public async Task <ActionResult> Item(string id) { var item = await _itemDbCommand.FindAsync(id); if (item == null) { return(HttpNotFound()); } var model = Mapper.Map <ItemViewModel>(item); model.CanEdit = LogonUser.IsEntitledToEditItem(item); model.CanDelete = LogonUser.IsEntitledToDeleteItem(item); model.CanEditCollarborators = LogonUser.IsEntitledToEditItemCollaborators(item); model.CanWriteComments = LogonUser.IsEntitledToWriteComments(item); ViewBag.Title = model.DisplayTitle; var comments = await _commentDbCommand.GetByItemAsync(item); foreach (var comment in comments) { var commentModel = Mapper.Map <CommentViewModel>(comment); if (comment.User == LogonUser) { commentModel.IsCommentAuthor = true; } model.Comments.Add(commentModel); } model.NewComment = (LogonUser == null) ? new CommentEditModel() : Mapper.Map <CommentEditModel>(item.NewComment(LogonUser)); return(View("Item", model)); }
public async Task <ActionResult> UpdateCollaboratorRole(string id, string userId, RoleType type) { var item = await _itemDbCommand.FindAsync(id); if (item == null) { return(HttpNotFound()); } if (!LogonUser.IsEntitledToEditItemCollaborators(item)) { return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized)); } var targetCollaborator = item.Collaborators.FirstOrDefault(x => x.Id == userId); if (targetCollaborator == null) { throw new InvalidOperationException(); } targetCollaborator.Role = type; await _itemDbCommand.SaveCollaboratorsAsync(item); return(new HttpStatusCodeResult(HttpStatusCode.OK)); }
// private MTSEntDAL _dal; //ResourceFile resourcefile = new ResourceFile(); public LogonUser GetData() { LogonUser logonuser = new LogonUser(); DataTable dt = DataAccess.ExecuteDataTable("MTS_GetPasswordPolicy"); if (dt.Rows.Count > 0) { PasswordLengthAttribute._maximum = Convert.ToInt16(dt.Rows[0]["MAXIMUM_LENGH"].ToString()); PasswordLengthAttribute._minimum = Convert.ToInt16(dt.Rows[0]["MINIMUM_LENGTH"].ToString()); PasswordLengthAttribute.PasswordRegex = dt.Rows[0]["PASSWORDREGEX"].ToString(); } return(logonuser); }
public async Task <ActionResult> EditCollaborators(string id) { var item = await _itemDbCommand.FindAsync(id); if (item == null) { return(HttpNotFound()); } if (!LogonUser.IsEntitledToEditItemCollaborators(item)) { return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized)); } var model = Mapper.Map <ItemEditCollaboratorsModel>(item); return(View(model)); }
public static ActionResult ValidateCredentials(Session session) { session.Log("Validating service credentials..."); var userName = session[ServiceCredentialsUserPropertyName]; var password = session[ServiceCredentialsPasswordPropertyName]; if (!userName.Contains('\\')) { userName = Environment.MachineName + "\\" + userName; session[ServiceCredentialsUserPropertyName] = userName; } var valid = new LogonUser(new SessionLogger(session)).ValidateCredentials(userName, password); session[CredentialsValidPropertyName] = valid ? "1" : "0"; return ActionResult.Success; }
public static ActionResult ValidateCredentials(Session session) { session.Log("Validating service credentials..."); var userName = session[ServiceCredentialsUserPropertyName]; var password = session[ServiceCredentialsPasswordPropertyName]; if (!userName.Contains('\\')) { userName = Environment.MachineName + "\\" + userName; session[ServiceCredentialsUserPropertyName] = userName; } var valid = new LogonUser(new SessionLogger(session)).ValidateCredentials(userName, password); session[CredentialsValidPropertyName] = valid ? "1" : "0"; return(ActionResult.Success); }
