public ActionResult ForgetChangePassword(ChangePasswordBaseModel model) { LogonUserSession logonUserSession = (LogonUserSession)SessionHelper.LogonUser; if ((Int32.Parse(logonUserSession.STATUS.ToString())) == Status.PWDEXPIRED) { // model.Message = "Your password expired" + logonUserSession.EXPIREDDAYS.ToString() + " days"; model.Message = "Your Password expired"; } ModelState.Clear(); return(View(model)); }
public ActionResult ChangePassword(ChangePasswordModel model) { ViewBag.HomeUrl = GetHomeUrl(); LogonUserSession logonUserSession = (LogonUserSession)SessionHelper.LogonUser; SessionHelper.SelectedUser = null; if ((Int32.Parse(logonUserSession.STATUS.ToString())) == Status.PWDEXPIRED) { model.Message = "Your Password expired"; } ModelState.Clear(); return(View(model)); }
public JsonResult Read() { //Declare of local variables DataTable dt = new DataTable(); LogonUserSession logonUserSession = new LogonUserSession(); Int64 userRole = 0; //assigning user role userRole = Convert.ToInt64(Session["RoleId"].ToString()); MTSHRDataLayer.EmployeeDetails employeedetails = new MTSHRDataLayer.EmployeeDetails(); //dt = userRole == UserConstants.User ? employeedetails.Read().Select("Active=1").CopyToDataTable() : employeedetails.Read(); dt = employeedetails.Read(); return(Json(JsonConvert.SerializeObject(dt), JsonRequestBehavior.AllowGet)); }
public int compareSecAns(string username, Int64 _secQunId, string _secAns, byte status, Int64 userId, string secUserAns, Int64 secUserQunId) { Int64 secQunId; string secAns; try { LogonUserSession logonUserSession = new LogonUserSession(); if (status == Status.ADMIN_LOCKED || status == Status.NO_OF_ATM_LOCKED || status == Status.FIRSTLOGIN) { return(status); } else { secQunId = _secQunId; if (string.IsNullOrEmpty(_secAns) == true) { secAns = ""; } else { secAns = _secAns.ToString(); } //7 success 0 incorrect username 2 secQun or ans incorrect if (String.Equals(secUserAns, secAns, StringComparison.OrdinalIgnoreCase) && (secUserQunId == secQunId)) { logonUserSession.USERID = userId; SessionHelper.LogonUser = logonUserSession; return(7); } else { return(2); } } } catch (Exception ex) { throw ex; } }
public ActionResult LogOn(LogonUser logonUser, string UserName) { //1 => pass 2=> failed 3 => locked 4 => 90 days pwd expired 5 => first time login 6 => Forget pwd LogonUserSession logonUserSession = new LogonUserSession(); try { int status = 0; if (ModelState.IsValid) { UserLogonData userLogon = new UserLogonData(); UserDetails userDetails = userLogon.GetUserDeatils(logonUser); if (userDetails.Active != 0 && userDetails.UserId > 0) { status = ValidateLogonUser(1, userDetails, logonUser, logonUserSession); } else { status = ValidateLogonUser(0, userDetails, logonUser, logonUserSession); } if (status == 1) { logonUserSession.USERNAME = logonUser.UserName; DataTable dt = userLogon.GetEmployeeId(userDetails.UserId); Session["Username"] = userDetails.Firstname + " " + userDetails.Lastname; Session["EmployeeId"] = dt.Rows[0]["Employee_Id"].ToString(); Session["DepartmentId"] = dt.Rows[0]["DepartmentId"].ToString(); Session["UserID"] = userDetails.UserId; Session["Gender"] = dt.Rows[0]["Gender"].ToString(); Int64 roleid = userDetails.RoleId;; Session["RoleId"] = userDetails.RoleId; Session["MyRole"] = dt.Rows[0]["ROLE_NAME"].ToString(); SessionHelper.LogonUser = logonUserSession; //SessionHelper.IPAddress = WebClientBase.GetIPAddress(HttpContext.Request); //SessionHelper.BrowserName = WebClientBase.GetBrowserTypeAndVersion(HttpContext.Request); return(Redirect(GetHomeUrl())); } else if (status == 3) { if ((byte.Parse(logonUserSession.STATUS.ToString())) == Status.NO_OF_ATM_LOCKED) { logonUser.Message = "User locked for no of attempts"; } else { } } else if (status == 5) { logonUserSession.TEMPUSERNAME = logonUser.UserName;// if first login after enter sec qns then assign to Session[Status.USERNAME] SessionHelper.LogonUser = logonUserSession; return(RedirectToAction("SecurityQuestions", "Account")); } else if (status == Status.PWDEXPIRED || status == Status.FORGETPWD) { logonUserSession.TEMPUSERNAME = logonUser.UserName;// if AFTER 90DAYS login after CHANGE PWD then assign to Session[Status.USERNAME] SessionHelper.LogonUser = logonUserSession; return(RedirectToAction("ForgetChangePassword", "Account")); } else if (status == 2) { logonUser.Message = "The username or password you entered is incorrect."; } else if (status == 8) { logonUser.Message = "User Account is Deactivated"; } else { } } return(View(logonUser)); } catch (Exception ex) { BaseExceptionHandler.HandleException(ref ex); } return(View(logonUser)); }
