protected void ButtonLogin_Click(object sender, EventArgs e)
{
string sql = "SELECT email, nombre, apellidos, tipo " +
"FROM Usuarios " +
"WHERE email = @email " +
"AND pass = @password";
byte[] hashedPass = AppSecurity.GenerateHash(textBoxPassword.Text);
Dictionary <string, object> parameters = new Dictionary <string, object> {
{ "@email", textBoxEmail.Text },
{ "@password", hashedPass }
};
try {
QueryResult queryResult = DataAccess.Query(sql, parameters);
if (queryResult.Rows.Count != 1)
{
Debug.WriteLine("Wrong credentials");
}
else
{
Session["IsLogged"] = true;
string email = Convert.ToString(queryResult.Rows[0]["email"]);
Session["Email"] = email;
Session["Name"] = queryResult.Rows[0]["nombre"];
Session["LastName"] = queryResult.Rows[0]["apellidos"];
string tipo = Convert.ToString(queryResult.Rows[0]["tipo"]);
Session["UserType"] = GetUserTypeName(email, tipo);
FormsAuthentication.SetAuthCookie(Session["UserType"].ToString(), true);
AddConnectedUsers(Session["UserType"].ToString(), email);
Response.Redirect(AppConfig.WebSite.MainPage);
}
} catch (Exception ex) {
Debug.WriteLine("Exception caught: " + ex.Message);
NotificationData data = new NotificationData {
Title = "Exception caught",
Body = $"Could not perform the login correctly.",
Level = AlertLevel.Danger,
Dismissible = true
};
Master.UserNotification.ShowNotification(data);
}
}
// TODO: Check MailDefinition. https://stackoverflow.com/a/886750/4134376
protected void ButtonCreateAccount_Click(object sender, EventArgs e)
{
bool isEnrolled = false;
NotificationData data = new NotificationData();
try {
isEnrolled = IsEnrolledUser(textBoxEmail.Text);
if (!isEnrolled)
{
data.Body = "The user is not enrolled.";
data.Level = AlertLevel.Warning;
data.Dismissible = true;
}
} catch (WebException) {
data.Body = "Could not perform the enrollment check.";
data.Level = AlertLevel.Danger;
data.Dismissible = true;
}
EnrolledEmailValidator.IsValid = isEnrolled;
if (!isEnrolled)
{
Master.UserNotification.ShowNotification(data);
return;
}
Random generator = new Random();
int code = (int)(generator.Next(0, 999999) + 1000000);
ParametizedUrl parametizedUrl = new ParametizedUrl($"{UrlUtils.UrlRoot}{Page.ResolveUrl(@"~/Confirmar")}")
{
{ "email", textBoxEmail.Text },
{ "code", code.ToString() }
};
string displayName = "HADS";
string address = "*****@*****.**";
string subject = "Confirm Account";
string emailTemplate = File.ReadAllText(HttpContext.Current.Server.MapPath("~/MailTemplates/AccountVerification.html"));
/*
* Email Fields:
* 0 LogoImgUrl
* 1 Name
* 2 LastName
* 3 VerificationUrl
* 4 HelpWebsiteUrl
* 5 WebsiteUrl
* 6 FooterLogoImgUrl
*/
string[] emailFields =
{
"",
textBoxName.Text,
textBoxLastName.Text,
parametizedUrl,
"",
UrlUtils.UrlRoot,
""
};
string emailHtml = String.Format(emailTemplate, emailFields);
MailMessage mail = new MailMessage();
mail.From = new MailAddress(address, displayName);
mail.To.Add(new MailAddress(textBoxEmail.Text));
mail.Subject = subject;
mail.AlternateViews.Add(AlternateView.CreateAlternateViewFromString(emailHtml, null, MediaTypeNames.Text.Html));
mail.IsBodyHtml = true;
try {
string sql = "INSERT INTO Usuarios(email, nombre, apellidos, numconfir, tipo, pass) VALUES(@email, @nombre, @apellidos, @numconfir, @tipo, @pass)";
Dictionary <string, object> parameters = new Dictionary <string, object> {
{ "@email", textBoxEmail.Text },
{ "@nombre", textBoxName.Text },
{ "@apellidos", textBoxLastName.Text },
{ "@numconfir", code },
{ "@tipo", dropDownRol.SelectedValue },
{ "@pass", AppSecurity.GenerateHash(textBoxPassword.Text) }
};
int affectedRows = DataAccess.NonQuery(sql, parameters);
if (affectedRows == 1)
{
this.EmailService.SendEmail(mail);
Session["NotificationData"] = new NotificationData()
{
Title = "Confirm Email",
Body = $"Confirmation email sent to <span class=\"font-weight-bold font-italic\">{textBoxEmail.Text}</span>. Please verify your account email.",
Level = AlertLevel.Info
};
//Session["NotificationData"] as NotificationData).Body += $"<br><br><strong><small><a href=\"{parametizedUrl}\">Ir a Pagina de Confirmacion de forma Directa</a></small></strong>";
Response.RedirectToRoute("WebNotification");
}
else
{
throw new Exception($"Unexpected number of rows affected.\nExpected: 1\nObtained: {affectedRows}");
}
} catch (Exception ex) {
Debug.WriteLine("Exception caught: " + ex.Message);
NotificationData exceptionData = new NotificationData()
{
Title = "Exception Trown",
Body = ex.Message,
Level = AlertLevel.Danger,
Dismissible = true
};
Master.UserNotification.ShowNotification(exceptionData);
}
}
