
}
System.Web.HttpContext.Current.Session["elt_account_number"] = model.ELT_account_number;
return(RedirectToAction("UserLandingPage", model));
}
public int RegisterCustomer(CustomerDto dataDto)
{
if (dataDto != null)
{
using (EAharaDB context = new EAharaDB())
{
using (var transaction = context.Database.BeginTransaction())
{
try
{
var oldusr = context.Users.FirstOrDefault(x => x.IsActive && x.UserName == dataDto.UserName);
if (oldusr != null)
{
return(2);
}
Customer cus = new Customer();
cus.Name = dataDto.Name;
cus.Email = dataDto.Email;
cus.MobileNo = dataDto.MobileNo;
cus.TelephoneNo = dataDto.TelephoneNo;
cus.Location = dataDto.Location;
cus.CreatedDate = DateTime.Now;
cus.Address = dataDto.Address;
cus.Photo = dataDto.Photo;
cus.RefNo = dataDto.RefNo;
cus.InstRefNo = dataDto.InstRefNo;
cus.Points = dataDto.Points;
cus.IsActive = true;
var traceNumber = context.TraceNoes.FirstOrDefault(x => x.Type == "CU");
if (traceNumber == null)
{
traceNumber = new TraceNo();
traceNumber.Type = "CU";
traceNumber.Number = 10001;
context.TraceNoes.Add(traceNumber);
}
else
{
traceNumber.Number += 1;
context.Entry(traceNumber).Property(x => x.Number).IsModified = true;
}
cus.RefNo = traceNumber.Type + traceNumber.Number;
if (dataDto.InstRefNo != null && dataDto.InstRefNo != "")
{
var oldClient = context.Customers.FirstOrDefault(x => x.IsActive && x.RefNo == dataDto.InstRefNo);
if (oldClient != null)
{
oldClient.Points = oldClient.Points + context.CompanyProfiles.FirstOrDefault().Points;
context.Entry(oldClient).Property(x => x.Points).IsModified = true;
}
}
cus.Points = cus.Points + context.CompanyProfiles.FirstOrDefault().RegPoints;
context.Customers.Add(cus);
context.SaveChanges();
if (dataDto.CustomerMMethods.Count() > 0)
{
foreach (var mm in dataDto.CustomerMMethods)
{
CustomerMMethod cmm = new CustomerMMethod();
cmm.CustomerId = cus.Id;
cmm.MMethodId = mm.MMethodId;
cmm.IsActive = true;
context.CustomerMMethods.Add(cmm);
}
}
Address add = new Address();
add.CustomerId = cus.Id;
add.Description = cus.Address;
add.Location = cus.Location;
add.Title = "Default";
context.Addresses.Add(add);
context.SaveChanges();
User usr = new User();
usr.UserName = dataDto.UserName;
var passwordSalt = AuthenticationBL.CreatePasswordSalt(Encoding.ASCII.GetBytes(dataDto.Password));
usr.PasswordSalt = Convert.ToBase64String(passwordSalt);
var password = AuthenticationBL.CreateSaltedPassword(passwordSalt, Encoding.ASCII.GetBytes(dataDto.Password));
usr.Password = Convert.ToBase64String(password);
usr.CustomerId = cus.Id;
usr.Role = "Customer";
usr.IsActive = true;
context.Users.Add(usr);
context.SaveChanges();
transaction.Commit();
return(1);
}
catch (Exception e)
{
transaction.Rollback();
return(0);
}
}
}
}
return(0);
}
protected void Page_Init(object sender, EventArgs e)
{
AuthenticationBL aBl = new AuthenticationBL();
aBl.UnifiySession(HttpContext.Current);
}
private FormsAuthenticationTicket ForceAuthentication(string UserName)
{
//try to authenticate user avoiding user to inert login credentials again
IAuthenticationBL blAuth = new AuthenticationBL();
FormsAuthenticationTicket ticket = blAuth.SetTicket(UserName);
blAuth.Dispose();
return ticket;
}
public bool Addusers(UserDto dataDto)
{
if (dataDto != null)
{
using (EAharaDB context = new EAharaDB())
{
if (dataDto.Id > 0)
{
var data = context.Users.FirstOrDefault(x => x.Id == dataDto.Id);
if (data != null)
{
data.UserName = dataDto.UserName;
data.ShopId = dataDto.ShopId;