public int ValidateLogonUser(int count, UserDetails userDetails, LogonUser logonUser, LogonUserSession logonUserSession) { int no_of_attempts = 0; int days = 0; byte status; try { UserLogonData userLogon = new UserLogonData(); if (count == 1) { // if (ds.Tables[0].Rows.Count > 0) //1 => pass 2=> failed 3 => locked 4 => 90 days pwd expired 5 => first time login 6 => Forget pwd DateTime curDate = DateTime.Now; TimeSpan ts = curDate.Date - userDetails.LastPwdChange; status = userDetails.Status; days = ts.Days; no_of_attempts = (string.IsNullOrEmpty(userDetails.NoOfAttempts.ToString())) ? 0 : Int32.Parse(userDetails.NoOfAttempts.ToString()); encryptSha1 obj = new encryptSha1(); logonUser.TempPassword = obj.GetSHA1HashData(logonUser.Password + userDetails.UserId); // logonUser.TempPassword = userDetails.DBPassword; if (logonUser.TempPassword == userDetails.DBPassword) { logonUserSession.MENURANGE = userDetails.MenuRange; logonUserSession.USERID = userDetails.UserId; logonUserSession.CURRENTPASSWORD = userDetails.DBPassword; logonUserSession.PASSWORDCOUNT = userDetails.PasswordCount; logonUserSession.STATUS = userDetails.Status; logonUserSession.FIRSTNAME = userDetails.Firstname; logonUserSession.LASTNAME = userDetails.Lastname; logonUserSession.USERROLE = userDetails.RoleId; //logonUserSession.DEPARTMENT = userDetails.DepartmentId; logonUserSession.ROLENAME = userDetails.RoleName; logonUserSession.ROLEID = userDetails.RoleId; SessionHelper.LogonUser = logonUserSession; if (userDetails.Locked == true) { return(3); } else if (ts.Days > userDetails.PwdChangeDays) { //userLogon.UpdateStatus(userDetails.UserId, userDetails.Status, resource.GetResource("~/Views/Logon.cshtml", "PASS_EXPIRED")); userLogon.UpdateStatus(userDetails.UserId, userDetails.Status, "Password expired"); logonUserSession.STATUS = Status.PWDEXPIRED; logonUserSession.EXPIREDDAYS = ts.Days.ToString(); SessionHelper.LogonUser = logonUserSession; return(4); } else if (status == Status.FIRSTLOGIN) { // userLogon.AddAudit(userDetails.UserId, resource.GetResource("~/Views/Logon.cshtml", "Login successfully")); userLogon.AddAudit(userDetails.UserId, "Login successfully"); return(5); } else if (status == Status.FORGETPWD) { return(6); } else if (no_of_attempts <= userDetails.MaxAttemps) { userLogon.UpdateUserAttempts(userDetails.UserId, 0); return(1); } else { return(2); } } else { if (status != Status.FIRSTLOGIN) { if (no_of_attempts == userDetails.MaxAttemps) { //userLogon.UpdateLockUser(userDetails.UserId, Status.NO_OF_ATM_LOCKED, resource.GetResource("~/Views/Logon.cshtml", "USER_LOCK")); userLogon.UpdateLockUser(userDetails.UserId, Status.NO_OF_ATM_LOCKED, "User locked for no of attempts"); logonUserSession.STATUS = Status.NO_OF_ATM_LOCKED; SessionHelper.LogonUser = logonUserSession; return(3); } else { no_of_attempts = ++no_of_attempts; userLogon.UpdateUserAttempts(userDetails.UserId, no_of_attempts); return(2); } } else { userLogon.AddAudit(userDetails.UserId, "Login failed"); return(2); } } } else if (userDetails.Status == 8 && userDetails.Active == 0) { return(8); } else { // userLogon.UpdateAnonymsAttempts(resource.GetResource("~/Views/Logon.cshtml", "ANON_ATTEMPT")); userLogon.UpdateAnonymsAttempts("Anonymous attempt"); return(2); } } catch (Exception ex) { BaseExceptionHandler.HandleException(ref ex); } return(2); }
