public IHttpActionResult ForgetPassword(string UserName, string Email)
{
DESCode lDESCode = new DESCode();
string en = lDESCode.EncryptDES("jason.wang");
string de = lDESCode.DecryptDES(en);
//SendEmail.SendSupportEmail("*****@*****.**", "Password recovery", "<strong>Recovering the password</strong>");
return Ok();
}
public ActionResult ChangePwd(ChangePwdModel passwordToChange)
{
if (!ModelState.IsValid)
{
return(View());
}
string superAdmin = Session["waveAccount"].ToString();
var account = (from m in _db.SuperAdmin
where m.supname == superAdmin
select m).First();
string key = account.supname;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.spasswd, key) != passwordToChange.original)
{
TempData["ErrorMessage"] = "Your original passwords do not match, please retype it and try again. ";
return(View());
}
else if (passwordToChange.password != passwordToChange.confirmPwd)
{
TempData["ErrorMessage"] = "Your new passwords do not match, please retype them and try again. ";
return(View());
}
else
{
account.spasswd = DESCode.EncryptDES(passwordToChange.password, key);
try
{
_db.ApplyCurrentValues <SuperAdmin>(account.EntityKey.EntitySetName, account);
_db.SaveChanges();
TempData["SuccessMessage"] = "Your password has been sucessfully changed.";
return(RedirectToAction("Index"));
}
catch (Exception exception)
{
TempData["ErrorMessage"] = "Password change has failed because: " + exception.Message;
return(View());
}
}
}
public ActionResult Login(LoginModel toCheck)
{
if (!ModelState.IsValid)
{
return(RedirectToAction("Main"));
}
try
{
switch (toCheck.type)
{
case 0:
{
var account = (from m in _db.SuperAdmin
where m.supname == toCheck.account
select m);
if (account.Count() == 0)
{
TempData["ErrorMessage"] = "Check your account, please! ";
return(RedirectToAction("Main"));
}
else
{
string key = account.First().supname;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.First().spasswd, key) != toCheck.password)
{
TempData["ErrorMessage"] = "Check your password, please! ";
return(RedirectToAction("Main"));
}
else
{
Session["waveAccount"] = toCheck.account;
Session["waveType"] = toCheck.type;
return(RedirectToAction("Index", "SuperAdmin"));
}
}
}
break;
case 1:
{
var account = (from m in _db.Admin
where m.adminname == toCheck.account
select m);
if (account.Count() == 0)
{
TempData["ErrorMessage"] = "Check your account, please! ";
return(RedirectToAction("Main"));
}
else
{
string key = account.First().adminname;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.First().apasswd, key) != toCheck.password)
{
TempData["ErrorMessage"] = "Check your password, please! ";
return(RedirectToAction("Main"));
}
else
{
Session["waveAccount"] = toCheck.account;
Session["waveType"] = toCheck.type;
return(RedirectToAction("Index", "Admin"));
}
}
}
break;
case 2:
{
var account = (from m in _db.Org
where m.orgname == toCheck.account
select m);
if (account.Count() == 0)
{
TempData["ErrorMessage"] = "Check your account, please! ";
return(RedirectToAction("Main"));
}
else
{
string key = account.First().orgname;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.First().opasswd, key) != toCheck.password)
{
TempData["ErrorMessage"] = "Check your password, please! ";
return(RedirectToAction("Main"));
}
else
{
if (account.First().ostate == -1)
{
account.First().ostate = 0;
_db.ApplyCurrentValues <Org>(account.First().EntityKey.EntitySetName, account.First());
_db.SaveChanges();
}
Session["waveAccount"] = toCheck.account;
Session["waveType"] = toCheck.type;
return(RedirectToAction("Index", "Org"));
}
}
}
break;
case 3:
{
var account = (from m in _db.Users
where m.username == toCheck.account
select m);
if (account.Count() == 0)
{
TempData["ErrorMessage"] = "Check your account, please! ";
return(RedirectToAction("Main"));
}
else
{
string key = account.First().username;
while (key.Length < 8)
{
key = key + key;
}
if (DESCode.DecryptDES(account.First().upasswd, key) != toCheck.password)
{
TempData["ErrorMessage"] = "Check your password, please! ";
return(RedirectToAction("Main"));
}
else if (account.First().ustate == 0)
{
TempData["WarningMessage"] = "Your need to active your account.";
return(RedirectToAction("Main"));
}
else
{
Session["waveAccount"] = toCheck.account;
Session["waveType"] = toCheck.type;
if (account.First().ustate == -1)
{
account.First().ustate = 1;
_db.ApplyCurrentValues <Users>(account.First().EntityKey.EntitySetName, account.First());
_db.SaveChanges();
}
return(Redirect(Request.UrlReferrer.ToString()));
}
}
}
break;
default:
return(View());
break;
}
}
catch (Exception exception)
{
TempData["ErrorMessage"] = "Login has failed because: " + exception.Message;
return(RedirectToAction("Main"));
}
}
public IHttpActionResult ResetPassword(ResetPassowrdParams aResetPassowrdParams)
{
try
{
BOCPasswordHasher lBOCPasswordHasher = new BOCPasswordHasher();
string lNewPassword = lBOCPasswordHasher.HashPassword(aResetPassowrdParams.Password);
DESCode lDESCode = new DESCode();
string lUserName = lDESCode.DecryptDES(aResetPassowrdParams.UserName);
string[] lStringArray = lUserName.Split('|');
string lUserTrueName = lStringArray[0];
string lDateTime = lStringArray[1];
DateTime lNow = DateTime.Now;
DateTime lEmailDateTime = DateTime.Parse(lDateTime);
if ((lNow - lEmailDateTime).Days > 7)
{
return BadRequest("_resetpasswordexpired");
}
BOC.Entities.User lUser = _BOCWebDBContext.Users.Where(e => e.UserName == lUserTrueName).FirstOrDefault();
if (lUser != null)
{
lUser.Password = lNewPassword;
_BOCWebDBContext.Users.Attach(lUser);
_BOCWebDBContext.Entry<BOC.Entities.User>(lUser).State = System.Data.Entity.EntityState.Modified;
_BOCWebDBContext.SaveChanges();
return Ok();
}
else
{
return BadRequest("_reseterror");
}
}
catch (Exception e)
{
return BadRequest(e.ToString());
}
}
