bool ValidLogin(Login login)
{
UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new System.TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 5
};
var user = userManager.FindByName(login.UserName);
if (user == null)
return false;
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
return false;
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password)
&& userManager.IsEmailConfirmed(user.Id))
{
if (userManager.SupportsUserLockout
&& userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else
{
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return false;
}
}
return true;
}
protected override IPrincipal ValidateUser(string userName, string password)
{
var user = _userManager.FindByName(userName);
if (user == null)
{
return(null);
}
if (_userManager.IsLockedOut(user.Id))
{
return(null);
}
var result = _userManager.CheckPassword(user, password);
if (result)
{
_userManager.ResetAccessFailedCount(user.Id);
return(new ClaimsPrincipal(_userManager.CreateIdentity(user, "HTTP Basic")));
}
if (_userManager.SupportsUserLockout)
{
_userManager.AccessFailed(user.Id);
}
return(null);
}
private ExpandedUserDTO UpdateDTOUser(ExpandedUserDTO paramExpandedUserDTO)
{
ApplicationUser result = UserManager.FindByName(paramExpandedUserDTO.UserName);
//If we could not find the user, throw an exception
if (result == null)
{
throw new Exception("Could not find the User");
}
result.Email = paramExpandedUserDTO.Email;
//Lets check if the account needs to be unlocked]
if (UserManager.IsLockedOut(result.Id))
{
//Unlock User
UserManager.ResetAccessFailedCountAsync(result.Id);
}
UserManager.Update(result);
//Was a password sent across?
if (!string.IsNullOrEmpty(paramExpandedUserDTO.Password))
{
//remove current password
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
//add new password
var AddPassword = UserManager.AddPassword(result.Id, paramExpandedUserDTO.Password);
if (AddPassword.Errors.Count() > 0)
{
throw new Exception(AddPassword.Errors.FirstOrDefault());
}
}
}
return(paramExpandedUserDTO);
}
/// <summary>
/// Sign in the user in using the user name and password
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="ipAddress"></param>
/// <param name="isPersistent"></param>
/// <param name="shouldLockout"></param>
/// <returns></returns>
public SignInStatus TronixPasswordSignIn(string userName, string password, string[] ipAddress, bool isPersistent = false, bool shouldLockout = false)
{
var user = UserManager?.FindByName(userName);
if (user == null)
{
return(SignInStatus.Failure);
}
if (user.Inactive)
{
return(SignInStatus.Failure);
}
if (UserManager.IsLockedOut(user.Id))
{
return(SignInStatus.LockedOut);
}
if (UserManager.CheckPassword(user, password))
{
UserManager.ResetAccessFailedCount(user.Id);
return(SignInOrTwoFactor(user, isPersistent, ipAddress));
}
if (!shouldLockout)
{
return(SignInStatus.Failure);
}
// If lockout is requested, increment access failed count which might lock out the user
UserManager.AccessFailed(user.Id);
return(UserManager.IsLockedOut(user.Id) ? SignInStatus.LockedOut : SignInStatus.Failure);
}
public SignInStatus TwoFactorSignIn(string provider, string code, bool isPersistent, bool rememberBrowser)
{
var userId = GetVerifiedUserId();
if (userId == null)
{
return(SignInStatus.Failure);
}
var user = UserManager.FindById(userId);
if (user == null)
{
return(SignInStatus.Failure);
}
if (UserManager.IsLockedOut(user.Id))
{
return(SignInStatus.LockedOut);
}
if (UserManager.VerifyTwoFactorToken(user.Id, provider, code))
{
// When token is verified correctly, clear the access failed count used for lockout
UserManager.ResetAccessFailedCount(user.Id);
SignInAsync(user, isPersistent, rememberBrowser);
return(SignInStatus.Success);
}
// If the token is incorrect, record the failure which also may cause the user to be locked out
UserManager.AccessFailed(user.Id);
return(SignInStatus.Failure);
}
public SignInStatus PasswordSignIn(string userName, string password, bool isPersistent, bool shouldLockout)
{
var user = UserManager.FindByName(userName);
if (user == null)
{
return(SignInStatus.Failure);
}
if (UserManager.IsLockedOut(user.Id))
{
return(SignInStatus.LockedOut);
}
if (UserManager.CheckPassword(user, password))
{
return(SignInOrTwoFactor(user, isPersistent));
}
if (shouldLockout)
{
// If lockout is requested, increment access failed count which might lock out the user
UserManager.AccessFailed(user.Id);
if (UserManager.IsLockedOut(user.Id))
{
return(SignInStatus.LockedOut);
}
}
return(SignInStatus.Failure);
}
private async Task <bool> SetLockout(UserAccountInfoViewModel model, TicketDeskUser user)
