protected void LinkButton1_Click(object sender, EventArgs e)
{
uxLogin.PasswordRequiredErrorMessage = string.Empty;
Page.Validate("uxLogin");
if (Page.IsValid || (uxLogin.UserName.Length > 0 && !Page.IsValid))
{
SRPUser u = SRPUser.FetchByUsername(uxLogin.UserName);
if (u != null)
{
// send email
}
uxMessageBox.Visible = true;
FailureText.Text = SRPResources.PasswordEmailed;
}
}
protected void Button1_Click(object sender, EventArgs e)
{
lblMessage.Text =
"Your password has been emailed to the address associated with the account and should arrive shortly.";
SRPUser user = SRPUser.FetchByUsername(uxUsername.Text);
if (user != null)
{
//Send Email;.....
string baseUrl = Request.Url.Scheme + "://" + Request.Url.Authority + Request.ApplicationPath.TrimEnd('/');
var EmailBody =
"<h1>Dear " + user.FirstName + ",</h1><br><br>This is your current account information. Please make sure you reset your password as soon as you are able to log back in.<br><br>" +
"Username: "******"<br>Password: "******"<br><br>If you have any questions regarding your account please contact " + SRPSettings.GetSettingValue("ContactName") +
" at " + SRPSettings.GetSettingValue("ContactEmail") + "." +
"<br><br><br><a href='" + baseUrl + "'>" + baseUrl + "</a> <br> <a href='" + baseUrl + "/ControlRoom'>" + baseUrl + "/ControlRoom</a>";
EmailService.SendEmail(user.EmailAddress, "Summer Reading Program - Control Room Password recovery", EmailBody);
}
}
public void OnAuthenticate(object sender, AuthenticateEventArgs e)
{
if (Page.IsValid)
{
SRPUser user = new SRPUser();
bool auth = SRPUser.Login(uxLogin.UserName,
uxLogin.Password, Session.SessionID,
Request.UserHostAddress == "::1" ? "127.0.0.1" : Request.UserHostAddress,
Request.UserHostName == "::1" ? "localhost" : Request.UserHostName,
Request.Browser.Browser + " - v" + Request.Browser.MajorVersion + Request.Browser.MinorVersionString);
if (!auth)
{
uxMessageBox.Visible = true;
FailureText.Text = SRPResources.BadUserPass;
//Account Inactive
//
e.Authenticated = false;
}
else
{
e.Authenticated = true;
}
if (e.Authenticated)
{
// handle remember me
if (uxLogin.RememberMeSet == true)
{
var rememberMe = new HttpCookie("ControlRoomUsername", uxLogin.UserName);
rememberMe.Expires = DateTime.Now.AddDays(14);
Response.Cookies.Set(rememberMe);
}
else
{
var rememberMe = new HttpCookie("ControlRoomUsername", string.Empty);
rememberMe.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Set(rememberMe);
}
// Put User Profile into Session.
// Put Security roles into session
// = ConfigurationManager.AppSettings["ApplicationName"];
user = SRPUser.FetchByUsername(uxLogin.UserName);
Session[SessionData.IsLoggedIn.ToString()] = true;
Session[SessionData.UserProfile.ToString()] = user;
List <SRPPermission> perms = user.EffectiveUserPermissions();
//Session[SessionData.PermissionList.ToString()] = perms;
string permList = string.Empty;
foreach (SRPPermission perm in perms)
{
permList += String.Format("#{0}", perm.Permission);
}
Session[SessionData.StringPermissionList.ToString()] = permList;
Session["TenantID"] = user.TenID;
Session[CRSessionKey.TenantID] = user.TenID;
var tenant = Tenant.FetchObject(user.TenID);
Session[CRSessionKey.IsMaster] = tenant.isMasterFlag;
if (user.MustResetPassword)
{
this.Log().Info("Redirecting {0} to mandatory password reset.",
user.Username);
Response.Redirect("~/ControlRoom/PasswordReset.aspx");
}
//List<CMSFolder> folders = user.EffectiveUserFolders();
//Session[SessionData.FoldersList.ToString()] = folders;
//string foldersList= string.Empty;
//foreach (CMSFolder folder in folders)
// foldersList += string.Format("#{0}", folder.Folder);
//Session[SessionData.StringFoldersList.ToString()] = foldersList;
////// to do - make sure these are in the settings module/ complete the settings module
////string[] HideFolders = new string[] { ".svn", "CVS", "app_data", "properties", "bin", "obj", "controls", "core", "controlroom", "app_themes" };
////CMSSettings.SetSetting("HideFolders", HideFolders, ",");
////string[] HideFiles = new string[] { ".*" };
////CMSSettings.SetSetting("HideFiles", HideFiles, ",");