public UserDetails GetUserDeatils(LogonUser userLogon) { UserDetails userDeatils = new UserDetails(); DataSet ds = DataAccess.ExecuteDataset("MTS_GetUser", userLogon.UserName); if (ds.Tables[0].Rows.Count > 0) { DataRow dataRow = ds.Tables[0].Rows[0]; userDeatils.UserId = Convert.ToInt64(dataRow["USERID"].ToString()); userDeatils.Status = Convert.ToByte(dataRow["STATUS"].ToString()); userDeatils.Locked = Convert.ToBoolean(dataRow["LOCKED"].ToString()); userDeatils.Active = Convert.ToInt16(dataRow["ACTIVE"]); userDeatils.DBPassword = dataRow["PASSWORD"].ToString(); userDeatils.Firstname = dataRow["FIRSTNAME"].ToString(); userDeatils.Lastname = dataRow["LASTNAME"].ToString(); userDeatils.RoleId = Int64.Parse(dataRow["ROLEID"].ToString()); userDeatils.RoleName = dataRow["ROLENAME"].ToString(); userDeatils.Mailid = dataRow["EMAIL"].ToString(); if (userDeatils.Status == 1) { userDeatils.LastPwdChange = DateTime.Now; } if (userDeatils.Status != 1) { userDeatils.NoOfAttempts = Convert.ToInt32(dataRow["NO_OF_ATTEMPTS"].ToString()); userDeatils.SecQunId = Convert.ToInt64(dataRow["QUESTIONID"].ToString()); userDeatils.LastPwdChange = Convert.ToDateTime(dataRow["LAST_PWD_CHANGE"].ToString()); userDeatils.SecAns = dataRow["SEC_A"].ToString(); } } if (ds.Tables[1].Rows.Count > 0) { DataRow dataRow = ds.Tables[1].Rows[0]; userDeatils.PasswordCount = Convert.ToInt32(dataRow["PASSWORDCOUNT"].ToString()); userDeatils.PwdChangeDays = Convert.ToInt32(dataRow["PASSWORDCHANGEDAYS"].ToString()); userDeatils.MaxAttemps = Convert.ToInt32(dataRow["MAXIMUM_ATTEMPTS"].ToString()); } return(userDeatils); }
public ActionResult LogOn(LogonUser model) { if (SessionHelper.LogonUser != null) { Session.Abandon(); return(RedirectToAction("LogOff", "Account")); } UserLogonData userLogon = new UserLogonData(); userLogon.GetData(); if (Request.QueryString.Count > 0) { byte statusId = byte.Parse(Request.QueryString["statusId"].ToString()); if (statusId == Status.FIRSTLOGIN) { model.Message = "First time login user can't use ForgetPassword"; } } ModelState.Clear(); return(View(model)); }
public HttpResponseMessage Login(string userName, string password) { var user = _userService.GetByUserNameAndPassword(userName, password); if (user != null) { //1-LogonUser var logonUser = new LogonUser() { UserName = userName, Password = password }; //2-JsonString var jsonString = JsonConvert.SerializeObject(logonUser); //3-Şifreleme => Token var token = FTH.Extension.Encrypter.Encrypt(jsonString, "159357"); return(Request.CreateResponse(HttpStatusCode.OK, token)); } else { return(Request.CreateResponse(HttpStatusCode.Unauthorized, "Kullanıcı Adı ve Şifresi Geçersizdir.")); } }
public async Task <ActionResult> RemoveCollaborator(string id, string userId) { var item = await _itemDbCommand.FindAsync(id); if (item == null) { return(HttpNotFound()); } if (!LogonUser.IsEntitledToEditItemCollaborators(item)) { return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized)); } var deleteCollaborator = item.Collaborators.FirstOrDefault(x => x.Id == userId); if (deleteCollaborator == null) { throw new InvalidOperationException(); } await _itemDbCommand.RemoveCollaboratorAsync(item, deleteCollaborator); return(new HttpStatusCodeResult(HttpStatusCode.OK)); }