{
var currentlyLocked = UserManager.IsLockedOut(model.User.Id);
var currentlyDisabled = currentlyLocked && (user.LockoutEndDateUtc ?? DateTime.MinValue).ToUniversalTime() == DateTime.MaxValue.ToUniversalTime();
if (currentlyDisabled != model.IsDisabled || currentlyLocked != model.IsLocked)
{
DateTimeOffset newLockoutDate = DateTimeOffset.MinValue;
if (model.IsDisabled)
{
newLockoutDate = DateTimeOffset.MaxValue;
}
else if (model.IsLocked)
{
newLockoutDate = DateTimeOffset.Now.Add(UserManager.DefaultAccountLockoutTimeSpan);
}
var result = await UserManager.SetLockoutEndDateAsync(model.User.Id, newLockoutDate);
if (!result.Succeeded)
{
AddErrors(result);
}
return(result.Succeeded);
}
return(true);
}
public async Task <ActionResult> Login(LoginViewModel details, string returnUrl)
{
AppUser user = await UserManager.FindAsync(details.Name, details.Password);
AppUser currUser = UserManager.Users.FirstOrDefault(u => u.UserName == details.Name);
if ((user == null) || (currUser != null && UserManager.IsLockedOut(currUser.Id)))
{
if (currUser != null)
{
currUser.LockoutEnabled = true;
if (UserManager.IsLockedOut(currUser.Id))
{
ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}");
UserManager.ResetAccessFailedCount(currUser.Id);
}
else if (UserManager.MaxFailedAccessAttemptsBeforeLockout <= currUser.AccessFailedCount + 1)
{
currUser.LockoutEndDateUtc = DateTime.UtcNow.AddMinutes(1);
await UserManager.UpdateAsync(currUser);
UserManager.ResetAccessFailedCount(currUser.Id);
ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}");
}
else
{
UserManager.AccessFailed(currUser.Id);
ModelState.AddModelError("", $"Некорректный пароль осталось {UserManager.MaxFailedAccessAttemptsBeforeLockout - UserManager.GetAccessFailedCount(currUser.Id)} попытки.");
}
}
else
{
ModelState.AddModelError("", "Некорректное имя.");
}
}
else
{
ClaimsIdentity ident = await UserManager.CreateIdentityAsync(user,
DefaultAuthenticationTypes.ApplicationCookie);
await UserManager.ResetAccessFailedCountAsync(user.Id);
AuthManager.SignOut();
AuthManager.SignIn(new AuthenticationProperties
{
IsPersistent = true
}, ident);
AccountInfoEvent($"Account wiht name:{user.UserName}; and id:{user.Id} has been successfuly logged in");
if (!string.IsNullOrEmpty(returnUrl))
{
return(Redirect(returnUrl));
}
else
{
return(RedirectToActionPermanent("Index", "Home"));
}
}
return(View(details));
}
public ActionResult UnlockUser()
{
ApplicationDbContext context = new ApplicationDbContext();
List <ApplicationUser> AppUsers = new List <ApplicationUser>();
List <ApplicationUser> LockedAppUsers = new List <ApplicationUser>();
var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(context));
var userid = User.Identity.GetUserId();
string ZoneGroup = context.Users.SingleOrDefault(m => m.Id == userid).ZoneGroup;
if (User.IsInRole("Super User"))
{
AppUsers = context.Users.Where(m => m.Id != userid).ToList();
}
else
{
AppUsers = context.Users.Where(m => m.ZoneGroup == ZoneGroup).Where(m => m.Id != userid).ToList();
}
foreach (var item in AppUsers)
{
if (UserManager.IsLockedOut(item.Id)) //check all locked user
{
LockedAppUsers.Add(item);
}
}
ViewBag.Users = LockedAppUsers;
return(View());
}
/// <summary>
/// returns the updated ExpandedUserDTO class object paramExpandedUserDTO
/// after updating database user detail with input data
/// <param name="objExpandedUserDTO"></param>
/// <returns>ExpandedUserDTO paramExpandedUserDTO</returns>
#region private ExpandedUserDTO UpdateDTOUser(ExpandedUserDTO objExpandedUserDTO)
private ExpandedUserDTO UpdateDTOUser(ExpandedUserDTO paramExpandedUserDTO)
{
ApplicationUser result =
UserManager.FindByName(paramExpandedUserDTO.UserName);
// If we could not find the user, throw an exception
if (result == null)
{
throw new Exception("Could not find the User");
}
result.Forename = paramExpandedUserDTO.Forename;
result.Surname = paramExpandedUserDTO.Surname;
result.Street = paramExpandedUserDTO.Street;
result.Town = paramExpandedUserDTO.Town;
result.Postcode = paramExpandedUserDTO.Postcode;
result.PhoneNumber = paramExpandedUserDTO.PhoneNumber;
result.UserName = paramExpandedUserDTO.UserName;
result.Email = paramExpandedUserDTO.Email;
result.LockoutEndDateUtc = paramExpandedUserDTO.LockoutEndDateUtc;
result.LockoutEnabled = paramExpandedUserDTO.LockoutEnabled;
result.AccessFailedCount = paramExpandedUserDTO.AccessFailedCount;
// Lets check if the account needs to be unlocked
if (UserManager.IsLockedOut(result.Id))
{
// Unlock user
UserManager.ResetAccessFailedCountAsync(result.Id);
}
UserManager.Update(result);
// Was a password sent across?
