public bool HasNewPasswordBeenUsedRecently(Int64 userId, string proposedNewPassword) { try { int numberOfRecentPasswordsToKeep = ExtentionUtility.GetIntAppSetting("NoOfPasswordCheck"); //first delete old record _applicationUser.ExecuteStoreprocedure("spPasswordHistoryDeleteNonRecentPasswords @UserId,@numberOfRecentPasswordsToKeep", new SqlParameter("UserId", userId), new SqlParameter("numberOfRecentPasswordsToKeep", numberOfRecentPasswordsToKeep)); //Now get recent password details var hashedPasswordDetails = _applicationUser.ExecuteStoredProdure <HashedPasswordDetails>("spPasswordHistorySelect @UserId,@numberOfRecentPasswordsToKeep", new SqlParameter("UserId", userId), new SqlParameter("numberOfRecentPasswordsToKeep", numberOfRecentPasswordsToKeep)); foreach (HashedPasswordDetails passwordDetails in hashedPasswordDetails) { var encodePassword = ExtentionUtility.Encrypt(proposedNewPassword); if (ProposedNewPasswordMatchesAPreviousPassword(passwordDetails, encodePassword)) { return(true); } } return(false); } catch (Exception ex) { _log.Error(ex); return(false); } }
public async Task <ActionResult> ResetPassword(ResetPasswordViewModel model) { try { if (!ModelState.IsValid) { return(View(model)); } Int64 UserId = model.userCode.DecryptID(); var user = await UserManager.FindByIdAsync(UserId); if (user == null) { // Don't reveal that the user does not exist return(RedirectToAction("ResetPasswordConfirmation", "Account")); } //check here if password exist b4 if (HasNewPasswordBeenUsedRecently(user.Id, model.Password)) { //return false; ModelState.AddModelError("A previous password can't be used as your new password", "Kindly provide a new password this password "); return(View(model)); } else { var result = await UserManager.ResetPasswordAsync(user.Id, model.Code, model.Password); if (result.Succeeded) { ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory(); passwordModel.UserId = user.Id; passwordModel.DateCreated = DateTime.Now; passwordModel.HashPassword = ExtentionUtility.Encrypt(model.Password); _passwordCommand.Insert(passwordModel); _passwordCommand.SaveChanges(); ApplicationUser xmodel = UserManager.FindById(user.Id); xmodel.IsFirstLogin = false; UserManager.Update(xmodel); return(RedirectToAction("ResetPasswordConfirmation", "Account")); } AddErrors(result); return(View()); } } catch (Exception ex) { _log.Error(ex); return(View("Error")); } }
public async Task <ActionResult> SetFirstlogin(SetFirstPasswordViewModel model) { try { if (!ModelState.IsValid) { return(View(model)); } long UserId = model.code.DecryptID(); if (HasNewPasswordBeenUsedRecently(UserId, model.Password)) { //return false; ModelState.AddModelError("A previous password can't be used as your new password", "Kindly provide a new password this password "); return(View(model)); } else { // string code = await _userManager.GeneratePasswordResetTokenAsync(UserId); // var result = await _userManager.ResetPasswordAsync(UserId,code, model.Password); var result = await _userManager.ChangePasswordAsync(UserId, "Password", model.Password); if (result.Succeeded) { ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory(); passwordModel.UserId = UserId; passwordModel.DateCreated = DateTime.Now; passwordModel.HashPassword = ExtentionUtility.Encrypt(model.Password); _passwordCommand.Insert(passwordModel); _passwordCommand.SaveChanges(); ApplicationUser xmodel = _userManager.FindById(UserId); xmodel.IsFirstLogin = false; _userManager.Update(xmodel); return(RedirectToAction("SetPasswordConfirmation", "Account")); } AddErrors(result); } return(View(model)); } catch (Exception ex) { _log.Error(ex); return(View("Error")); } }