data.EmployeeId = dataDto.EmployeeId;
data.MEDShopId = dataDto.MEDShopId;
data.Role = dataDto.Role;
if (dataDto.IsNotSkip != true)
{
var passwordSalt = AuthenticationBL.CreatePasswordSalt(Encoding.ASCII.GetBytes(dataDto.Password));
data.PasswordSalt = Convert.ToBase64String(passwordSalt);
var password = AuthenticationBL.CreateSaltedPassword(passwordSalt, Encoding.ASCII.GetBytes(dataDto.Password));
data.Password = Convert.ToBase64String(password);
}
context.Entry(data).Property(x => x.UserName).IsModified = true;
context.Entry(data).Property(x => x.Password).IsModified = true;
context.Entry(data).Property(x => x.PasswordSalt).IsModified = true;
context.Entry(data).Property(x => x.ShopId).IsModified = true;
context.Entry(data).Property(x => x.EmployeeId).IsModified = true;
context.Entry(data).Property(x => x.Role).IsModified = true;
context.Entry(data).Property(x => x.MEDShopId).IsModified = true;
context.SaveChanges();
return(true);
}
return(false);
}
else
{
var olduser = context.Users.FirstOrDefault(x => x.IsActive && x.UserName == dataDto.UserName);
if (olduser != null)
{
return(false);
}
User user = new User();
user.UserName = dataDto.UserName;
user.ShopId = dataDto.ShopId;
user.EmployeeId = dataDto.EmployeeId;
user.MEDShopId = dataDto.MEDShopId;
user.Role = dataDto.Role;
user.IsActive = true;
var passwordSalt = AuthenticationBL.CreatePasswordSalt(Encoding.ASCII.GetBytes(dataDto.Password));
user.PasswordSalt = Convert.ToBase64String(passwordSalt);
var password = AuthenticationBL.CreateSaltedPassword(passwordSalt, Encoding.ASCII.GetBytes(dataDto.Password));
user.Password = Convert.ToBase64String(password);
context.Users.Add(user);
context.SaveChanges();
return(true);
}
}
}
return(false);
}
public ActionResult UpdateLogin()
{
string newlogin = Request.QueryString["loginId"];
string oldLoginId = Request.QueryString["oldLoginId"];
string Content = "True";
if (oldLoginId == User.Identity.Name)
{
Content = "Self";
}
AuthenticationBL bl = new AuthenticationBL();
string elt_account_number = Request.Cookies["CurrentUserInfo"]["elt_account_number"];
var me = bl.GetELTUser(User.Identity.Name);
bool result = false;
string Msg = "";
if (me.user_type == "9")
{
result = bl.UpdateLoginId(newlogin, oldLoginId, Convert.ToInt32(elt_account_number), out Msg);
if (result == true)
{
return(new ContentResult()
{
Content = Content
});
}
else
{
if (Msg == "UserNotCreated")
{
Msg = "";
var OLD = bl.GetELTUser(oldLoginId);
if (OLD.login_name == oldLoginId)
{
WebSecurity.CreateUserAndAccount(oldLoginId, OLD.password);
using (UsersContext db = new UsersContext())
{
UserProfile user = db.UserProfiles.FirstOrDefault(u => u.UserName.ToLower() == oldLoginId.ToLower());
if (user != null)
{
user.elt_account_number = me.elt_account_number;
db.SaveChanges();
}
}
result = bl.UpdateLoginId(newlogin, oldLoginId, Convert.ToInt32(elt_account_number), out Msg);
if (result)
{
result = bl.InitAuthorizePage(int.Parse(elt_account_number), int.Parse(OLD.userid), int.Parse(OLD.user_type));
if (!result)
{
Msg = "Initial Authorization Failed!";
}
}
}
if (result == true)
{
return(new ContentResult()
{
Content = Content
});
}
else
{
return(new ContentResult()
{
Content = Msg
});
}
}
return(new ContentResult()
{
Content = Msg
});
}
}
else
{
return(new ContentResult()
{
Content = "You are not allowed to perform this action"
});
}
}
protected ELTUser GetCurrentELTUser()
{
AuthenticationBL authBL = new AuthenticationBL();
return(authBL.GetELTUser(Session["login_name"].ToString()));
}
