public ActionResult SignDisclaimer(Models.ManageUserViewModel model, string oldpassword, string HiddenNewPassword, string securityquestion, string SecurityQuestionID, string SecurityQuestionAnswer, string hdnusername, string chkconfirmagree, string HiddenchkAgree, string accountid, string multiple)
{
var thisAccount = UserHelper.GetCurrentAccount();
if (chkconfirmagree == "on" && HiddenchkAgree == "on")
{
SADFM.Data.Models.UpdateResult updateResult = DataAccess.Account.SignDisclaimer(UserHelper.Username);
}
if (UserHelper.SelectedClientId == null)
{
//set default client
List <Guid> clients = thisAccount.Permissions.Select(kvp => kvp.GetClientId()).Distinct().ToList();
if (clients.Count < 2)
{
if (clients.Count == 1)
{
UserHelper.SetSelectedClientId(UserHelper.Username, clients[0]);
}
}
else
{
return(View("MultipleProviders", (object)"account/profile"));
}
}
return(RedirectToAction("Profile", "Account"));
}
public ActionResult ResetPassword()
{
bool hasmultiple = false;
string username = string.Empty;
bool resetonly = false;
if (Request.QueryString.HasKeys())
{
List <string> keys = new List <string>(Request.QueryString.AllKeys);
if (keys.Contains("User") && Request.QueryString["User"].Length > 0)
{
username = Request.QueryString["User"];
}
if (keys.Contains("chkconfirmagree") && Request.QueryString["chkconfirmagree"].ToString() == "on" && keys.Contains("chkagree") && Request.QueryString["chkagree"].ToString() == "on")
{
resetonly = true;
}
else
{
resetonly = false;
}
if (keys.Contains("Provider") && Request.QueryString["Provider"].Length > 0)
{
if (Request.QueryString["Provider"] == "True")
{
hasmultiple = true;
ViewBag.MultipleProviders = hasmultiple;
}
}
}
Models.ManageUserViewModel manageuser = new Models.ManageUserViewModel();
manageuser.Username = username;
if (!resetonly)
{
return(View("ResetPassword", manageuser));
}
else
{
return(View("Reset", manageuser));
}
}
public ActionResult PasswordExpired()
{
string username = string.Empty;
if (Request.QueryString.HasKeys())
{
List <string> keys = new List <string>(Request.QueryString.AllKeys);
if (keys.Contains("User") && Request.QueryString["User"].Length > 0)
{
username = Request.QueryString["User"];
}
if (keys.Contains("Providers") && Request.QueryString["Providers"].Length > 0)
{
ViewBag.MultipleProviders = Request.QueryString["Providers"];
}
}
Models.ManageUserViewModel manageuser = new Models.ManageUserViewModel();
manageuser.Username = username;
ViewBag.UserName = username;
return(View("PasswordExpired", manageuser));
}
public ActionResult SecurityQuestion(string User, string chkconfirmagree, string HiddenchkAgree, string msg, string Providers)
{
bool hasmultiple = false;
ViewBag.ErrorMessage = "You have provided the" + " " + msg + " " + "answer. Please try again";
ViewBag.UserName = User;
if (Providers != null)
{
if (Providers == "True")
{
hasmultiple = true;
ViewBag.MultipleProviders = hasmultiple;
}
}
Models.ManageUserViewModel manageuser = new Models.ManageUserViewModel();
manageuser.Username = User;
ViewBag.UserName = User;
manageuser.MultipleProviderMember = hasmultiple;
return(View("SecurityQuestion", manageuser));
}
public ActionResult Reset(Models.ManageUserViewModel model, string oldpassword, string HiddenNewPassword, string securityquestion, string securityanswer, string hdnusername, string chkconfirmagree, string HiddenchkAgree, string hdnfrom, string accountid, string multiple)
{
bool hasmultiple = false;
