// проверка кэша паролей
public bool CheckPassCache(string login, string password)
{
string msg = null;
STUser dbuser;
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
// находим юзера в БД по логину
int retvalue = clUser.GetRecordByUserLogin(login, out dbuser, out msg);
// находим кэш паролей в БД по логину юзера
List <STPassCache> lstpc = new List <STPassCache>();
retvalue = clUser.GetPassCache(login, out lstpc, out msg);
if (lstpc.Count <= 0)
{
return(false);
}
// сравниваем введенный пароль со спсиком паролей
foreach (STPassCache pc in lstpc)
{
string PASS = CreatePasswordHash(password, pc.passwordsalt);
if (pc.password == PASS)
{
return(true);
}
}
return(false);
}
public UserModels GetUserByLogin(string login)
{
UserModels ret = new UserModels();
STUser data = new STUser();
string msg;
CCondition clCondition = new CCondition();
CPermission clPermission = new CPermission();
try
{
CUser clUser =
new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
int retvalue = clUser.GetRecordByUserLogin(login, out data, out msg);
ret = new UserModels();
ret.UserId = data.userid;
ret.UserName = data.username;
ret.Login = data.login;
ret.Comments = data.comments;
ret.Condition = clCondition.GetName(data.condition);
ret.Permission = clPermission.GetName(data.permission);
// ret.Password = data.password;
// ret.ConfirmPassword = ret.Password;
ret.Email = data.email;
ret.OwnerUserId = data.owneruserid;
ret.OwnerUserName = data.ownerusername;
}
catch (Exception ex) { msg = ex.Message; }
return(ret);
}
// проверка текущего пароля
public bool ValidateChangePassword(string login, string password, out string msg)
{
msg = null;
bool ret = true;
try
{
STUser dbuser;
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
// находим юзера в БД по логину
int retvalue = clUser.GetRecordByUserLogin(login, out dbuser, out msg);
// сравниваем пароль
if (dbuser.password == CreatePasswordHash(password, dbuser.passwordsalt) && dbuser.isactivated == true)
{
return(true);
}
else
{
msg = "The current password is incorrect.";
return(false);
}
}
catch (Exception ex) { msg = ex.Message; ret = false; }
return(ret);
}
public static string UserId()
{
string msg;
STUser rd = new STUser();
CUser clUser = new CUser(null, ConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString,
ConfigurationManager.AppSettings["Logpath"]);
clUser.GetRecordByUserLogin(HttpContext.Current.User.Identity.Name, out rd, out msg);
return(rd.userid);
}
public int LogON(string login, string password, out string msg)
{
int ret = 0;
msg = null;
CUser clUser = new CUser(null, LocalData.CSDbUsers(), LocalData.LogPath());
STUser stUser;
int retvalue = clUser.GetRecordByUserLogin(login, out stUser, out msg);
if (retvalue != 0)
{
return(-1);
}
else
{
if (stUser.userid == null)
{
string smsg = string.Format("Invalid user ({0})", login);
CUdpSender clUDp = new CUdpSender(LocalData.Host(), LocalData.Port(), LocalData.LogPath());
clUDp.Send(LocalData.Facility(), LocalData.TagId(), "UWA101", smsg);
return(2);
}
if (stUser.islock)
{
msg = string.Format("The user \"{0}\" has temporarily blocked for 30 minutes", login);
return(3);
}
if (!UserModelsRepository.Instance.ValidateLogOnPassword(stUser, password, out msg))
{
string smsg = string.Format("Invalid password for user ({0})", login);
CUdpSender clUDp = new CUdpSender(LocalData.Host(), LocalData.Port(), LocalData.LogPath());
clUDp.Send(LocalData.Facility(), LocalData.TagId(), "UWA102", smsg);
// msg = smsg;
return(4);
}
if (stUser.passvaliddate <= DateTime.Now)
{
return(1);
}
}
return(ret);
}
public ActionResult EnterLoginFPS(LogOnModel model)
{
string msg;
CUser clUser = new CUser(null, LocalData.CSDbUsers(), LocalData.LogPath());
STUser stUser;
int ret = clUser.GetRecordByUserLogin(model.Login, out stUser, out msg);
if (ret == 0 && stUser.login != null)
{
if (stUser.islock)
{
ViewData["Information"] = string.Format("The user \"{0}\" has temporarily blocked for 30 minutes", stUser.login);
return(View("Information"));
}
else
{
UserModelsRepository.Instance.SentLink(stUser);
}
}
ViewData["Information"] = "We sent a link to change the password to your email.";
return(View("Information"));
}
// смена пароля в БД
public bool ChangePassword(string login, string oldPassword, string newPassword)
{
STUser data = new STUser();
string msg;