if (!string.IsNullOrEmpty(paramExpandedUserDTO.Password))
{
// Remove current password
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
// Add new password
var AddPassword =
UserManager.AddPassword(
result.Id,
paramExpandedUserDTO.Password
);
if (AddPassword.Errors.Count() > 0)
{
throw new Exception(AddPassword.Errors.FirstOrDefault());
}
}
}
return(paramExpandedUserDTO);
}
public ActionResult UnlockUserPost(string userid)
{
ApplicationDbContext context = new ApplicationDbContext();
var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(context));
//unlock the USER using Identity framework/
var a = UserManager.IsLockedOut(userid); //check the status if locked
var juan = UserManager.FindById(userid); //get the id of locked user
var dt = juan.LockoutEndDateUtc; //get the lockout date
juan.LockoutEndDateUtc = dt.Value.AddDays(-1); //modify the lockout date. must be less than the current date time
var b = UserManager.IsLockedOut(userid); //check if lockout status changed
context.SaveChanges(); //save changes
SL.LogInfo(User.Identity.Name, Request.RawUrl, "User Lockout - User Unlocked - from Terminal: " + ipaddress);
return(RedirectToAction("UnlockUser"));
}
/// <summary>
/// Updates user using input
/// </summary>
/// <param name="paramExpandedUserDTO">ExpandeduserDTO of new deatils to update</param>
/// <returns>an ExpandedUserDTO of the updated user</returns>
// private ExpandedUserDTO UpdateDTOUser(ExpandedUserDTO objExpandedUserDTO)
private ExpandedUserDTO UpdateDTOUser(ExpandedUserDTO paramExpandedUserDTO)
{
ApplicationUser result =
UserManager.FindByName(paramExpandedUserDTO.UserName);
// If we could not find the user, throw an exception
if (result == null)
{
throw new Exception("Could not find the ApplicationUser");
}
//Updates Details
result.Email = paramExpandedUserDTO.Email;
result.FirstName = paramExpandedUserDTO.FirstName;
result.LastName = paramExpandedUserDTO.LastName;
result.Title = paramExpandedUserDTO.Title;
result.MobNo = paramExpandedUserDTO.MobNo;
result.AddressFirstLine = paramExpandedUserDTO.AddressFirstLine;
result.Street = paramExpandedUserDTO.Street;
result.City = paramExpandedUserDTO.City;
result.PostCode = paramExpandedUserDTO.PostCode;
// Lets check if the account needs to be unlocked
if (UserManager.IsLockedOut(result.Id))
{
// Unlock user
UserManager.ResetAccessFailedCountAsync(result.Id);
}
UserManager.Update(result);
// Was a password sent across?
if (!string.IsNullOrEmpty(paramExpandedUserDTO.Password))
{
// Remove current password
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
// Add new password
var AddPassword =
UserManager.AddPassword(
result.Id,
paramExpandedUserDTO.Password
);
if (AddPassword.Errors.Count() > 0)
{
throw new Exception(AddPassword.Errors.FirstOrDefault());
}
}
}
return(paramExpandedUserDTO);
}
public ActionResult Ban(string userId, bool LockUser = false, bool UnlockUser = false, int Amount = 0, string Dimension = "")
{
AppUser user = UserManager.FindById(userId);
if (!IsTryToDeleteAdmin(user))
{
if (UnlockUser && UserManager.IsLockedOut(userId))
{
UserManager.SetLockoutEndDate(userId, DateTimeOffset.UtcNow);
}
else if (LockUser && Amount > 0 && !string.IsNullOrEmpty(Dimension))
{
bool f = true;
DateTimeOffset endDate = DateTimeOffset.UtcNow;
switch (Dimension)
{
case "Минут":
endDate = endDate.AddMinutes(Amount);
break;
case "Часов":
endDate = endDate.AddHours(Amount);
break;
case "Дней":
endDate = endDate.AddDays(Amount);
break;
case "Месяцев":
endDate = endDate.AddMonths(Amount);
break;
default:
f = false;
ModelState.AddModelError("", "Невозможно провести данную операцию, несуществующие еденицы измерения.");
break;
}
if (f)
{
AdminInfoEvent($"Account wiht name:{user.UserName}; and id:{user.Id} has been successfuly banned till {endDate}");
UserManager.SetLockoutEndDate(userId, endDate);
}
}
else
{
ModelState.AddModelError("", "Невозможно провести данную операцию, введенные данные не являются правильными.");
}
}
else
{
ModelState.AddModelError("", "Зачем себя банить?");
}
ViewBag.DangerRoleId = GetDangerRoleId(RoleManager.Roles);
return(View("Index", UserManager.Users));
}
private CoreModels.User MapIdentityUserToUser(
IdentityUser identityUser, bool?userIsLockedFilter)