public ActionResult SecurityQuestions(SecurityQuestionModel model, string SecAns) { try { LogonUserSession logonUserSession = (LogonUserSession)SessionHelper.LogonUser; if (ModelState.IsValid) { encryptSha1 encrypt = new encryptSha1(); SecurityQuestionModel secmodel = new SecurityQuestionModel(); Int64 userId = Int64.Parse(logonUserSession.USERID.ToString()); encryptSha1 obj = new encryptSha1(); string secAnsr = obj.GetSHA1HashData(model.SecAns.ToUpper()); string curPwd = logonUserSession.CURRENTPASSWORD.ToString(); // model.InhrChangePasswordModel.HashCurrentPassword; string newPwd = encrypt.GetSHA1HashData(model.NewPassword + userId); //model.InhrChangePasswordModel.HashConfirmPassword; int pwdCount = Int32.Parse(logonUserSession.PASSWORDCOUNT.ToString()); if (string.Equals(logonUserSession.TEMPUSERNAME.ToString(), model.NewPassword, StringComparison.OrdinalIgnoreCase)) { ModelState.AddModelError("NewPassword", "Username and New Password should not be same."); model = initialDDLFill(); } else if (string.Equals(curPwd, newPwd, StringComparison.OrdinalIgnoreCase)) { ModelState.AddModelError("NewPassword", "NewPassword should not be equal to CurrentPassword"); model = initialDDLFill(); } else { int userResult = InsertSecurityQsn(userId, curPwd, newPwd, model.SelectedSecQsn, secAnsr, pwdCount); // 3 ALREADY ; < 0 pass if (userResult == 3) { model = initialDDLFill(); model.Message = "New password already used"; //Msg.EXISTPWD; } else if (userResult == 1) { logonUserSession.STATUS = Status.CHGPWD; logonUserSession.CURRENTPASSWORD = newPwd; logonUserSession.USERNAME = logonUserSession.TEMPUSERNAME.ToString(); logonUserSession.TEMPUSERNAME = null; SessionHelper.LogonUser = logonUserSession; return(RedirectToAction("LogOn")); } else { } } } else { model = initialDDLFill(); } return(View(model)); } catch (Exception ex) { throw ex; } }
//[SessionExpireFilter] public ActionResult ChangePassword(ChangePasswordModel model, string button) { ViewBag.HomeUrl = GetHomeUrl(); int userStatus; try { LogonUserSession logonUserSession = (LogonUserSession)SessionHelper.LogonUser; encryptSha1 encrypt = new encryptSha1(); userStatus = Int32.Parse(logonUserSession.STATUS.ToString()); if (button == "Cancel" && userStatus != Status.PWDEXPIRED && userStatus != Status.FIRSTLOGIN && userStatus != Status.FORGETPWD) { return(Redirect(GetHomeUrl())); } else { if (button == "Cancel") { ModelState.Clear(); } else { if (ModelState.IsValid) { ChangePasswordModel ChangePwd = new ChangePasswordModel(); // bool changePasswordSucceeded; try { model.HashCurrentPassword = encrypt.GetSHA1HashData(model.CurrentPassword + logonUserSession.USERID); model.HashConfirmPassword = encrypt.GetSHA1HashData(model.NewPassword + logonUserSession.USERID); if (logonUserSession.CURRENTPASSWORD.ToString() != model.HashCurrentPassword) { model.Message = "Invalid current password."; } else if (string.Equals(logonUserSession.USERNAME.ToString(), model.NewPassword, StringComparison.OrdinalIgnoreCase)) { model.Message = "Username and New Password should not be same."; } else if (string.Equals(model.HashCurrentPassword, model.HashConfirmPassword, StringComparison.OrdinalIgnoreCase)) { model.Message = "NewPassword should not be equal to CurrentPassword"; } else { { int pwdCount = Int32.Parse(logonUserSession.PASSWORDCOUNT.ToString()); Int64 userId = Int64.Parse(logonUserSession.USERID.ToString()); int status = ChangePasswordfun(userId, model.HashCurrentPassword, model.HashConfirmPassword, pwdCount); if (status == 1) // 1-PASS 2 INVALID CURRENTPASSWORD 3 ALREADY USED { if ((Int32.Parse(logonUserSession.STATUS.ToString())) == Status.PWDEXPIRED || (Int32.Parse(logonUserSession.STATUS.ToString())) == Status.FORGETPWD) { logonUserSession.USERNAME = logonUserSession.TEMPUSERNAME; logonUserSession.TEMPUSERNAME = null; } logonUserSession.CURRENTPASSWORD = model.HashConfirmPassword; logonUserSession.STATUS = Status.CHGPWD; SessionHelper.LogonUser = logonUserSession; model.Message = "Your password has been changed successfully"; //Msg.PWDCHANGED; ViewBag.success = "1"; return(View(model)); } else if (status == 3) { model.Message = "New password already used"; //Msg.EXISTPWD; } else { model.Message = "Failed"; } } } } catch (Exception) { // changePasswordSucceeded = false; } } } } // If we got this far, something failed, redisplay form return(View(model)); } catch (Exception ex) { throw ex; } }