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
// находим юзера в БД по логину
int ret = clUser.GetRecordByUserLogin(login, out data, out msg);
if (ret != 0)
{
return(false);
}
// соль
string passwordsalt = CreateSalt();
// кодируем пароль
string password = CreatePasswordHash(newPassword, passwordsalt);
// дата действия пароля 6 месяцев
DateTime passvaliddate = DateTime.Now.AddMonths(6);;
// делаем изменения в БД
int retvalue = clUser.UpdatePassword(data.userid, password, passwordsalt, passvaliddate, out msg);
if (retvalue != 0)
{
return(false);
}
// добавляем пароль в кэш паорелей в БД
STPassCache pc = new STPassCache();
pc.password = password;
pc.passwordsalt = passwordsalt;
clUser.AddPassToPassCache(login, pc, out msg);
return(true);
}
/* public string GetUserNameByEmail(string email)
* {
* string ret = null;
*
* STUser stUser = new STUser();
* string msg = null;
* CUser clUser =
* new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
* int retvalue = clUser.GetRecordByUserEmail(email, out stUser, out msg);
*
* return stUser.userid;
* }*/
public MembershipUser GetUser(string username)
{
STUser data = new STUser();
string msg;
CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
int retvalue = clUser.GetRecordByUserLogin(username, out data, out msg);
string _username = data.login;
int _providerUserKey = 0;
string _email = data.email;
string _passwordQuestion = "";
string _comment = data.comments;
bool _isApproved = data.isactivated;
bool _isLockedOut = false;
DateTime _creationDate = data.creationdate;
DateTime _lastLoginDate = data.modifieddate;
DateTime _lastActivityDate = DateTime.Now;
DateTime _lastPasswordChangedDate = DateTime.Now;
DateTime _lastLockedOutDate = DateTime.Now;
MembershipUser user = new MembershipUser("LocalMembershipProvider",
_username,
_providerUserKey,
_email,
_passwordQuestion,
_comment,
_isApproved,
_isLockedOut,
_creationDate,
_lastLoginDate,
_lastActivityDate,
_lastPasswordChangedDate,
_lastLockedOutDate);
return(user);
}
public int AddUser(UserModels model, out string msg)
{
int ret = 0;
STUser data = new STUser();
msg = null;
CCondition clCondition = new CCondition();
CPermission clPermission = new CPermission();
try
{
CUser clUser =
new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
ret = clUser.GetRecordByUserLogin(model.Login, out data, out msg);
if (ret != 0)
{
return(ret);
}
else
{
if (data.login != null)
{
msg = "The login already exists in the database for the application.";
return(1);
}
}
data.comments = model.Comments;
data.activateddate = null;
data.condition = 0;
data.creationdate = DateTime.Now;
data.email = model.Email;
data.isactivated = false;
data.login = model.Login;
data.modifieddate = data.creationdate;
data.owneruserid = LocalData.UserId();
// data.passwordsalt = CreateSalt();
// data.password = CreatePasswordHash(model.Password, data.passwordsalt);
data.permission = clPermission.GetId(model.Permission);
data.username = model.UserName;
data.passvaliddate = DateTime.Now.AddDays(-1);
data.newemailkey = GenerateKey();
string[] arr = new[] { "'", "\"", "--" };
if (CheckerField.CheckField(arr, data.comments, data.email, data.login, data.username))
{
msg = "One or more fields contain invalid characters.";
return(2);
}
ret = clUser.Insert(data, out msg);
if (ret == 0)
{
CAction clAction = new CAction(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
clAction.AddAction(ActionType.AddUser, string.Format("Add user {0}, {1}", data.username,
data.login), out msg);
CMail clMail = new CMail(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath());
STMail maildata = new STMail();
maildata.to = data.email;
maildata.tamplate = "MailToUserActivateAccount.txt";
maildata.linkkey = data.newemailkey;
maildata.fleetpwd = null;
maildata.pan = null;
maildata.dtcreate = DateTime.Now.ToString("yyyyMMddHHmmss");
maildata.dtmistsent = null;
maildata.login = data.login;
clMail.Insert(maildata, out msg);
SMTPNotice smtp = new SMTPNotice(LocalData.SmtpHost(), LocalData.SmtpPort(), LocalData.SmtpUseSSL(),
LocalData.SmtpUserName(), LocalData.SmtpPassword(), LocalData.SmtpFrom(), LocalData.CSDbUsers(),
LocalData.LogPath(), LocalData.GetTemplatePath(), LocalData.Images());
smtp.SendNotice(out msg);
}
}
catch (Exception ex) { msg = ex.Message; ret = -1; }
return(ret);
}