{
return(new CoreModels.User
{
UserId = identityUser.Id,
Login = identityUser.UserName,
FullName = identityUser.Email,
Roles = identityUser.Roles.Select(GetRoleById).ToList(),
AssignedEmployeeName = "",
IsActivated = userIsLockedFilter ?? !_userManager.IsLockedOut(identityUser.Id)
});
}
public SignInStatus ExternalSignIn(ExternalLoginInfo loginInfo, bool isPersistent)
{
var user = UserManager.Find(loginInfo.Login);
if (user == null)
{
return(SignInStatus.Failure);
}
if (UserManager.IsLockedOut(user.Id))
{
return(SignInStatus.LockedOut);
}
return(SignInOrTwoFactor(user, isPersistent));
}
bool ValidLogin(Login login)
{
UserStore <IdentityUser> userStore = new UserStore <IdentityUser>();
UserManager <IdentityUser> userManager = new UserManager <IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 5
};
var user = userManager.FindByName(login.UserName);
if (user == null)
{
UserNoFound = true;
return(false);
}
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
{
Locked = true;
return(false);
}
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id))
{
if (userManager.SupportsUserLockout &&
userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else
{
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
PasswordIncorrent = true;
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return(false);
}
}
return(true);
}
// Update User With UserViewModel Parameter
#region private UserViewModel UpdateUserViewModel(UserViewModel model)
private UserViewModel UpdateUserViewModel(UserViewModel model)
{
ApplicationUser result =
UserManager.FindByName(model.UserName);
// If we could not find the user, throw an exception
if (result == null)
{
throw new Exception("Could not find the User");
}
result.Email = model.Email.Trim();
result.UserName = model.Email.Trim();
// Lets check if the account needs to be unlocked
if (UserManager.IsLockedOut(result.Id))
{
// Unlock user
UserManager.ResetAccessFailedCountAsync(result.Id);
}
UserManager.Update(result);
// Was a password sent across?
if (!string.IsNullOrEmpty(model.Password))
{
// Remove current password
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
// Add new password
var AddPassword =
UserManager.AddPassword(
result.Id,
model.Password
);
if (AddPassword.Errors.Count() > 0)
{
throw new Exception(AddPassword.Errors.FirstOrDefault());
}
}
}
return(model);
}
private User UpdateDTOUser(User paramExpandedUserDTO)
{
ApplicationUser result =
UserManager.FindByName(paramExpandedUserDTO.UserName);
// If we could not find the user, throw an exception
if (result == null)
{
ModelState.AddModelError("", "Could not find the User");
return(paramExpandedUserDTO);
}
result.Email = paramExpandedUserDTO.Email;
// Lets check if the account needs to be unlocked
if (UserManager.IsLockedOut(result.Id))
{
// Unlock user attempts and set lockoutdate back into the past
UserManager.ResetAccessFailedCount(result.Id);
UserManager.SetLockoutEndDate(result.Id, DateTime.Now);
}
log.Info("Updating user " + paramExpandedUserDTO.UserName);
UserManager.Update(result);
// Was a password sent across?
if (!string.IsNullOrEmpty(paramExpandedUserDTO.Password))
{
// Remove current password
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
// Add new password
var AddPassword =
UserManager.AddPassword(
result.Id,
paramExpandedUserDTO.Password
);
log.Info(string.Format("Updated password {0}, errors: {1}", paramExpandedUserDTO.UserName, string.Join(", ", AddPassword.Errors)));
foreach (var error in AddPassword.Errors)
{
ModelState.AddModelError("Password", PasswordValidatorCodes.GetLocalizedMessageForCode(error));
}
}
}
return(paramExpandedUserDTO);
}
private ExtendedUserCustom UpdateUser(ExtendedUserCustom extUser)
{
var result = UserManager.FindByEmail(extUser.Email);
//not found
if (result == null)
{
throw new Exception("User not found.");
}
result.Email = extUser.Email.Trim();
result.FullName = extUser.FullName.Trim();
result.GroupId = extUser.GroupId;
result.MonthIntake = extUser.MonthIntake;
result.YearIntake = extUser.YearIntake;
//is account locked? unlock it
if (UserManager.IsLockedOut(result.Id))
{
UserManager.ResetAccessFailedCount(result.Id);
}
UserManager.Update(result);
//was a password sent across?
