private void ResetFailedTime(string email)
{
using (var _u = new BegiumUnit())
{
_u.UserUnit.UpdateEach(x => x.Email == email, x => x.NumLoginAttemptFail = 0, true);
_u.SuperAdminUnit.UpdateEach(x => x.Email == email, x => x.NumLoginAttemptFail = 0, true);
}
}
private void IncreaseFailedTime(string email)
{
using (var _u = new BegiumUnit())
{
_u.UserUnit.UpdateEach(x => x.Email == email && x.NumLoginAttemptFail < 120, x => x.NumLoginAttemptFail += 1, true);
_u.SuperAdminUnit.UpdateEach(x => x.Email == email && x.NumLoginAttemptFail < 120, x => x.NumLoginAttemptFail += 1, true);
}
}
private bool loginNormalUser(HttpContext ctx, string email, string pwd)
{
UserLoginLog log = prepareLog(ctx, email);
bool result = false;
using (var _u = new BegiumUnit())
{
User uModel = _u.UserUnit.GetByLogin(email);
if (uModel == null)
{
return(result);
}
string hashedPwd = Util.Helper.GetSHA256Hash(pwd, uModel.SaltPassword);
User uInfo = _u.UserUnit.GetByLogin(email, hashedPwd);
using (var _lu = new BegiumLogUnit())
{
if (uInfo != null)
{
// write log
log.IsSuccess = true;
log.UserID = uInfo.UserID;
_lu.UserLoginLogUnit.Insert(log, true);
// update last login
_u.UserUnit.UpdateEach(x => x.UserID == uInfo.UserID, x => x.DateLastLogin = DateTime.Now.ToUniversalTime(), true);
// get user profile pic
var img = _u.ImageUnit.GetUniqueImage(uInfo.UserID, Core.ImageType.User);
if (img != null)
{
uInfo.ProfileImgURL = img.URL;
}
// get agencyName and branchName
string agencyName = "";
string branchName = "";
_u.UserUnit.GetBranchNameAgencyNameByUserID(uInfo.AgencyID, uInfo.UserID, ref agencyName, ref branchName);
uInfo.AgencyName = agencyName;
uInfo.BranchName = branchName;
// set user session
ctx.Session["CURRENT_USER_INFO"] = uInfo;
result = true;
}
else
{
// write log
log.UserID = 0;
_lu.UserLoginLogUnit.Insert(log, true);
}
}
}
return(result);
}
private void LockUser(string email)
{
using (var _u = new BegiumUnit())
{
_u.UserUnit.UpdateEach(x => x.Email == email && !x.IsLocked, x =>
{
x.IsLocked = true;
x.DateLocked = DateTime.UtcNow;
}, true);
_u.SuperAdminUnit.UpdateEach(x => x.Email == email && !x.IsLocked, x =>
{
x.IsLocked = true;
x.DateLocked = DateTime.UtcNow;
}, true);
}
}
public void LogOut(HttpContext ctx, bool goToLoginPage = true)
{
System.Web.Security.FormsAuthentication.SignOut();
ctx.Session.Clear();
ctx.Session.Abandon();
using (var _u = new BegiumUnit())
{
// Reset Language
_u.LocalizationStringUnit.LocalizationDicEn = null;
_u.LocalizationStringUnit.LocalizationDicSp = null;
}
Helper.CombineUserSession = null;
if (goToLoginPage)
{
ctx.Response.Redirect(Helper.LoginPage);
}
}
private bool loginSuperAdmin(HttpContext ctx, string email, string pwd)
{
UserLoginLog log = prepareLog(ctx, email);
bool result = false;
using (var _u = new BegiumUnit())
{
SuperAdmin sModel = _u.SuperAdminUnit.GetByLogin(email.Trim());
if (sModel == null)
{
return(result);
}
string hashedPwd = Util.Helper.GetSHA256Hash(pwd, sModel.SaltPassword);
SuperAdmin sInfo = _u.SuperAdminUnit.GetByLogin(email.Trim(), hashedPwd);
using (var _lu = new BegiumLogUnit())
{
if (sInfo != null)
{
// write log
log.IsSuccess = true;
log.UserID = sInfo.SuperAdminID;
_lu.UserLoginLogUnit.Insert(log, true);
// update last login
_u.SuperAdminUnit.UpdateEach(x => x.SuperAdminID == sInfo.SuperAdminID, x => x.DateLastLogin = DateTime.Now.ToUniversalTime(), true);
// set user session
ctx.Session["CURRENT_USER_INFO"] = sInfo;
result = true;
}
else
{
// write log
log.UserID = 0;
_lu.UserLoginLogUnit.Insert(log, true);
}
}
}
return(result);
}
public static string[] GetRoles(string login)
{
var currentCache = HttpContext.Current.Cache;
string key = "ROLE_" + login.ToUpper();
List <string> roles = new List <string>();
if (currentCache[key] != null)
{
return((string[])currentCache[key]);
}
using (var u = new BegiumUnit())
{
User normalUser = u.UserUnit.GetByLogin(login);
if (normalUser != null)
{
roles.Add("AGENCYUSER");
}
else
{
SuperAdmin sa = u.SuperAdminUnit.GetByLogin(login);
if (sa != null)
{
roles.Add("SUPERADMIN");
}
}
}
currentCache.Add(key,
roles.ToArray(),
null,
DateTime.Now.AddMinutes(60),
TimeSpan.Zero,
System.Web.Caching.CacheItemPriority.Default,
(x, y, z) => _log.WarnFormat("Cache {0} is expired!", key));
return(roles.ToArray());
}
/// <summary>
/// Impersonate user
/// </summary>
/// <param name="ctx"></param>
/// <param name="timeToLive">Specify how many MINUTES should the key live</param>
/// <returns></returns>
public LoginResult impersonate(HttpContext ctx, int timeToLive = 15)
{
LoginResult res = new LoginResult();
// IMPORTANT!!! clear all session first
ctx.Session.Clear();
using (var _u = new BegiumUnit())
{
// Reset Language
_u.LocalizationStringUnit.LocalizationDicEn = null;
_u.LocalizationStringUnit.LocalizationDicSp = null;
Helper.CombineUserSession = null;
string token = ctx.Request.Params["token"];
string key = "";
try
{
key = LoginManager.DecryptImpersonateKey(token);
}
catch (Exception ex)
{
_log.Error("Could not DecryptImpersonateKey: " + token, ex);
res.Message = "Token is invalid.";
return(res);
}
KeyValuePair <int, DateTime> kv = new KeyValuePair <int, DateTime>();
try
{
kv = LoginManager.ValidateImpersonateKey(key, 15);
}
catch (Exception ex)
{
_log.Error("Could not ValidateImpersonateKey: " + token, ex);
res.Message = ex.Message;
return(res);
}
var uInfo = _u.UserUnit.GetByID(kv.Key);
if (uInfo == null)
{
res.Message = "User not found.";
return(res);
}
else if (!uInfo.IsActive)
{
res.Message = "User is inactive.";
return(res);
}
// everything looks fine now ...
