public AppUserDTO SaveUser(AppUserDTO dto) { if (ERSAIDB.Users.Any(u => u.UserName == dto.UserName && u.Id != dto.ID)) { throw new Exception("UserName has to be unique"); } var user = ERSAIDB.Users.Find(dto.ID) ?? ERSAIDB.Users.Add(new AppUser()); user.FromDTO(dto); var results = new List <ValidationResult>(); var context = new ValidationContext(user); if (!Validator.TryValidateObject(user, context, results, true)) { throw new Exception(string.Join(", ", results.Select(er => er.ErrorMessage))); } user.Id = user.Id ?? Guid.NewGuid().ToString(); if (dto.NewPassword != null) { user.PasswordHash = App.ASPIdentityPasswordHasher.HashPassword(dto.NewPassword); user.SecurityStamp = Guid.NewGuid().ToString(); } ERSAIDB.SaveChanges(); ERSAIDB.Entry(user).Reload(); dto.FromEF(user); return(dto); }
public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model) { if (!ModelState.IsValid) { return(View(model)); } if (User.IsInRole(AppRole.PersonalAccountRole)) { if (AppUser.PersonalAccountUser.CheckPassword(model.OldPassword) != true) { ModelState.AddModelError("", "Wrong current password"); return(View(model)); } var result = AppUser.PersonalAccountUser.SetNewPassword(model.NewPassword); ERSAIDB.SaveChanges(); return(RedirectToAction("Index", new { Message = ManageMessageId.ChangePasswordSuccess })); } else { var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword); if (result.Succeeded) { var user = await UserManager.FindByIdAsync(User.Identity.GetUserId()); if (user != null) { await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false); } return(RedirectToAction("Index", new { Message = ManageMessageId.ChangePasswordSuccess })); } AddErrors(result); return(View(model)); } }
public void DeleteUser(string UserID) { var user = ERSAIDB.Users.Find(UserID); if (user == null) { throw new Exception("Wrong UserID"); } ERSAIDB.Users.Remove(user); ERSAIDB.SaveChanges(); }
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return(View(model)); } var user = ERSAIDB.Users.FirstOrDefault(u => u.UserName == model.UserName); if (user != null) { var result = await SignInManager.PasswordSignInAsync(user.UserName, model.Password, model.RememberMe, false); switch (result) { case SignInStatus.Success: { if (user.Roles.Any(ur => ur.Role.Name == AppRole.UsersManagerRole)) { return(Redirect("/UserManagement")); } return(RedirectToLocal(returnUrl == "/" ? $"/{Areas.AreaNames.HumanResources}/Employees" : returnUrl ?? $"/{Areas.AreaNames.HumanResources}/Employees")); } case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.RequiresVerification: return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe })); default: { if (user.PersonalAccountUser == null) { ModelState.AddModelError("", "Incorrect password"); return(View(model)); } break; } } } #region PersonalInfoAuthorization var PaySlipUser = user?.PersonalAccountUser ?? ERSAIDB.PersonalAccountUsers.Find(model.UserName); if (PaySlipUser == null) { ModelState.AddModelError("", "No user with specified username"); return(View(model)); } if (!PaySlipUser.CheckPassword(model.Password)) { ModelState.AddModelError("", "Incorrect password"); return(View(model)); } //PaySlipUser = db.PayslipUsers.Find("6800033"); PaySlipUser.AppUser = PaySlipUser.AppUser ?? new AppUser() { Id = Guid.NewGuid().ToString(), SecurityStamp = Guid.NewGuid().ToString(), UserName = PaySlipUser.Badge }; ERSAIDB.VisitorsCouter_Data.Add(new DataModels.ERSAI.VisitorsCouter_Data() { BadgeNumLogin = model.UserName, Visit_date = DateTime.Now }); ERSAIDB.SaveChanges(); PaySlipUser.AppUser.ForPersonalCabinet = true; await SignInManager.SignInAsync(PaySlipUser.AppUser, model.RememberMe, false); return(RedirectToLocal(returnUrl == "/" ? $"/{Areas.AreaNames.PersonalAccount}" : returnUrl ?? $"/{Areas.AreaNames.PersonalAccount}")); #endregion }
public async Task <ActionResult> GetPassword(GetPasswordViewModel model) { if (ModelState.IsValid) { var employee = ERSAIDB.Employees.FirstOrDefault(e => e.BadgeNumber == model.BadgeNumber); if (employee == null) { ModelState.AddModelError("", "No employee with specified badge number"); return(View(model)); } if (employee.BirthDate?.Date != model.BirthDate?.Date) { ModelState.AddModelError("", "Wrong date of birth"); return(View(model)); } var payslipUser = ERSAIDB.PersonalAccountUsers.FirstOrDefault(u => u.Badge == employee.BadgeNumber); payslipUser = payslipUser ?? ERSAIDB.PersonalAccountUsers.Add(new DataModels.ERSAI.PersonalAccountUser() { Badge = employee.BadgeNumber, ModifiedDate = DateTime.Now }); /*payslipUser.AppUser = payslipUser.AppUser ?? new AppUser() * { * SecurityStamp = Guid.NewGuid().ToString(), * UserName = employee.BadgeNumber * };*/ var newPassword = payslipUser.SetNewPassword(); ERSAIDB.SaveChanges(); bool mailSent = false, SMSSent = false; if (App.SMTPClient != null) { try { App.SMTPClient.TrySendEmail(new IntegrationClients.SMTP.EmailMessage() { Body = $"Your new password is {newPassword}", Header = IntegrationClients.SMTP.MessageHeader.GetDefault(employee.FullName), Footer = IntegrationClients.SMTP.MessageFooter.GetDefault(), Subject = "Your new password", To = payslipUser.ERSAIAccount?.Mail }); mailSent = true; } catch { mailSent = false; } } if (App.SMSClient != null) { try { var response = await App.SMSClient.SendSMS(new IntegrationClients.Infobip.SMSMessage() { To = new[] { payslipUser.MobPhone?.Primary_MobilePhone }, Text = $"Your new payslip password is:{Environment.NewLine}{newPassword}" }); SMSSent = true; } catch { SMSSent = false; } } LoginPageMessage message; if (SMSSent || mailSent) { message = new LoginPageMessage() { CssClass = "positive", Content = $"Your new password was sent to {(mailSent ? (payslipUser.ERSAIAccount?.Mail + (SMSSent ? " and " : string.Empty)) : string.Empty)}{(SMSSent ? payslipUser.MobPhone?.Primary_MobilePhone : "")}" } } ; else { message = new LoginPageMessage() { CssClass = "error", Content = "We couldn't send your new password to you due to contact information absense. Please, contact your HR" } }; return(RedirectToAction("Login", message)); } // If we got this far, something failed, redisplay form return(View(model)); }