if (!string.IsNullOrEmpty(extUser.Password))
{
//remove current password
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
//add new password
var AddPassword = UserManager.AddPassword(
result.Id,
extUser.Password
);
if (AddPassword.Errors.Count() > 0)
{
throw new Exception(AddPassword.Errors.FirstOrDefault());
}
}
}
return(extUser);
}
public void LockoutAccount()
{
var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(this._session));
userManager.MaxFailedAccessAttemptsBeforeLockout = 3;
userManager.UserLockoutEnabledByDefault = true;
userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0);
userManager.Create(new ApplicationUser()
{
UserName = "******", LockoutEnabled = true
}, "Welcome");
var user = userManager.Find("test", "Welcome");
Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.IsTrue(userManager.IsLockedOut(user.Id));
}
public JsonResult GetItem(int id)
{
using (var context = new AppDbContext())
{
var user = context.Users.Include(u => u.Group)
.Include(u => u.Countries)
.SingleOrDefault(u => u.Id == id);
if (user == null)
{
HttpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest;
return(Json(new ArgumentException("User not found"), JsonRequestBehavior.AllowGet));
}
{
var userIsLockedOut = UserManager.IsLockedOut(id);
var userLockoutEndDate = userIsLockedOut ? (DateTimeOffset?)UserManager.GetLockoutEndDate(id) : null;
var result = new
{
user.Id,
user.Active,
AuthenticationType = user.AuthenticationType == AuthenticationType.ActiveDirectory ? "AD" : "Banco de Dados",
user.Name,
Login = user.UserName,
user.Email,
user.AccessAllDataVisibility,
IsPasswordExpired = user.IsPasswordExpired(),
LastPasswordChangedDate = user.LastPasswordChangedOrCreatedDate(),
DateThatMustChangePassword = user.DateThatMustChangePassword(),
UserBlockedForManyAccess = userIsLockedOut,
LockoutEndDateUtc = userLockoutEndDate,
DaysLeftToChangePassword = user.DaysLeftToChangePassword(),
Groups = user.Group.Select(r => r.Id),
Countries = user.Countries.Select(b => b.Id)
};
return(Json(result, JsonRequestBehavior.AllowGet));
}
}
}
// GET: AdminLockout
public ActionResult UnlockAdmin()
{
ApplicationDbContext context = new ApplicationDbContext();
List <ApplicationUser> AppUsers = new List <ApplicationUser>();
List <ApplicationUser> LockedUsers = new List <ApplicationUser>();
var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(context));
var userid = User.Identity.GetUserId();
string ZoneGroup = context.Users.SingleOrDefault(m => m.Id == userid).ZoneGroup;
AppUsers = context.Users.ToList();
foreach (var item in AppUsers)
{
if (UserManager.IsLockedOut(item.Id)) //check all locked user
{
LockedUsers.Add(item);
}
}
//ViewBag.Users = LockedAppUsers;
ViewBag.Users = LockedUsers;
return(View());
}
private ExpandedUser UpdateUser(ExpandedUser expUser)
{
ApplicationUser result = UserManager.FindByName(expUser.UserName);
if (result == null)
{
throw new Exception("Could not find the User");
}
result.Email = expUser.Email;
if (UserManager.IsLockedOut(result.Id))
{
UserManager.ResetAccessFailedCountAsync(result.Id);
}
UserManager.Update(result);
if (!string.IsNullOrEmpty(expUser.Password))
{
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
var AddPassword =
UserManager.AddPassword(
result.Id,
expUser.Password
);
if (AddPassword.Errors.Count() > 0)
{
throw new Exception(AddPassword.Errors.FirstOrDefault());
}
}
}
return(expUser);
}
private ExpandedUserDTO UpdateDTOUser(ExpandedUserDTO paramExpandedUserDTO)
{
ApplicationUser result =
UserManager.FindByName(paramExpandedUserDTO.UserName);
// If we could not find the user, throw an exception
if (result == null)
{
throw new Exception("Could not find the User");
}
result.Nombre = paramExpandedUserDTO.Nombre;
result.Apellido = paramExpandedUserDTO.Apellido;
result.Direccion = paramExpandedUserDTO.Direccion;
result.Telefono = paramExpandedUserDTO.Telefono;
result.Empresa = paramExpandedUserDTO.Empresa;
result.Email = paramExpandedUserDTO.Email;
// Lets check if the account needs to be unlocked
if (UserManager.IsLockedOut(result.Id))
{
// Unlock user
UserManager.ResetAccessFailedCountAsync(result.Id);
}
IdentityResult estado = UserManager.Update(result);
if (estado.Succeeded)
{
IdentityResult cambiar = UserManager.ChangePassword(result.Id, paramExpandedUserDTO.Password, paramExpandedUserDTO.Password);
if (cambiar.Errors.Count() > 0)
