public IActionResult Login(LoginViewModel model, string returnUrl = null) { if (ModelState.IsValid) { SystemAdminDbContext adminDbContext = new SystemAdminDbContext(connStringAdmin); RbacUser validUser = RBAC.GetUser(model.UserName, model.Password); LoginInformationModel LoginInfo = new LoginInformationModel(); //seting session for current valid user if (validUser != null) { //Check user status is Active or not, If user is InActive then return to login page if (validUser.IsActive == false) { ViewData["status"] = "user-inactive"; return(View(model)); } validUser.Password = ""; LoginInfo.EmployeeId = validUser.EmployeeId; LoginInfo.ActionName = "login"; LoginInfo.CreatedOn = System.DateTime.Now; LoginInfo.UserName = validUser.UserName; adminDbContext.LoginInformation.Add(LoginInfo); adminDbContext.SaveChanges(); SetSessionVariable(validUser); if (model.RememberMe) { DateTime centuryBegin = new DateTime(2001, 1, 1); DateTime currentDate = DateTime.Now; //Generate unique tick to make it a selector long ticksElapsed = currentDate.Ticks - centuryBegin.Ticks; SetRememberMeCookieVariable(ticksElapsed, validUser.UserId); } return(RedirectToAction("Index", "Home")); } else { LoginInfo.ActionName = "invalid-login-attempt"; LoginInfo.EmployeeId = null; LoginInfo.CreatedOn = System.DateTime.Now; LoginInfo.UserName = model.UserName; adminDbContext.LoginInformation.Add(LoginInfo); adminDbContext.SaveChanges(); } ViewData["status"] = "login-failed"; return(View(model)); } //If we got this far, something failed, redisplay form return(View(model)); }
public IActionResult Login(string returnUrl = null) { DateTime centuryBegin = new DateTime(2001, 1, 1); DateTime currentDate = DateTime.Now; //Generate unique tick to make it a selector long ticksElapsed = currentDate.Ticks - centuryBegin.Ticks; //Generate unique string associated with selector --called Validator Guid gd = Guid.NewGuid(); string GuidString = Convert.ToBase64String(gd.ToByteArray()); GuidString = GuidString.Replace("=", ""); GuidString = GuidString.Replace("+", ""); //tick is also used as a salt GuidString = GuidString + ticksElapsed.ToString(); //generate Hash of the Validator, that can be used as a token string msgDigest = ComputeSha256Hash(GuidString); //start: sud:16Jul'19-- If One user is already logged in - (check from session) - Load home index page directly. RbacUser currentUser = HttpContext.Session.Get <RbacUser>("currentuser"); if (currentUser != null && currentUser.UserId != 0) { return(RedirectToAction("Index", "Home")); } //end: sud:16Jul'19-- If One user is already logged in - (check from session) - Load home index page directly. if (!string.IsNullOrEmpty(Request.Cookies["uRef"])) { SystemAdminDbContext adminDbContext = new SystemAdminDbContext(connStringAdmin); var selector = Convert.ToInt64(Request.Cookies["uRef"]); var validatorWithSalt = Request.Cookies["uData"] + Request.Cookies["uRef"]; var hashedValidator = ComputeSha256Hash(validatorWithSalt); //To make sure that only one UserId will be selected at a time var userIdList = (from sysAuthInfo in adminDbContext.CookieInformation where sysAuthInfo.Selector == selector && sysAuthInfo.HashedToken == hashedValidator select sysAuthInfo.UserId).ToList(); if (userIdList.Count == 1) { RbacUser validUser = RBAC.GetUser(userIdList[0]); LoginViewModel model = new LoginViewModel(); model.UserName = validUser.UserName; //seting session for current valid user if (validUser != null) { //Check user status is Active or not, If user is InActive then return to login page if (validUser.IsActive == false) { RemoveRememberMeCookie(); RemoveSessionValues(); ViewData["status"] = "user-inactive"; return(View(model)); } validUser.Password = ""; UpdateRememberMeCookie(selector); SetSessionVariable(validUser); return(RedirectToAction("Index", "Home")); } } else { RemoveRememberMeCookie(); RemoveSessionValues(); return(View()); } } CoreDbContext coreDbContext = new CoreDbContext(connString); ParameterModel licenseParam = coreDbContext.Parameters.Where(p => p.ParameterGroupName == "TenantMgnt" && p.ParameterName == "SoftwareLicense") .FirstOrDefault(); string paramValue = licenseParam != null ? licenseParam.ParameterValue : null; if (paramValue != null) { // var paramValueJson = Newtonsoft.Json.Linq.JObject.Parse(paramValue); //format of parameter:softwarelicense is as below var definition = new { StartDate = "", EndDate = "", ExpiryNoticeDays = "", LicenseType = "" }; var license = JsonConvert.DeserializeAnonymousType(paramValue, definition); DateTime startDate = Convert.ToDateTime(RBAC.DecryptPassword(license.StartDate)); DateTime endDate = Convert.ToDateTime(RBAC.DecryptPassword(license.EndDate)); int expiryNoticeDays = Convert.ToInt32(RBAC.DecryptPassword(license.ExpiryNoticeDays)); double remainingDays = (endDate - DateTime.Now).TotalDays; if (remainingDays < 0) { TempData["LicenseMessage"] = "License expired on: " + endDate.ToString("yyyy-MMM-dd"); return(RedirectToAction("LicenseExpired", "Account")); } if (expiryNoticeDays > remainingDays) { ViewData["ExpiryNotice"] = "Notice ! Your Software License is expiring in " + Convert.ToInt32(remainingDays) + " days."; //display remaining days through viewdata. } } else { TempData["LicenseMessage"] = "License Information not found.."; return(RedirectToAction("LicenseExpired", "Account")); } ViewData["ReturnUrl"] = returnUrl; return(View()); }