if (multiple != null)
{
if (multiple == "True")
{
hasmultiple = true;
}
ViewBag.MultipleProviders = "True";
}
if (hdnfrom == "securityquestion")
{
//check correct answer
string answer = DataAccess.Account.GetAccountSecurityAnswer(hdnusername);
if (answer.ToLower() == securityanswer.ToLower())
{
return(Redirect("/Account/Reset?User="******"&chkconfirmagree=" + chkconfirmagree + "&chkagree=" + HiddenchkAgree + "&Provider=" + hasmultiple));
}
else
{
return(Redirect("/Account/SecurityQuestion?User="******"&chkconfirmagree=" + chkconfirmagree + "&chkagree=" + HiddenchkAgree + "&Provider=" + hasmultiple + "&Msg=wrong"));
}
}
else
{
string username = string.Empty;
if (Request.QueryString.HasKeys())
{
List <string> keys = new List <string>(Request.QueryString.AllKeys);
if (keys.Contains("User") && Request.QueryString["User"].Length > 0)
{
username = Request.QueryString["User"];
}
if (keys.Contains("Provider") && Request.QueryString["Provider"].Length > 0)
{
if (Request.QueryString["Provider"] == "True")
{
hasmultiple = true;
}
ViewBag.MultipleProviders = hasmultiple;
}
}
else
{
username = model.Username;
}
Models.ManageUserViewModel manageuser = new Models.ManageUserViewModel();
manageuser.OldPassword = oldpassword;
manageuser.MultipleProviderMember = hasmultiple;
manageuser.NewPassword = HiddenNewPassword;
manageuser.Username = hdnusername;
manageuser.SecurityQuestion = securityquestion;
manageuser.SecurityAnswer = securityanswer;
bool success = DataAccess.Account.ResetUserPassword(manageuser.NewPassword, manageuser.Username, securityquestion, securityanswer, accountid, Guid.NewGuid());
Data.Models.Account thisaccount = new Data.Models.Account();
thisaccount.Username = manageuser.Username;
thisaccount = DataAccess.Account.GetAccountByUsername(manageuser.Username);
if (success)
{
return(View("Profile", thisaccount));
}
else
{
return(View("ResetPassword"));
}
}
}
public ActionResult Reset(string oldpassword, string HiddenNewPassword, string securityquestion, string securityanswer, string hdnusername, string id, string multiple)
{
bool hasmultiple = false;
if (multiple != null)
{
if (multiple == "True")
{
hasmultiple = true;
}
ViewBag.MultipleProviders = "True";
}
string username = string.Empty;
if (Request.QueryString.HasKeys())
{
List <string> keys = new List <string>(Request.QueryString.AllKeys);
if (keys.Contains("User") && Request.QueryString["User"].Length > 0)
{
username = Request.QueryString["User"];
}
if (keys.Contains("Provider") && Request.QueryString["Provider"].Length > 0)
{
if (Request.QueryString["Provider"] == "True")
{
hasmultiple = true;
}
ViewBag.MultipleProviders = "True";
}
}
Models.ManageUserViewModel manageuser = new Models.ManageUserViewModel();
manageuser.OldPassword = oldpassword;
manageuser.NewPassword = HiddenNewPassword;
if (hdnusername == null)
{
manageuser.Username = Request.QueryString["User"];
}
else
{
manageuser.Username = hdnusername;
}
manageuser.SecurityQuestion = securityquestion;
manageuser.SecurityAnswer = securityanswer;
manageuser.MultipleProviderMember = hasmultiple;
if (multiple == "True")
{
hasmultiple = true;
}
ViewBag.MultipleProviders = "True";
ViewBag.UserName = manageuser.Username;
if (id != null)
{
manageuser.AccountId = Guid.Parse(id);
manageuser.Username = DataAccess.Account.GetAccountUserNameByAccountId(manageuser.AccountId);
ViewBag.UserName = manageuser.Username;
manageuser.MultipleProviderMember = hasmultiple;
if (multiple == "True")
{