{
throw new Exception(cambiar.Errors.FirstOrDefault());
}
return(paramExpandedUserDTO);
}
throw new Exception("No se realizo ningun cambio!");
}
public ActionResult ViewUser(int id)
{
var user = context.Users.Find(id);
if (!_userService.CanEditUser(user))
{
TempData["Error"] = "You do not have permission to edit this user.";
return(RedirectToAction("Index"));
}
var isLocked = _userManager.IsLockedOut(id);
var model = new UserEditModel
{
Id = user.Id,
Username = user.UserName,
FirstName = user.FirstName,
LastName = user.LastName,
Email = user.Email,
RoleId = user.Roles.First().RoleId,
LocationId = user.Location != null ? user.Location.Id : 0,
VendorId = user.Vendor != null ? user.Vendor.Id : 0,
IsLocked = isLocked,
IsActive = user.IsActive,
SiteList = string.Join(",", user.userSiteAccess.Select(s => s.Id).ToArray()),
SystemList = string.Join(",", user.BuildingSystems.Select(b => b.Id))
};
if (user.Location != null)
{
model.SelectedState = user.Location.State;
model.IsInternational = user.Location.International;
}
BuildCreateEditViewData();
return(View(model));
}
public async Task <ActionResult> Activate(long id)
{
try
{
var userProfile = InsuranceBusiness.BusinessLayer.GetUserProfile(id);
var user = UserManager.FindById(userProfile.ID_User);
if (UserManager.IsLockedOut(userProfile.ID_User))
{
InsuranceBusiness.BusinessLayer.ActivateUser(userProfile.ID);
//await UnlockUserAccount(userProfile.ID_User);
await SendAccountActivation(user, userProfile.FirstName);
}
//InsuranceBusiness.BusinessLayer.ActivateUser(id);
}
catch (Exception ex)
{
InsuranceBusiness.BusinessLayer.LogException(string.Format("{0} [{1}]", Request.UserHostAddress, id), string.Format("{0}.{1}", this.ControllerContext.RouteData.Values["controller"].ToString(), this.ControllerContext.RouteData.Values["action"].ToString()), ex);
return(View("Error"));
}
return(RedirectToAction("Index"));
}
protected void BtnIniciar_Click1(object sender, EventArgs e)
{
var userStore = new UserStore<IdentityUser>();
var userManager = new UserManager<IdentityUser>(userStore);
//var user = userManager.Find(UserName.Text, Password.Text);
var user = userManager.FindByName(UserName.Text);
if (user != null)
{
var validCredentials = userManager.Find(UserName.Text, Password.Text);
if (userManager.IsLockedOut(user.Id))
{
ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()));
StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
}
else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null)
{
userManager.AccessFailed(user.Id);
string message;
if (userManager.IsLockedOut(user.Id))
{
message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
StatusText.Text = message;
}
else
{
int accessFailedCount = userManager.GetAccessFailedCount(user.Id);
int attemptsLeft =
Convert.ToInt32(
ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) -
accessFailedCount;
message = string.Format(
"Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft);
StatusText.Text = message;
}
ModelState.AddModelError("", message);
}
else if (validCredentials == null)
{
ModelState.AddModelError("", "Invalid credentials. Please try again.");
StatusText.Text = "Invalid credentials. Please try again.";
}
else
{
var authenticationManager = HttpContext.Current.GetOwinContext().Authentication;
var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity);
userManager.ResetAccessFailedCount(user.Id);
string vig = DateTime.Now.Year.ToString();
SetCookieUser(UserName.Text, vig);
string url = Request.QueryString["ReturnUrl"];
if (url == "" || url == null)
{
gesMenuAdapter mg = new gesMenuAdapter();
List<dataTree> l = mg.getOpciones("INICI", UserName.Text);
if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null)
{
SetCookieRol("administrador");
url = "/Inicio/Administrativo/Inicio.aspx";
}
else
{
if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null)
{
SetCookieRol("acudiente");
url = "/Inicio/Acudientes/Inicio.aspx";
}
}
}
IdentityHelper.RedirectToReturnUrl(url, Response);
}
}
else
{
StatusText.Text = "Invalid username or password.";
}
}
public void LockoutAccount()
{
var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this._session));
userManager.MaxFailedAccessAttemptsBeforeLockout = 3;
userManager.UserLockoutEnabledByDefault = true;
userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0);