public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model) { CreateViewBagParams(); if (!ModelState.IsValid) { return(PartialView(model)); } long UserId = User.Identity.GetUserId <Int64>(); if (HasNewPasswordBeenUsedRecently(UserId, model.NewPassword)) { ModelState.AddModelError("A previous password can't be used as your new password", "Kindly provide a new password this password "); ViewBag.ErrMsg = "A previous password can't be used as your new password, Kindly provide a new password this password "; return(PartialView(model)); } else { var result = await UserManager.ChangePasswordAsync(UserId, model.OldPassword, model.NewPassword); if (result.Succeeded) { ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory(); passwordModel.UserId = UserId; passwordModel.DateCreated = DateTime.Now; passwordModel.HashPassword = ExtentionUtility.Encrypt(model.NewPassword); _passwordCommand.Insert(passwordModel); _passwordCommand.SaveChanges(); TempData["MESSAGE"] = "Password change successfully"; ModelState.Clear(); return(Json(new { success = true })); } else { AddErrors(result); return(PartialView(model)); } } }
public async Task <ActionResult> Create(UserViewModel model) { string code = string.Empty; model.Roles = _utility.GetRoles(); try { CreateViewBagParams(); if (ModelState.IsValid) { //checking if emailaddress does not exist b4 var organizerAdminEmailExist = _applicationUserQuery.GetAllList(m => m.Email.ToLower().Trim() == model.Email.ToLower().Trim()).ToList(); if (organizerAdminEmailExist.Any()) { ModelState.AddModelError("", "email address already exist"); return(PartialView("_PartialAddEdit", model)); } //checking if username does not exist b4 var organizerAdminUsernameExist = _applicationUserQuery.GetAllList(m => m.UserName.ToLower().Trim() == model.UserName.ToLower().Trim()).ToList(); if (organizerAdminUsernameExist.Any()) { ModelState.AddModelError("", "username already exist"); return(PartialView("_PartialAddEdit", model)); } ApplicationUser usermodel = UserViewModel.ModeltoEntity(model); var result = await UserManager.CreateAsync(usermodel, "Password"); if (result.Succeeded) { _activityRepo.CreateActivityLog(string.Format("Assinging User Id:{0} with Name :{1} to role Id's:{2}", usermodel.Id, (usermodel.LastName + " " + usermodel.FirstName), model.SelectedRole), this.GetContollerName(), this.GetContollerName(), usermodel.Id, null); ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory(); passwordModel.UserId = usermodel.Id; passwordModel.DateCreated = DateTime.Now; passwordModel.HashPassword = ExtentionUtility.Encrypt("Password"); passwordModel.CreatedBy = usermodel.Id; _applicationUserPwdhistoryCommand.Insert(passwordModel); _applicationUserPwdhistoryCommand.Save(); var addRoleResult = await UserManager.AddToRolesAsync(usermodel.Id, model.SelectedRole.ToArray <string>()); if (addRoleResult.Succeeded) { //send user reset mail code = await UserManager.GeneratePasswordResetTokenAsync(usermodel.Id); string portalUrl = System.Web.HttpContext.Current.Request.Url.Scheme + "://" + System.Web.HttpContext.Current.Request.Url.Authority + System.Web.HttpContext.Current.Request.ApplicationPath.TrimEnd('/') + "/"; var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = usermodel.Id, code = code }); string mPre = portalUrl + callbackUrl; _log.Info(string.Format("Reset URL:{0}", mPre)); if (!String.IsNullOrEmpty(usermodel.Email)) { try { _utility.SendWelcomeAndPasswordResetEmail(usermodel, mPre); } catch { } } TempData["MESSAGE"] = "Portal User " + (usermodel.LastName + " " + usermodel.FirstName) + " was successfully created"; ModelState.Clear(); return(Json(new { success = true })); } } else { ModelState.AddModelError("", result.Errors.FirstOrDefault().ToString()); } ModelState.Clear(); return(Json(new { success = true })); } else { StringBuilder errorMsg = new StringBuilder(); foreach (var modelError in ModelState.Values.SelectMany(modelState => modelState.Errors)) { errorMsg.AppendLine(modelError.ErrorMessage); ModelState.AddModelError(string.Empty, modelError.ErrorMessage); } ViewBag.ErrMsg = errorMsg.ToString(); return(PartialView("_PartialAddEdit", model)); } } catch (Exception exp) { _log.Error(exp); //return View("Error"); StringBuilder errorMsg = new StringBuilder(); foreach (var modelError in ModelState.Values.SelectMany(modelState => modelState.Errors)) { errorMsg.AppendLine(modelError.ErrorMessage); ModelState.AddModelError(string.Empty, modelError.ErrorMessage); } ViewBag.ErrMsg = errorMsg.ToString(); return(PartialView("_PartialAddEdit", model)); } }
public async Task <ActionResult> FramewokAdmin(string nextButton, string backButton) { string msg; if (backButton != null) { return(RedirectToAction("FrameworkSetting")); } if (nextButton != null) { if (!ModelState.IsValid) { return(View(_setupContract)); } if (string.Compare(_setupContract.AdminUserSetting.Password, _setupContract.AdminUserSetting.ConfirmPassword, StringComparison.InvariantCultureIgnoreCase) != 0) { ViewBag.ErrMsg = "Password and confirm password must be equal"; // ModelState.AddModelError("","Password and confirm password must be equal"); return(View(_setupContract)); } var user = new ApplicationUser { FirstName = _setupContract.AdminUserSetting.FirstName, LastName = _setupContract.AdminUserSetting.LastName, MiddleName = _setupContract.AdminUserSetting.MiddleName, UserName = _setupContract.AdminUserSetting.UserName, Email = _setupContract.AdminUserSetting.Email, MobileNumber = _setupContract.AdminUserSetting.MobileNumber, PhoneNumber = _setupContract.AdminUserSetting.PhoneNumber, EmailConfirmed = true, PhoneNumberConfirmed = true, TwoFactorEnabled = false, LockoutEnabled = false, AccessFailedCount = 0, DateCreated = DateTime.Now, IsFirstLogin = false }; var result = await UserManager.CreateAsync(user, _setupContract.AdminUserSetting.Password); if (result.Succeeded) { ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory(); passwordModel.UserId = user.Id; passwordModel.DateCreated = DateTime.Now; passwordModel.HashPassword = ExtentionUtility.Encrypt(_setupContract.AdminUserSetting.Password); passwordModel.CreatedBy = user.Id; _applicationUserPwdhistoryCommand.Insert(passwordModel); _applicationUserPwdhistoryCommand.Save(); var addRoleResult = await UserManager.AddToRoleAsync(user.Id, "PortalAdmin"); if (addRoleResult.Succeeded) { Application applicationmodel = _applicationQuery.GetAll().FirstOrDefault(); applicationmodel.HasAdminUserConfigured = true; _applicationCommand.Update(applicationmodel); _applicationCommand.SaveChanges(); _activityRepo.CreateActivityLog("creating Framework admin user details", this.GetContollerName(), this.GetContollerName(), _setupContract.AdminUserSetting.Id, _setupContract.AdminUserSetting); return(RedirectToAction("Login", "Account", new { area = "" })); } } else { ModelState.AddModelError("", result.Errors.FirstOrDefault().ToString()); } return(View(_setupContract)); } var userInfo = UserManager.Users.ToList().Select(AdminUserSettingViewModel.EntityToModels).FirstOrDefault(); if (userInfo == null) { //ModelState.AddModelError("", "Unable to initialize admin user information due to internal error! Please try again later"); return(View(_setupContract)); } _setupContract.AdminUserSetting = userInfo; return(View(_setupContract)); }