hasmultiple = true;
}
ViewBag.MultipleProviders = "True";
}
ViewBag.AccountId = manageuser.AccountId;
return(View("Reset", manageuser));
}
public ActionResult ResetPassword(Models.ManageUserViewModel model, string oldpassword, string HiddenNewPassword, string securityquestion, string SecurityQuestionID, string SecurityQuestionAnswer, string hdnusername, string chkconfirmagree, string HiddenchkAgree, string accountid, string multiple)
{
bool hasmultiple = false;
if (multiple != null)
{
if (multiple == "True")
{
hasmultiple = true;
}
ViewBag.MultipleProviders = "True";
}
if (chkconfirmagree == "on" && HiddenchkAgree == "on")
{
return(Redirect("/Account/Reset?User="******"&chkconfirmagree=" + chkconfirmagree + "&chkagree=" + HiddenchkAgree + "&Provider=" + hasmultiple));
}
string username = string.Empty;
if (Request.QueryString.HasKeys())
{
List <string> keys = new List <string>(Request.QueryString.AllKeys);
if (keys.Contains("User") && Request.QueryString["User"].Length > 0)
{
username = Request.QueryString["User"];
}
if (keys.Contains("Provider") && Request.QueryString["Provider"].Length > 0)
{
if (Request.QueryString["Provider"] == "True")
{
hasmultiple = true;
}
ViewBag.MultipleProviders = "True";
}
}
if (accountid == null)
{
accountid = string.Empty;
}
Guid securityquestionid = new Guid();
if (SecurityQuestionID != null)
{
securityquestionid = SADFM.Data.Models.BaseModel.DecryptId(SecurityQuestionID);
securityquestion = DataAccess.ListItem.GetListItemDescriptionByName(securityquestionid);
}
Models.ManageUserViewModel manageuser = new Models.ManageUserViewModel();
manageuser.OldPassword = oldpassword;
manageuser.NewPassword = HiddenNewPassword;
manageuser.Username = hdnusername;
manageuser.SecurityQuestion = securityquestion;
manageuser.SecurityAnswer = SecurityQuestionAnswer;
manageuser.MultipleProviderMember = hasmultiple;
//
bool success = DataAccess.Account.ResetUserPassword(manageuser.NewPassword, manageuser.Username, securityquestion, SecurityQuestionAnswer, accountid, securityquestionid);
Data.Models.Account thisaccount = new Data.Models.Account();
thisaccount.Username = manageuser.Username;
thisaccount = DataAccess.Account.GetAccountByUsername(manageuser.Username);
if (success)
{
return(View("Login"));
}
else
{
return(View("ResetPassword"));
}
}
public ActionResult Login(Models.Login login)
{
if (!Utilities.ConfirmSecurity(login.Security))
{
return(View());
}
SADFM.Base.NLogHelper.WriteEvent(NLog.LogLevel.Info, "AccountController.Login:Start");
Response.AddHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
Response.AddHeader("Expires", "Fri, 01 Jan 1990 00:00:00 GMT");
Response.AddHeader("Pragma", "no-cache");
SADFM.Base.NLogHelper.WriteEvent(NLog.LogLevel.Info, "AccountController.Login: - UserHelper.GetAccount");
Data.Models.Account account = UserHelper.GetAccount(login.Username);
SADFM.Base.NLogHelper.WriteEvent(NLog.LogLevel.Info, "AccountController.Login: - UserHelper.GetAccount done");
if (account == null)
{
ViewBag.LoginErrorMessage = Library.GetText("InvalidLoginText");
ViewBag.Username = login.Username;
return(View());
}
bool hasmultipleproviders = false;
/*
* //has password expired
* DateTime PasswordDate = account.LastUpdateTimestamp;
* DateTime ComparisonDate = DateTime.Today;
* TimeSpan difference = ComparisonDate - PasswordDate;
* if (difference.TotalDays >= 90)
* {
* return Redirect("/Account/ResetPassword?User="******"&Providers=true");
* }
*
*/
//first login?
