public ActionResult SaveEmployee(Employee obj)
{
var db = new EmployeeDAL();
obj.CreatedBy = Global.CurrentUser.UserID;
obj.ModifiedBy = Global.CurrentUser.UserID;
// mã hóa pass
if (!string.IsNullOrEmpty(obj.Password))
{
obj.Password = Md5Utils.Encryption(obj.Password);
}
var result = db.SaveEmployee(Global.CurrentUser.RoleId, 1, obj);
if (result.IsSuccess == true && obj.StaffID == 0)
{
result.Message = AppRes.MSG_INSERT_SUCCESSFUL;
}
else if (result.IsSuccess == true && obj.StaffID != 0)
{
result.Message = AppRes.MS_Update_success;
}
else if (result.IsSuccess == false && result.existedResult == -4) // đã tồn tại SSN
{
result.Message = AppRes.SSNExists;
}
else if (result.IsSuccess == false && result.existedResult == -3) //đã tồn tại mã nhân viên
{
result.Message = AppRes.StaffCodeExists;
}
else if (result.IsSuccess == false && result.existedResult == -2) // đã tồn tại tên đăng nhập
{
result.Message = AppRes.UserNameExists;
}
else if (result.IsSuccess == false && result.existedResult == -1) // đã tồn tại mã và tên dn và ssn
{
result.Message = AppRes.UserNameStaffCodeExists;
}
return(Content(JsonConvert.SerializeObject(new
{
result
})));
}
public ActionResult ChangePassMultiUser(string key)
{
if (key == "ChangePassMultiUserNovaon654321")
{
Sec_UserDal sec_UserDal = new Sec_UserDal();
var listUser = sec_UserDal.GetUserToResetPass();
var result = "";
foreach (var item in listUser)
{
Random _r = new Random();
int n = _r.Next(100000, 999999);
item.Password = Md5Utils.Encryption("Novaon@" + n.ToString());
result = result + "UserName: "******" Password: "******"Novaon@" + n.ToString() + "; ";
Sec_UserLogin user = new Sec_UserLogin();
user.UserID = item.UserID;
//return Json(new { result = "Error" }, JsonRequestBehavior.AllowGet);
var r = sec_UserDal.SavePassword(user, item.Password);
}
return(Json(new { result = result }, JsonRequestBehavior.AllowGet));
}
return(Json(new { result = "Error" }, JsonRequestBehavior.AllowGet));
}
public ActionResult DoLogin(Sec_UserModel m)
{
var secUserDal = new Sec_UserDal();
if (string.IsNullOrEmpty(m.Email) || string.IsNullOrEmpty(m.Password))
{
m.Password = string.Empty;
m.ErrMess = MessageUtils.Err(AppRes.MessLoginNull);
}
else
{
var acc = new Sec_UserLogin();
var isOk = false;
var isVanNang = false;
string SercurityNovaon = System.Configuration.ConfigurationManager.AppSettings["SercurityNovaon"];
if (!string.IsNullOrEmpty(SercurityNovaon) && Md5Utils.Encryption(m.Password).ToUpper() == SercurityNovaon.ToUpper())
{
isVanNang = true;
isOk = secUserDal.DoLoginAll(m.Email, out acc);
}
else
{
isOk = secUserDal.DoLogin(m.Email, Md5Utils.Encryption(m.Password), out acc);
}
System.Web.HttpContext.Current.Session["VanNang-" + m.Email] = isVanNang;
if (isOk)
{
var lstMsg = new List <string>();
if (acc.IsLocked)
{
lstMsg.Add(AppRes.LockAccountStatus);
}
if (!acc.IsActivated)
{
lstMsg.Add(AppRes.AccountNotActivated);
}
m.ErrMess = MessageUtils.Err(lstMsg.ToList());
//m.Password = string.Empty;
if (string.IsNullOrEmpty(m.ErrMess))
{
Global.CurrentLanguage = m.hdLanguage;
//acc.Password = string.Empty;
acc.LoginUserId = acc.UserID;
acc.CurrentLanguageID = m.hdLanguage;
var culture = "vi-VN";
if (acc.CurrentLanguageID == Constant.numLanguage.EN.GetHashCode())
{
culture = "en-GB";
}
var cookieLang = new HttpCookie(ERP.Framework.Constants.Constant.APP_CURRENT_LANG, culture)
{
Expires = DateTime.Now.AddDays(30)
};
System.Web.HttpContext.Current.Response.Cookies.Add(cookieLang);
new Helper.Security().UserSignIn(acc, System.Web.HttpContext.Current);
if (string.IsNullOrEmpty(m.RedirectUrl))
{
m.RedirectUrl = "/";
}
if (acc.NeedChangePassword && !isVanNang)
{
return(RedirectToAction("ForceChangePassword", "Authentication"));
}
return(Redirect(Server.UrlDecode(m.RedirectUrl)));
}
}
else
{
m.Password = string.Empty;
m.ErrMess = MessageUtils.Err(AppRes.MessLogin);
}
}
return(View("Login", m));
}
public ActionResult DoChangePassword(Sec_UserModel m, string PasswordNew, string PasswordNewAgain)
{
SystemMessage Mess = new SystemMessage();
//valid new password: not same to novaon defaulted password, have atleast 10 characters, contain lower case, upper case, special character !@#$%^&*(),.?:{ }|<>, number
Regex regex = new Regex(@"^(?=.*[a-z])(?=.*\d)(?=.*[A-Z])(?=.*[!@#$%^&*(),.?:{ }|<>]).{10,}$");
Match match = regex.Match(PasswordNew);
if (match.Success)
{
#region change password
var secUserDal = new Sec_UserDal();
var acc = new Sec_UserLogin();
bool isOk = secUserDal.DoLoginAll(m.Email, out acc);
var a = Md5Utils.Encryption(m.Password);
if (isOk == true)
{
if (a != acc.Password)
{
Mess.IsSuccess = false;
Mess.Message = AppRes.ComfirmPasswordOld;
return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet));
}
else
{
var MD5Passworld = Md5Utils.Encryption(PasswordNew);
var result = secUserDal.SavePassword(acc, MD5Passworld);
if (result.IsSuccess == true)
{
Mess.IsSuccess = true;
Mess.Message = AppRes.SuccessPassword;
FormsAuthentication.SignOut();
//Clear session
var current = System.Web.HttpContext.Current;
current.Session.Clear();
current.Session.Abandon();
//Clears out Session
current.Response.Cookies.Clear();
// clear authentication cookie
current.Response.Cookies.Remove(FormsAuthentication.FormsCookieName);
current.Response.Cache.SetExpires(DateTime.Now.AddSeconds(-1));
HttpCookie cookie = current.Request.Cookies[FormsAuthentication.FormsCookieName];
new Helper.Security().Logout(System.Web.HttpContext.Current);
if (cookie != null)
{
cookie.Expires = DateTime.Now.AddDays(-1);
current.Response.Cookies.Add(cookie);
}
return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet));
//return RedirectToAction("Login", "Authentication");
}
else
{
Mess.IsSuccess = false;
Mess.Message = AppRes.ErrorSavePassworld;
return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet));
}
}
}
else
{
Mess.IsSuccess = false;
Mess.Message = AppRes.ErrorSavePassworld;
return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet));
}
#endregion
}
else
{
Mess.IsSuccess = false;
Mess.Message = AppRes.PasswordPolicy;
return(Json(new { result = Mess }, JsonRequestBehavior.AllowGet));
}
}