protected void ChangePassword_Click(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(Password.Text.Trim()) && !string.IsNullOrEmpty(ConfirmPassword.Text.Trim()))
{
if (!string.IsNullOrEmpty(Password.Text.Trim()) != !string.IsNullOrEmpty(ConfirmPassword.Text.Trim()))
{
FailureText.Text = "Password not match.";
ErrorMessage.Visible = true;
}
else
{
//updateCustomer
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value);
oLoginService.changePassword(ticket.Name.ToString(), Cryto.Encrypt(ConfirmPassword.Text.Trim()));
ticket = new FormsAuthenticationTicket(ticket.Version, ticket.Name.ToString(), DateTime.Now, DateTime.Now.AddMinutes(28800), true, ticket.UserData.ToString(), FormsAuthentication.FormsCookiePath);
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
Response.Cookies.Add(cookie);
Response.Redirect(FormsAuthentication.GetRedirectUrl(ticket.Name.ToString(), true));
}
}
else
{
FailureText.Text = "Please enter required field.";
ErrorMessage.Visible = true;
}
}
protected void ChangePassword_Click(object sender, EventArgs e)
{
if (!string.IsNullOrEmpty(Password.Text.Trim()) && !string.IsNullOrEmpty(ConfirmPassword.Text.Trim()))
{
if (!string.IsNullOrEmpty(Password.Text.Trim()) != !string.IsNullOrEmpty(ConfirmPassword.Text.Trim()))
{
FailureText.Text = "Password not match.";
ErrorMessage.Visible = true;
}
else
{
//updateCustomer
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value);
oLoginService.changePassword(ticket.Name.ToString(), Cryto.Encrypt(ConfirmPassword.Text.Trim()));
ticket = new FormsAuthenticationTicket(ticket.Version, ticket.Name.ToString(), DateTime.Now, DateTime.Now.AddMinutes(28800), true, ticket.UserData.ToString(), FormsAuthentication.FormsCookiePath);
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
Response.Cookies.Add(cookie);
Response.Redirect(FormsAuthentication.GetRedirectUrl(ticket.Name.ToString(), true));
}
}
else
{
FailureText.Text = "Please enter required field.";
ErrorMessage.Visible = true;
}
//string code = IdentityHelper.GetCodeFromRequest(Request);
//if (code != null)
//{
// var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
// var user = manager.FindByName(Email.Text);
// if (user == null)
// {
// ErrorMessage.Text = "No user found";
// return;
// }
// var result = manager.ResetPassword(user.Id, code, Password.Text);
// if (result.Succeeded)
// {
// Response.Redirect("~/Account/ResetPasswordConfirmation");
// return;
// }
// ErrorMessage.Text = result.Errors.FirstOrDefault();
// return;
//}
//ErrorMessage.Text = "An error has occurred";
}
protected void LogIn(object sender, EventArgs e)
{
if (IsValid)
{
int userId = 0;
int roles = 0;
string name = null;
string constr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("[dbo].[Validate_Login]"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", Username.Text.Trim());
cmd.Parameters.AddWithValue("@Password", Cryto.Encrypt(Password.Text.Trim()));
cmd.Connection = con;
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
reader.Read();
userId = Convert.ToInt32(reader["UserId"]);
roles = Convert.ToInt32(reader["Roles"]);
name = Convert.ToString(reader["Name"]);
con.Close();
}
switch (userId)
{
case -1:
FailureText.Text = "Username and/or password is incorrect.";
ErrorMessage.Visible = true;
break;
case -2:
SetCookie(roles, name);
Response.Redirect("/Account/ResetPassword");
break;
default:
SetCookie(roles, name);
Response.Redirect(FormsAuthentication.GetRedirectUrl(Username.Text, true));
break;
}
}
}
}
protected void LogIn(object sender, EventArgs e)
{
if (IsValid)
{
int userId = 0;
int roles = 0;
string buCode = null;
string constr = ConfigurationManager.ConnectionStrings["ConnectionString"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("[dbo].[SP_VALIDATION_LOGIN]"))
{
cmd.CommandType = CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@Username", Username.Text.Trim());
cmd.Parameters.AddWithValue("@Password", Cryto.Encrypt(Password.Text.Trim()));
cmd.Connection = con;
con.Open();
SqlDataReader reader = cmd.ExecuteReader();
reader.Read();
userId = Convert.ToInt32(reader["UserId"]);
roles = Convert.ToInt32(reader["Roles"]);
buCode = reader["BU_CODE"].ToString();
con.Close();
}
switch (userId)
{
case -1:
FailureText.Text = "Username and/or password is incorrect.";
ErrorMessage.Visible = true;
break;
case -2:
SetCookie(roles, buCode);
Response.Redirect("/Account/ResetPassword");
break;
default:
SetCookie(roles, buCode);
Response.Redirect(FormsAuthentication.GetRedirectUrl(Username.Text, true));
break;
}
}
//// Validate the user password
//var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();
//var signinManager = Context.GetOwinContext().GetUserManager<ApplicationSignInManager>();
//// This doen't count login failures towards account lockout
//// To enable password failures to trigger lockout, change to shouldLockout: true
//var result = signinManager.PasswordSignIn(Email.Text, Password.Text, RememberMe.Checked, shouldLockout: false);
//switch (result)
//{
// case SignInStatus.Success:
// IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
// break;
// case SignInStatus.LockedOut:
// Response.Redirect("/Account/Lockout");
// break;
// case SignInStatus.RequiresVerification:
// Response.Redirect(String.Format("/Account/TwoFactorAuthenticationSignIn?ReturnUrl={0}&RememberMe={1}",
// Request.QueryString["ReturnUrl"],
// RememberMe.Checked),
// true);
// break;
// case SignInStatus.Failure:
// default:
// FailureText.Text = "Invalid login attempt";
// ErrorMessage.Visible = true;
// break;
//}
}
}