try
{
SADFM.Base.NLogHelper.WriteEvent(NLog.LogLevel.Info, "AccountController.Login: - UserHelper.DataAccess.Account.Validate");
if (DataAccess.Account.Validate(login.Username, login.Password) == "Active")
{
FormsAuthentication.SetAuthCookie(login.Username.ToLower(), login.RememberMe);
if (account.FirstSignIn)
{
return(Redirect("/Account/ResetPassword?User="******"&Providers=" + hasmultipleproviders));
}
else if (account.ResetBySuperAdmin)
{
return(Redirect("/Account/Disclaimer?User="******"&Providers=" + hasmultipleproviders));
}
List <Guid> clients = account.Permissions.Select(kvp => kvp.GetClientId()).Distinct().ToList();
if (clients.Count < 2)
{
if (clients.Count == 1)
{
UserHelper.SetSelectedClientId(login.Username.ToLower(), clients[0]);
}
return(Redirect(FormsAuthentication.DefaultUrl));
}
else
{
return(Redirect("/Account/MultipleProviders?User="******"&Providers=" + hasmultipleproviders));
}
}
else
{
ViewBag.LoginErrorMessage = Library.GetText("InvalidLoginText");
ViewBag.Username = login.Username;
ViewBag.MultipleProviders = hasmultipleproviders;
if (hasmultipleproviders)
{
Models.ManageUserViewModel manageuser = new Models.ManageUserViewModel();
manageuser.Username = login.Username;
ViewBag.MultipleProviders = hasmultipleproviders;
manageuser.MultipleProviderMember = ViewBag.MultipleProviders;
ViewBag.UserName = login.Username;
return(Redirect("/Account/MultipleProviders?User="******"&Providers=" + hasmultipleproviders));
}
else
{
return(View());
}
}
}
finally
{
SADFM.Base.NLogHelper.WriteEvent(NLog.LogLevel.Info, "AccountController.Login: - UserHelper.DataAccess.Account.Validate Done");
}
}
public ActionResult SecurityQuestion(Models.ForgotPasswordViewModel ForgotPassword, string emailbtn, string questionbtn, string Username, string multiple)
{
//check again here if multiple providers
bool hasmultipleproviders = false;
if (multiple == "True")
{
hasmultipleproviders = true;
ViewBag.MultipleUsers = multiple;
}
var button = emailbtn ?? questionbtn;
string username = string.Empty;
if (Request.QueryString.HasKeys())
{
List <string> keys = new List <string>(Request.QueryString.AllKeys);
if (keys.Contains("Msg") && Request.QueryString["Msg"].Length > 0)
{
ViewBag.Message = "Wrong answer provided. Please try again.";
button = "questionbtn";
}
}
if (button == "emailbtn")
{
try
{
// bool verifylinksent ;//= false;
string email = DataAccess.Account.GetAccountEmailAddress(Username);
string firstname = DataAccess.Account.GetAccountByUsername(Username).FirstName;
Guid act = DataAccess.Account.GetAccountIdByUsername(Username);
var verifyUrl = System.Web.HttpContext.Current.Request.Url.GetLeftPart
(UriPartial.Authority) + "/Account/Reset/" + act;
SendResetPasswordEmailLink(verifyUrl, email, Username, act.ToString(), firstname, "");
return(Redirect("/Account/Notify"));
}
catch (Exception ex)
{
}
return(Redirect("/Account/Login"));
}
if (button == "questionbtn")
{
Models.ManageUserViewModel manageuser = new Models.ManageUserViewModel();
Guid?QuestionId;
QuestionId = DataAccess.Account.GetAccountSecurityQuestionId(Username);
manageuser.SecurityQuestion = DataAccess.ListItem.GetListItemDescriptionByName(Guid.Parse(QuestionId.ToString()));
manageuser.MultipleProviderMember = hasmultipleproviders;
manageuser.Username = Username;
StringBuilder sb = new StringBuilder();
sb.Append(manageuser.Username);
sb.Append(":");
sb.Append(" ");
sb.AppendLine();
sb.Append(manageuser.SecurityQuestion);
ViewBag.Message = sb.ToString();
ViewBag.UserName = manageuser.Username;
if (hasmultipleproviders.ToString() == "True")
{
ViewBag.MultipleUsers = "True";
}
else
{
ViewBag.MultipleUsers = "False";
}
return(View("SecurityQuestion", manageuser));
}
return(Redirect("/Account/Login"));
}