try
{
// write log
UserLoginLog log = prepareLog(ctx, uInfo.Email);
// append SSO info
log.SSOToken = token;
log.SSOTimestamp = kv.Value;
log.IsSuccess = true;
log.UserID = uInfo.UserID;
using (var _lu = new BegiumLogUnit())
{
_lu.UserLoginLogUnit.Insert(log, true);
}
// update last login
_u.UserUnit.UpdateEach(x => x.UserID == uInfo.UserID, x => x.DateLastLogin = DateTime.Now.ToUniversalTime(), true);
// get user profile pic
var img = _u.ImageUnit.GetUniqueImage(uInfo.UserID, Core.ImageType.User);
if (img != null)
{
uInfo.ProfileImgURL = img.URL;
}
// get agencyName and branchName
string agencyName = "";
string branchName = "";
_u.UserUnit.GetBranchNameAgencyNameByUserID(uInfo.AgencyID, uInfo.UserID, ref agencyName, ref branchName);
uInfo.AgencyName = agencyName;
uInfo.BranchName = branchName;
// set user session
ctx.Session["CURRENT_USER_INFO"] = uInfo;
// set cookie
FormsAuthentication.SetAuthCookie(uInfo.Email, false);
// make response successful
res.IsSuccess = true;
res.Url = ServerRoot + "/Agency/Index.aspx";
}
catch (Exception ex)
{
_log.Error("Could not finish impersonate process.", ex);
res.Message = "Unable to process request. Please try again later.";
}
}
return(res);
}
public LoginResult impersonateSetPWForSA(HttpContext ctx)
{
LoginResult res = new LoginResult();
// IMPORTANT!!! clear all session first
ctx.Session.Clear();
using (var _u = new BegiumUnit())
{
using (var _ul = new BegiumLogUnit())
{
// Reset Language
_u.LocalizationStringUnit.LocalizationDicEn = null;
_u.LocalizationStringUnit.LocalizationDicSp = null;
Helper.CombineUserSession = null;
string token = ctx.Request.Params["token"];
string key = "";
try
{
key = LoginManager.DecryptImpersonateKey(token);
}
catch (Exception ex)
{
_log.Error("Could not DecryptImpersonateKey: " + token, ex);
res.Message = "Token is invalid.";
return(res);
}
KeyValuePair <int, Guid> kv = new KeyValuePair <int, Guid>();
try
{
kv = LoginManager.ValidateImpersonateKeySetPW(key);
}
catch (Exception ex)
{
_log.Error("Could not ValidateImpersonateKey: " + token, ex);
res.Message = ex.Message;
return(res);
}
//valid OTP
var otp = _ul.OneTimePWUnit.GetOTPByOTPKey(kv.Key, kv.Value);
if (otp == null)
{
res.Message = "not valid";
return(res);
}
else if (otp.DateFirstLogin.Year > 1900)
{
res.Message = "Este enlace ya no es válido";
return(res);
}
SuperAdmin uInfo = _u.SuperAdminUnit.GetByID(kv.Key);
if (uInfo == null)
{
res.Message = "User not found.";
return(res);
}
else if (!uInfo.IsActive)
{
res.Message = "User is inactive.";
return(res);
}
// everything looks fine now ...
otp.DateFirstLogin = DateTime.UtcNow;
_ul.OneTimePWUnit.Update(otp, true);
try
{
// write log
UserLoginLog log = prepareLog(ctx, uInfo.Email);
// append SSO info
log.SSOToken = token;
log.SSOTimestamp = DateTime.UtcNow;
log.IsSuccess = true;
log.UserID = uInfo.SuperAdminID;
using (var _lu = new BegiumLogUnit())
{
_lu.UserLoginLogUnit.Insert(log, true);
}
// update last login
_u.UserUnit.UpdateEach(x => x.UserID == uInfo.SuperAdminID, x => x.DateLastLogin = DateTime.Now.ToUniversalTime(), true);
// set user session
ctx.Session["CURRENT_USER_INFO"] = uInfo;
// set cookie
FormsAuthentication.SetAuthCookie(uInfo.Email, false);
// make response successful
res.IsSuccess = true;
res.Url = "~/SuperAdmin/Agency/AgenciesManager.aspx";
}
catch (Exception ex)
{
_log.Error("Could not finish impersonate process.", ex);
res.Message = "Unable to process request. Please try again later.";
}
}
}
return(res);
}