////string[] AllowedExtensions = new string[] { };
////CMSSettings.SetSetting("AllowedExtensions", AllowedExtensions, ",");
////string[] DeniedExtensions = new string[] { };
////CMSSettings.SetSetting("DeniedExtensions", DeniedExtensions, ",");
////// end to do
FormsAuthentication.RedirectFromLoginPage(uxLogin.UserName, false);
}
}
else
{
uxMessageBox.Visible = true;
}
}
protected void Button1_Click(object sender, EventArgs e)
{
string userId = new SRPUser().GetUsernameByEmail(uxEmailaddress.Text);
string remoteAddress = new Tools.WebTools().RemoteUserAddress(Request);
if (string.IsNullOrEmpty(userId))
{
// user requested a password for an email address that is not in the database
// if account doesn't exist, send an email saying so
var values = new {
SystemName = SRPSettings.GetSettingValue("SysName", 1),
ControlRoomLink = string.Format("{0}{1}",
BaseUrl,
"/ControlRoom/LoginRecovery.aspx"),
ContactName = SRPSettings.GetSettingValue("ContactName", 1),
ContactEmail = SRPSettings.GetSettingValue("ContactEmail", 1),
RemoteAddress = remoteAddress,
UserEmail = uxEmailaddress.Text,
PasswordResetSubject = SRPResources.PasswordEmailSubject
};
this.Log().Info("User at {0} requested password reset for nonexistent email {1}",
values.RemoteAddress,
values.UserEmail);
// TODO email - move this template out to the database
StringBuilder body = new StringBuilder();
body.Append("<p>A password reset request was received by {SystemName} for your ");
body.Append("address. Unfortunately no account could be found associated with ");
body.Append("this email address.</p>");
body.Append("<p>If you initiated this request, feel free to ");
body.Append("<a href=\"{ControlRoomLink}\">try requesting the password</a> ");
body.Append("for any other email address you might have used.</p>");
body.Append("<p>If you have any comments or questions, please contact ");
body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
body.Append("</a>.</p>");
body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
body.Append("submitted from: {RemoteAddress}.</em></p>");
new EmailService().SendEmail(uxEmailaddress.Text,
"{SystemName} - {PasswordResetSubject}".FormatWith(values),
body.ToString().FormatWith(values));
}
else
{
SRPUser lookupUser = SRPUser.FetchByUsername(userId);
string passwordResetToken = lookupUser.GeneratePasswordResetToken();
if (string.IsNullOrEmpty(passwordResetToken))
{
lblMessage.Text = "Unable to initiate password reset process.";
return;
}
var values = new {
SystemName = SRPSettings.GetSettingValue("SysName", lookupUser.TenID),
PasswordResetLink = string.Format("{0}{1}?token={2}",
BaseUrl,
"/ControlRoom/PasswordRecovery.aspx",
passwordResetToken),
ContactName = SRPSettings.GetSettingValue("ContactName", lookupUser.TenID),
ContactEmail = SRPSettings.GetSettingValue("ContactEmail", lookupUser.TenID),
RemoteAddress = remoteAddress,
UserEmail = uxEmailaddress.Text,
PasswordResetSubject = SRPResources.PasswordEmailSubject,
};
this.Log().Info("User at {0} requested password reset for email {1}",
values.RemoteAddress,
values.UserEmail);
// TODO email - move this template out to the database
StringBuilder body = new StringBuilder();
body.Append("<p>A password reset request was received by {SystemName} for your ");
body.Append("address.</p>");
body.Append("<p>Please <a href=\"{PasswordResetLink}\">click here</a> ");
body.Append("to create a new password for your account.</p>");
body.Append("<p>If you did not initiate this request, take no action and your ");
body.Append("password will not be changed.</p>");
body.Append("<p>If you have any comments or questions, please contact ");
body.Append("{ContactName} at <a href=\"mailto:{ContactEmail}\">{ContactEmail}");
body.Append("</a>.</p>");
body.Append("<p style=\"font-size: smaller;\"><em>This password request was ");
body.Append("submitted from: {RemoteAddress}.</em></p>");
new EmailService().SendEmail(uxEmailaddress.Text,
"{SystemName} - {PasswordResetSubject}".FormatWith(values),
body.ToString().FormatWith(values));
}
lblMessage.Text = "Processing your password reset request, you should receive an email soon.";
}