public async Task <ActionResult> AddCollaborator(string id, string userId) { var item = await _itemDbCommand.FindAsync(id); if (item == null) { return(HttpNotFound()); } if (!LogonUser.IsEntitledToEditItemCollaborators(item)) { return(new HttpStatusCodeResult(HttpStatusCode.Unauthorized)); } var targetUser = await _userDbCommand.FindAsync(userId); if (targetUser == null) { return(HttpNotFound()); } if (item.Collaborators.Contains(targetUser)) { throw new InvalidOperationException(); } var newCollaborator = new Collaborator(targetUser) { Role = RoleType.Member }; await _itemDbCommand.AddCollaboratorAsync(item, newCollaborator); var model = Mapper.Map <CollaboratorEditModel>(newCollaborator); return(PartialView("_CollaboratorEdit", model)); }
public ActionResult LogOn(LogonUser logonUser, string UserName) { //1 => pass 2=> failed 3 => locked 4 => 90 days pwd expired 5 => first time login 6 => Forget pwd LogonUserSession logonUserSession = new LogonUserSession(); try { int status = 0; if (ModelState.IsValid) { UserLogonData userLogon = new UserLogonData(); UserDetails userDetails = userLogon.GetUserDeatils(logonUser); if (userDetails.Active != 0 && userDetails.UserId > 0) { status = ValidateLogonUser(1, userDetails, logonUser, logonUserSession); } else { status = ValidateLogonUser(0, userDetails, logonUser, logonUserSession); } if (status == 1) { logonUserSession.USERNAME = logonUser.UserName; DataTable dt = userLogon.GetEmployeeId(userDetails.UserId); Session["Username"] = userDetails.Firstname + " " + userDetails.Lastname; Session["EmployeeId"] = dt.Rows[0]["Employee_Id"].ToString(); Session["DepartmentId"] = dt.Rows[0]["DepartmentId"].ToString(); Session["UserID"] = userDetails.UserId; Session["Gender"] = dt.Rows[0]["Gender"].ToString(); Int64 roleid = userDetails.RoleId;; Session["RoleId"] = userDetails.RoleId; Session["MyRole"] = dt.Rows[0]["ROLE_NAME"].ToString(); SessionHelper.LogonUser = logonUserSession; //SessionHelper.IPAddress = WebClientBase.GetIPAddress(HttpContext.Request); //SessionHelper.BrowserName = WebClientBase.GetBrowserTypeAndVersion(HttpContext.Request); return(Redirect(GetHomeUrl())); } else if (status == 3) { if ((byte.Parse(logonUserSession.STATUS.ToString())) == Status.NO_OF_ATM_LOCKED) { logonUser.Message = "User locked for no of attempts"; } else { } } else if (status == 5) { logonUserSession.TEMPUSERNAME = logonUser.UserName;// if first login after enter sec qns then assign to Session[Status.USERNAME] SessionHelper.LogonUser = logonUserSession; return(RedirectToAction("SecurityQuestions", "Account")); } else if (status == Status.PWDEXPIRED || status == Status.FORGETPWD) { logonUserSession.TEMPUSERNAME = logonUser.UserName;// if AFTER 90DAYS login after CHANGE PWD then assign to Session[Status.USERNAME] SessionHelper.LogonUser = logonUserSession; return(RedirectToAction("ForgetChangePassword", "Account")); } else if (status == 2) { logonUser.Message = "The username or password you entered is incorrect."; } else if (status == 8) { logonUser.Message = "User Account is Deactivated"; } else { } } return(View(logonUser)); } catch (Exception ex) { BaseExceptionHandler.HandleException(ref ex); } return(View(logonUser)); }