userManager.Create(new ApplicationUser() { UserName = "******", LockoutEnabled = true }, "Welcome");
var user = userManager.Find("test", "Welcome");
Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.IsTrue(userManager.IsLockedOut(user.Id));
}
//public void DeleteRole(string roleId)
//{
// var roleUsers = _db.Users.Where(u => u.Roles.Any(r => r.RoleId == roleId));
// var role = _db.Roles.Find(roleId);
// foreach (var user in roleUsers)
// {
// this.RemoveFromRole(user.Id, role.Name);
// }
// _db.Roles.Remove(role);
// _db.SaveChanges();
//}
protected void LogIn(object sender, EventArgs e)
{
if (IsValid)
{
// Validate the user password
var manager = new UserManager();
ApplicationUser user = manager.Find(UserName.Text, Password.Text);
if (user != null)
{
bool x = manager.IsLockedOut(user.Id);
if (x)
{
usrststr.WriteStat(user.Id, "User is blocked");
FailureText.Text = "User is blocked";
ErrorMessage.Visible = true;
}
else
{
manager.ResetAccessFailedCount(user.Id);
//IdentityHelper.SignIn(manager, user, RememberMe.Checked);
IdentityHelper.SignIn(manager, user, false);
// begin statistica
usrststr.WriteStat(user.Id, "Login");
// end statistica
IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
}
}
else
{
var r = manager.FindByName(UserName.Text);
if (r != null)
{
usrststr.WriteStat(r.Id, "Invalid password.");
FailureText.Text = "Invalid password.";
ErrorMessage.Visible = true;
if (manager.IsLockedOut(r.Id))
{
}
else
{
if (manager.IsInRole(r.Id, "Administrator") == true)
{
}
else
{
var z = manager.SetLockoutEnabled(r.Id, true);
manager.AccessFailed(r.Id);
}
usrststr.WriteStat(r.Id, "Access denied.");
}
}
else
{
FailureText.Text = "Invalid username.";
ErrorMessage.Visible = true;
}
}
}
}
public async Task <ActionResult> SignIn([Bind(Include = "SinginId,Password")] SignInViewModel model)
{
bool signIn = false;
SignInLogModel log = new SignInLogModel();
log.ClientIp = GetClientIp();
log.UserCode = model.SinginId;
if (!ModelState.IsValid)
{
log.SetStatus(-1);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
return(View(model));
}
UserModel user = await UserManager.FindByNameAsync(model.SinginId);
if (user != null)
{
log.UserModelId = user.Id;
if (user.Deleted)
{
log.SetStatus(-2);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
ModelState.AddModelError("", AuthResources.AuthError);
return(View(model));
}
if (UserManager.IsLockedOut(user.Id))
{
log.SetStatus(-3);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
ModelState.AddModelError("", AuthResources.AuthUserLockedOut);
return(View(model));
}
if (UserManager.CheckPassword(user, model.Password))
{
if (user.Enabled == false)
{
log.SetStatus(-4);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
ModelState.AddModelError("", AuthResources.AuthUserDisabled);
return(View(model));
}
if (user.PasswordSkipCnt >= 3)
{
log.SetStatus(-5);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
ModelState.AddModelError("", AuthResources.AuthPasswordNoChange);
return(View(model));
}
signIn = true;
}
else
{
UserManager.AccessFailed(user.Id);
if (UserManager.IsLockedOut(user.Id))
{
log.SetStatus(-6);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
ModelState.AddModelError("", AuthResources.AuthUserLockedOutNow);
return(View(model));
}
}
}
if (signIn)
{
user = await UserManager.FindAsync(model.SinginId, model.Password);
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity identity = await user.GenerateUserIdentityAsync(UserManager);
AuthenticationManager.SignIn(new AuthenticationProperties()
{
IsPersistent = false
}, identity);
await UserManager.ResetAccessFailedCountAsync(user.Id);
log.SetStatus(0);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
if (user.Expiration < DateTime.Now)
{
user.PasswordSkipCnt++;
await UserManager.UpdateAsync(user);
return(RedirectToAction("ExpirationChangePassword"));
}
// await UserManager.UpdateAsync(user);
}
else
{
log.SetStatus(-7);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
ModelState.AddModelError("", AuthResources.AuthError);
return(View(model));
}
return(RedirectToHome());
}
bool ValidLogin(Login login)
{
UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 3
};
var user = userManager.FindByName(login.UserName);
if (user == null)
return false;
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
{
return false;
}
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password))
{