public async Task <ActionResult> Create(ArtistViewModel model, HttpPostedFileBase profileImage) { string code = string.Empty; string profilePath = string.Empty; try { CreateViewBagParams(); if (ModelState.IsValid) { if (profileImage != null && profileImage.ContentLength > 0) { var ext = Path.GetExtension(profileImage.FileName).Trim().ToLower(); string[] allowedExtension = new string[] { ".jpeg", ".jpg", ".png" }; if (allowedExtension.Contains(ext)) { profilePath = _utility.Upload(profileImage, _utility.GetAppSetting("AppUploadFolder")); } else { ModelState.AddModelError("", string.Format("Invalid image extension,allowed extension are: .jpeg,.jpg,.png ", allowedExtension)); //return PartialView("_PartialAddEdit", staffVm); return(View("_PartialAddEdit", model)); } } //checking if emailaddress does not exist b4 var organizerAdminEmailExist = _applicationUserQuery.GetAllList(m => m.Email.ToLower().Trim() == model.Email.ToLower().Trim()).ToList(); if (organizerAdminEmailExist.Any()) { ModelState.AddModelError("", "email address already exist"); return(PartialView("_PartialAddEdit", model)); } //checking if username does not exist b4 var organizerAdminUsernameExist = _applicationUserQuery.GetAllList(m => m.UserName.ToLower().Trim() == model.UserName.ToLower().Trim()).ToList(); if (organizerAdminUsernameExist.Any()) { ModelState.AddModelError("", "username already exist"); return(PartialView("_PartialAddEdit", model)); } ApplicationUser usermodel = ArtistViewModel.ModeltoEntity(model); usermodel.PicturePath = Path.GetFileName(profilePath); usermodel.FacebookURL = model.FacebookURL; var result = await UserManager.CreateAsync(usermodel, "Password"); if (result.Succeeded) { _activityRepo.CreateActivityLog(string.Format("Assinging User Id:{0} with Name :{1} to role Id's:{2}", usermodel.Id, (usermodel.LastName + " " + usermodel.FirstName), ""), this.GetContollerName(), this.GetContollerName(), usermodel.Id, null); ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory(); passwordModel.UserId = usermodel.Id; passwordModel.DateCreated = DateTime.Now; passwordModel.HashPassword = ExtentionUtility.Encrypt("Password"); passwordModel.CreatedBy = usermodel.Id; _applicationUserPwdhistoryCommand.Insert(passwordModel); _applicationUserPwdhistoryCommand.Save(); var addRoleResult = await UserManager.AddToRoleAsync(usermodel.Id, "Artist"); if (addRoleResult.Succeeded) { //send user reset mail code = await UserManager.GeneratePasswordResetTokenAsync(usermodel.Id); string portalUrl = System.Web.HttpContext.Current.Request.Url.Scheme + "://" + System.Web.HttpContext.Current.Request.Url.Authority + System.Web.HttpContext.Current.Request.ApplicationPath.TrimEnd('/') + "/"; var callbackUrl = Url.Action("ResetPassword", "Account", new { userCode = usermodel.Id.EncryptID(), code = code }); string mPre = portalUrl + callbackUrl; _log.Info(string.Format("Reset URL:{0}", mPre)); if (!String.IsNullOrEmpty(usermodel.Email)) { _utility.SendWelcomeAndPasswordResetEmail(usermodel, mPre); } TempData["MESSAGE"] = "Artist " + (usermodel.LastName + " " + usermodel.FirstName) + " was successfully created"; ModelState.Clear(); return(Json(new { success = true })); } } else { ModelState.AddModelError("", result.Errors.FirstOrDefault().ToString()); } ModelState.Clear(); return(Json(new { success = true })); } else { StringBuilder errorMsg = new StringBuilder(); foreach (var modelError in ModelState.Values.SelectMany(modelState => modelState.Errors)) { errorMsg.AppendLine(modelError.ErrorMessage); ModelState.AddModelError(string.Empty, modelError.ErrorMessage); } ViewBag.ErrMsg = errorMsg.ToString(); return(PartialView("_PartialAddEdit", model)); } } catch (Exception exp) { _log.Error(exp); //return View("Error"); StringBuilder errorMsg = new StringBuilder(); foreach (var modelError in ModelState.Values.SelectMany(modelState => modelState.Errors)) { errorMsg.AppendLine(modelError.ErrorMessage); ModelState.AddModelError(string.Empty, modelError.ErrorMessage); } ViewBag.ErrMsg = errorMsg.ToString(); return(PartialView("_PartialAddEdit", model)); } }