public int ValidateLogonUser(int count, UserDetails userDetails, LogonUser logonUser, LogonUserSession logonUserSession) { int no_of_attempts = 0; int days = 0; byte status; try { UserLogonData userLogon = new UserLogonData(); if (count == 1) { // if (ds.Tables[0].Rows.Count > 0) //1 => pass 2=> failed 3 => locked 4 => 90 days pwd expired 5 => first time login 6 => Forget pwd DateTime curDate = DateTime.Now; TimeSpan ts = curDate.Date - userDetails.LastPwdChange; status = userDetails.Status; days = ts.Days; no_of_attempts = (string.IsNullOrEmpty(userDetails.NoOfAttempts.ToString())) ? 0 : Int32.Parse(userDetails.NoOfAttempts.ToString()); encryptSha1 obj = new encryptSha1(); logonUser.TempPassword = obj.GetSHA1HashData(logonUser.Password + userDetails.UserId); // logonUser.TempPassword = userDetails.DBPassword; if (logonUser.TempPassword == userDetails.DBPassword) { logonUserSession.MENURANGE = userDetails.MenuRange; logonUserSession.USERID = userDetails.UserId; logonUserSession.CURRENTPASSWORD = userDetails.DBPassword; logonUserSession.PASSWORDCOUNT = userDetails.PasswordCount; logonUserSession.STATUS = userDetails.Status; logonUserSession.FIRSTNAME = userDetails.Firstname; logonUserSession.LASTNAME = userDetails.Lastname; logonUserSession.USERROLE = userDetails.RoleId; //logonUserSession.DEPARTMENT = userDetails.DepartmentId; logonUserSession.ROLENAME = userDetails.RoleName; logonUserSession.ROLEID = userDetails.RoleId; SessionHelper.LogonUser = logonUserSession; if (userDetails.Locked == true) { return(3); } else if (ts.Days > userDetails.PwdChangeDays) { //userLogon.UpdateStatus(userDetails.UserId, userDetails.Status, resource.GetResource("~/Views/Logon.cshtml", "PASS_EXPIRED")); userLogon.UpdateStatus(userDetails.UserId, userDetails.Status, "Password expired"); logonUserSession.STATUS = Status.PWDEXPIRED; logonUserSession.EXPIREDDAYS = ts.Days.ToString(); SessionHelper.LogonUser = logonUserSession; return(4); } else if (status == Status.FIRSTLOGIN) { // userLogon.AddAudit(userDetails.UserId, resource.GetResource("~/Views/Logon.cshtml", "Login successfully")); userLogon.AddAudit(userDetails.UserId, "Login successfully"); return(5); } else if (status == Status.FORGETPWD) { return(6); } else if (no_of_attempts <= userDetails.MaxAttemps) { userLogon.UpdateUserAttempts(userDetails.UserId, 0); return(1); } else { return(2); } } else { if (status != Status.FIRSTLOGIN) { if (no_of_attempts == userDetails.MaxAttemps) { //userLogon.UpdateLockUser(userDetails.UserId, Status.NO_OF_ATM_LOCKED, resource.GetResource("~/Views/Logon.cshtml", "USER_LOCK")); userLogon.UpdateLockUser(userDetails.UserId, Status.NO_OF_ATM_LOCKED, "User locked for no of attempts"); logonUserSession.STATUS = Status.NO_OF_ATM_LOCKED; SessionHelper.LogonUser = logonUserSession; return(3); } else { no_of_attempts = ++no_of_attempts; userLogon.UpdateUserAttempts(userDetails.UserId, no_of_attempts); return(2); } } else { userLogon.AddAudit(userDetails.UserId, "Login failed"); return(2); } } } else if (userDetails.Status == 8 && userDetails.Active == 0) { return(8); } else { // userLogon.UpdateAnonymsAttempts(resource.GetResource("~/Views/Logon.cshtml", "ANON_ATTEMPT")); userLogon.UpdateAnonymsAttempts("Anonymous attempt"); return(2); } } catch (Exception ex) { BaseExceptionHandler.HandleException(ref ex); } return(2); }
public ActionResult ForgotPassword(ForgotPasswordModel forget, string Password, string button) { try { if (button == "Cancel") { return(RedirectToAction("Logon", "Account")); } if (ModelState.IsValid) { int status; ForgotPasswordModel forgotPwd = new ForgotPasswordModel(); string secUserAns = forget.inhrtSecurityQuestionModel.SecAns; Int64 secQunId = forget.inhrtSecurityQuestionModel.SelectedSecQsn; encryptSha1 obj = new encryptSha1(); secUserAns = obj.GetSHA1HashData(secUserAns.ToUpper()); string msg = ""; UserLogonData userLogon = new UserLogonData(); LogonUser logonUser = new LogonUser(); logonUser.UserName = forget.UserName; UserDetails userDetails = userLogon.GetUserDeatils(logonUser); if (userDetails.Active != 0 && userDetails.UserId > 0) { status = compareSecAns(forget.UserName, userDetails.SecQunId, userDetails.SecAns, userDetails.Status, userDetails.UserId, secUserAns, secQunId); //1 success 0 incorrect username 2 secQun or ans incorrect if (status == Status.NO_OF_ATM_LOCKED) { forget.inhrtSecurityQuestionModel = initialDDLFillBase(); forget.Message = "User locked for no of attempts"; } else if (status == Status.FIRSTLOGIN) { return(RedirectToAction("logon", "account", new { statusId = Status.FIRSTLOGIN })); } else if (status == Status.PASS) { msg = "FORGET_PASS"; if (userLogon.UpdateStatus(userDetails.UserId, Status.FORGETPWD, msg) == true) { //update cur date in last_pwd_change while ,if pwd expiry ,not change he attempt forget pwd Encrypt encrypt = new Encrypt(); string TempPassword = encrypt.CreateRandomPassword(6); string EncryptedPassword = encrypt.GetSHA1HashData(TempPassword); userLogon.ForgotPassword(userDetails.UserId, encrypt.GetSHA1HashData(EncryptedPassword + userDetails.UserId)); string Templateid = "3"; string spname = "MTS_UserPasswordEmail"; spname = userDetails.Mailid + "," + userDetails.Firstname + "," + userDetails.Lastname + "," + TempPassword; userLogon.MailSending(spname, Templateid); forget.Message = "Password sent your mail id"; return(RedirectToAction("EmailSending", "account")); // for forgot password } else { //forget.Message = resource.GetResource("~/Views/Logon.cshtml", "Failed"); } } else if (status == 2) { forget.inhrtSecurityQuestionModel = initialDDLFillBase(); forget.Message = "The Sec Question or answer you entered is incorrect."; } else { } } else { forget.inhrtSecurityQuestionModel = initialDDLFillBase(); forget.Message = "Invalid user id."; } } else { forget.inhrtSecurityQuestionModel = initialDDLFillBase(); } return(View(forget)); } catch (Exception ex) { throw ex; } }
public void SetLogonUser(LogonUser user) { HttpContext.Current.Session["LoginObject"] = user; }
protected override void Seed(CandyContext context) { var logon = new LogonUser(); Core.Concrete.Common.ConnectionProvider.LogonUser = logon; #region - User - var userGroup = new UserGroupEntity() { Name = "Admin" }; context.UserGroups.Add(userGroup); context.SaveChanges(); var user = new UserEntity() { Birtdate = new DateTime(1992, 8, 30), FirstName = "Fatih", Email = "*****@*****.**", LastName = "GÜRDAL", Password = "******".Encrypt(), UserName = "******", UserGroupId = userGroup.Id }; context.Users.Add(user); context.SaveChanges(); #endregion #region - Settings - context.Settings.Add(new SettingEntity() { KeyName = "SuperUser", Value = "CandySuperUser|1445" }); context.Settings.Add(new SettingEntity() { KeyName = "MailSetting", Value = "[email protected]|password|smtp.google.com|port|Candy Framework" }); context.Settings.Add(new SettingEntity() { KeyName = "SiteName", Value = "Candy Framework" }); context.Settings.Add(new SettingEntity() { KeyName = "EMailLogToAddress", Value = "*****@*****.**" }); context.Settings.Add(new SettingEntity() { KeyName = "EMailLogCCAddress", Value = "*****@*****.**" }); context.Settings.Add(new SettingEntity() { KeyName = "LogClass", Value = "MailLogger" }); context.SaveChanges(); #endregion }
public ActionResult LogOn(LogonUser model) { return(RedirectToAction("Logon", "Account", new { area = "MTS.Login" })); }
public void SetLogonUser(LogonUser user) { var jsonString = JsonConvert.SerializeObject(user); }