public async System.Threading.Tasks.Task<ActionResult> Login(ProfileModel model, string actionRequest) { ViewBag.Title = "Logon"; ViewBag.ChangePassword = false; if (actionRequest != null) { if (actionRequest == "Login") { if (model.user_name == null || model.user_name.Length == 0 || model.password == null || model.password.Length == 0) { FormsAuthentication.SignOut(); Session["ProfileContactId"] = null; Session["ProfileUserId"] = model.user_name; ModelState.AddModelError(string.Empty, "UserId and Password are required."); } else { using (var connection = new MySqlConnection(ConfigurationManager.ConnectionStrings[Constants.ConnectionStringName].ConnectionString)) { await connection.OpenAsync(); model = await new UserRepository(connection).LoginValidation(model.user_name, model.password); } if (model == null) { FormsAuthentication.SignOut(); ModelState.AddModelError(string.Empty, "UserId or Password is invalid,please retry."); } else if (model != null && String.IsNullOrEmpty(model.secretanswer)) { ModelState.AddModelError(string.Empty, "You must change your password and answer a security question."); ViewBag.Title = "Change Password"; ViewBag.ChangePassword = true; } else { Session["ProfileContactId"] = model.contact_id.ToString(); Session["ProfileUser"] = model; FormsAuthentication.SetAuthCookie(model.user_name, false); Session["ProfileUserId"] = model.user_name; return RedirectToAction("Dashboard", "Dashboard"); } } } else if (actionRequest == "Cancel") { } else if (actionRequest == "Save") { if (ValidateNewLoginAuthenication(model)) { using (var connection = new MySqlConnection(ConfigurationManager.ConnectionStrings[Constants.ConnectionStringName].ConnectionString)) { await connection.OpenAsync(); bool success = await new UserRepository(connection).LoginUpdate(model.user_name, model.password, model.newsecretanswer); } FormsAuthentication.SignOut(); ModelState.AddModelError(string.Empty, "Your password has been saved, Please Log in."); model = null; } } else if (actionRequest == "Change Password") { ViewBag.Title = "Change Password"; ViewBag.ChangePassword = true; } } return View(model); }
private bool ValidateNewLoginAuthenication(ProfileModel model) { bool successful = true; string errorMessage = null; if (string.IsNullOrEmpty(model.user_name)) { errorMessage += " Must enter a userid."; } if (string.IsNullOrEmpty(model.password) || string.IsNullOrEmpty(model.reenterpassword)) { errorMessage += " Must enter and re-enter Password."; } else if (string.Compare(model.password, model.reenterpassword, false) != 0) { errorMessage += " Password mismatch."; } if (string.IsNullOrEmpty(model.newsecretanswer)) { errorMessage += " Must enter a Secret answer."; } else { ProfileModel currentmodel = null; using (var connection = new MySqlConnection(ConfigurationManager.ConnectionStrings[Constants.ConnectionStringName].ConnectionString)) { currentmodel = new UserRepository(connection).LoginGetbyUserId(model.user_name); } if(currentmodel != null) { model.secretanswer = currentmodel.secretanswer; } if (!string.IsNullOrEmpty(model.secretanswer) && string.Compare(model.secretanswer, model.newsecretanswer, false) != 0) { errorMessage += " Secret Answer Mismatch."; } } if (errorMessage != null) { ViewBag.Title = "Change Password"; ViewBag.ChangePassword = true; ModelState.AddModelError(string.Empty, errorMessage); successful = false; } return successful; }