if (userManager.SupportsUserLockout
&& userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else {
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return false;
}
CaptchaHelper captchaHelper = new CaptchaHelper();
string captchaResponse = captchaHelper.CheckRecaptcha();
if (captchaResponse != "Valid")
{
ViewBag.ErrorResponse = "The captcha must be valid";
}
}
return true;
}
//public IEnumerable<SelectListItem> ReadRoles()
//{
// IList<SelectListItem> result = new List<SelectListItem>
// {
// new SelectListItem
// {
// Text = RoleType.Company.GetEnumDescription(),
// Value = RoleType.Company.ToString()
// },
// new SelectListItem
// {
// Text = RoleType.Supervise.GetEnumDescription(),
// Value = RoleType.Supervise.ToString()
// },
// new SelectListItem
// {
// Text = RoleType.Guidance.GetEnumDescription(),
// Value = RoleType.Guidance.ToString()
// }
// };
// return result;
//}
public bool?Update(UserManager <ApplicationUser> userManager, string key, UserViewModel model)
{
bool allSuccess = true;
var user = userManager.Users.Where(u => u.Id == key).SingleOrDefault();
if (user == null)
{
return(null);
}
// Role
if (!string.IsNullOrEmpty(model.Role.Value))
{
if (!userManager.IsInRole(key, model.Role.Value))
{
var roles = userManager.GetRoles(key).ToArray();
IdentityResult result = userManager.RemoveFromRoles(key, roles);
if (result.Succeeded)
{
result = userManager.AddToRole(key, model.Role.Value);
}
allSuccess &= result.Succeeded;
}
}
// Consultant
//if (!string.IsNullOrEmpty(model.Consultant.Value))
//{
// var customer = this.DbContext.Customers.Where(c => c.UserId == key).SingleOrDefault();
// if (customer == null)
// return null;
// customer.ConsultantId = model.Consultant.Value;
// try
// {
// this.DbContext.SaveChanges();
// }
// catch
// {
// allSuccess = false;
// }
//}
var customer = this.DbContext.Customers.Where(c => c.UserId == key).SingleOrDefault();
if (customer == null)
{
return(null);
}
customer.ConsultantId = model.Consultant.Value;
try
{
this.DbContext.SaveChanges();
}
catch
{
allSuccess = false;
}
// LockedOut
if (userManager.IsLockedOut(key) != model.LockedOut)
{
IdentityResult result;
if (model.LockedOut)
{
result = userManager.SetLockoutEnabled(key, true);
if (result.Succeeded)
{
result = userManager.SetLockoutEndDate(key, DateTimeOffset.MaxValue);
}
}
else
{
result = userManager.SetLockoutEnabled(key, false);
if (result.Succeeded)
{
result = userManager.ResetAccessFailedCount(key);
}
}
allSuccess &= result.Succeeded;
}
return(allSuccess);
}
// http://www.byteblocks.com/Post/AspNet-Identity-Lock-and-Unlock-User-Accounts
public DataSourceResponse <UserViewModel> Read(UserManager <ApplicationUser> userManager, DataSourceRequest request)
{
string cmdText = @"
SELECT u.Id UserId,
c.[Name] CustomerName,
cuc.[Name] ConsultantText,
cu.Id ConsultantValue,
r.[Name] RoleValue
FROM AspNetUsers u
LEFT JOIN AspNetUserRoles ur ON u.Id = ur.UserId
LEFT JOIN AspNetRoles r ON ur.RoleId = r.Id
LEFT JOIN Customer c ON c.UserId = u.Id
LEFT JOIN AspNetUsers cu ON c.ConsultantId = cu.Id
LEFT JOIN Customer cuc ON cu.Id = cuc.UserId
WHERE r.[Name] = 'Supervise'
OR r.[Name] = 'Guidance'
OR r.[Name] = 'Company'
OR r.[Name] IS NULL
ORDER BY u.Id";
IList <UserViewModel> users = new List <UserViewModel>();
this.ReadData(dataReader =>
{
var consultant = new SelectListItem();
consultant.Text = this.DbToString(dataReader["ConsultantText"]);
consultant.Value = this.DbToString(dataReader["ConsultantValue"]);
var role = new SelectListItem();
if (dataReader["RoleValue"] != DBNull.Value)
{
role.Value = dataReader["RoleValue"].ToString();
if (Enum.TryParse <RoleType>(role.Value, out RoleType roleType))
{
role.Text = roleType.GetEnumDescription();
}
}
users.Add(new UserViewModel
{
UserId = dataReader["UserId"].ToString(),
CustomerName = this.DbToString(dataReader["CustomerName"]),
Consultant = consultant,
Role = role
});
}, cmdText);
foreach (var user in users)
{
user.LockedOut = userManager.IsLockedOut(user.UserId);
}
var response = new DataSourceResponse <UserViewModel>();
response.TotalRowCount = users.Count;
if (request.ServerPaging != null)
{
int skip = Math.Max(request.ServerPaging.PageSize * (request.ServerPaging.Page - 1), val2: 0);
users = users.OrderBy(u => u.UserId).Skip(skip).Take(request.ServerPaging.PageSize).ToList();
}
response.DataCollection = users;
return(response);
}
