public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {

                var allusers = from usertabel in database.dx_user where usertabel.userid == model.UserName select usertabel;
                if (allusers.ToList().Count == 1)
                {

                    var UserRecord = allusers.First();
                    if (UserRecord.pwdhash.Equals(generateHash(UserRecord.psalt, model.Password)))
                    {
                        FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
                        if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                            && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                        {
                            return Redirect(returnUrl);
                        }
                        else
                        {
                            return RedirectToAction("Index", "Home");
                        }
                    }
                }
                else
                {
                    ModelState.AddModelError("", "The user name or password provided is incorrect.");
                }

            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }
Esempio n. 2
0
        //
        // POST: /Account/LogOn
        private bool logonValidations(LogOnModel model)
        {
            if (!Regex.IsMatch(model.UserName, @"^([\w\.\-]+)@([\w\-]+)((\.(\w){2,3})+)$"))
            {
                ModelState.AddModelError("", "Email-id or password incorrect please try agian!!.");
                return false;
            }

            if (!Regex.IsMatch(model.Password, @"^.*(?=.{10,18})(?=.*\d)(?=.*[A-Za-z])(?=.*[@%&#]{0,}).*$"))
            {
                ModelState.AddModelError("", "Email-id or password incorrect please try agian!!.");
                return false;
            }

            return true;
        }
Esempio n. 3
0
        public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            try
            {
                //Login attempts
                if (SessionKeyMgmt.LoginAttempts == 0)
                {
                    SessionKeyMgmt.LoginAttempts = 1;
                }
                else
                {
                    int count = SessionKeyMgmt.LoginAttempts;
                    count++;
                    SessionKeyMgmt.LoginAttempts = count;

                    if (model.Captcha != null)
                    {
                        if (verifyCaptcha() == false)
                        {
                            ViewBag.CaptchaGuid = Guid.NewGuid().ToString("N");
                            return View(model);

                        }
                        ViewBag.CaptchaGuid = Guid.NewGuid().ToString("N");
                    }
                }

                if (model.Captcha == null)
                {
                    model.Captcha = "";
                }
                //Login attempts end

                if (logonValidations(model) == false)
                {
                    return View(model);
                }

                if (ModelState.IsValid)
                {

                    var allusers = from usertabel in database.DX_USER where usertabel.userid == model.UserName select usertabel;
                    if (allusers != null && allusers.ToList().Count == 1)
                    {

                        var UserRecord = allusers.First();
                        if (UserRecord.pwdhash.Equals(generateHash(UserRecord.salt, model.Password)))
                        {

                            FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);

                            //Set userid in session
                            SessionKeyMgmt.UserId = model.UserName;

                            //Get the department
                            SessionKeyMgmt.UserDept = DbCommonQueries.getDepartmentName(model.UserName, database);

                            SessionKeyMgmt.LoginAttempts = 0;

                          //  Roles.DeleteCookie();

                            //Security checkpoint for preventing open redirect attack
                            if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                                && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                            {
                                return Redirect(returnUrl);
                            }
                            else
                            {
                                return RedirectToAction("RespectiveHome");
                            }
                        }
                        else
                        {
                            ModelState.AddModelError("", "Email-id or password provided is incorrect please try again!!");
                        }
                    }
                    else
                    {
                        ModelState.AddModelError("", "Email-id or password incorrect please try agian!!");
                    }

                }
                else
                {
                    ModelState.AddModelError("", "This is invalid request. Please provide email and passwod");
                }
                // If we got this far, something failed, redisplay form
            }
            catch (Exception)
            {
                ModelState.AddModelError("", "Can not process request, please try after some time!");
            }
            return View(model);
        }
Esempio n. 4
0
        public ActionResult LogOnAsGuestUser(string returnUrl)
        {
            LogOnModel model = new LogOnModel();
            model.UserName = "******";
            model.Password = "******";

            try
            {
                if (ModelState.IsValid)
                {

                    var allusers = from usertabel in database.DX_USER where usertabel.userid == model.UserName select usertabel;
                    if (allusers != null && allusers.ToList().Count == 1)
                    {

                        var UserRecord = allusers.First();
                        if (UserRecord.pwdhash.Equals(generateHash(UserRecord.salt, model.Password)))
                        {

                            FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);

                            //Set userid in session
                            SessionKeyMgmt.UserId = model.UserName;

                            //Get the department
                            SessionKeyMgmt.UserDept = DbCommonQueries.getDepartmentName(model.UserName, database);

                            //Security checkpoint for preventing open redirect attack
                            if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                                && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                            {
                                return Redirect(returnUrl);
                            }
                            else
                            {
                                return RedirectToAction("RespectiveHome");
                            }
                        }
                        else
                        {
                            ModelState.AddModelError("", "password provided is incorrect.");
                        }
                    }
                    else
                    {
                        ModelState.AddModelError("", "Email id incorrect please try again!");
                    }

                }
                else
                {
                    ModelState.AddModelError("", "Email id and password provided is incorrect.");
                }
                // If we got this far, something failed, redisplay form
            }
            catch (Exception)
            {
                ModelState.AddModelError("", "Can not process request, please try after some time!");
            }
            return View(model);
        }
Esempio n. 5
0
 public ActionResult LogOn()
 {
     ViewBag.CaptchaGuid = Guid.NewGuid().ToString("N");
     LogOnModel model = new LogOnModel();
     return View(model);
 }