public static void UpdateSession() { var userDetail = new UserManagement().FindUserByUserId(Convert.ToInt32(HttpContext.Current.User.Identity.Name)); HttpContext.Current.Session["displayname"] = userDetail.DisplayName; HttpContext.Current.Session["firstname"] = userDetail.FirstName; HttpContext.Current.Session["lastname"] = userDetail.LastName; HttpContext.Current.Session["IsAdmin"] = GlobalAppSettings.IsAdmin(userDetail.UserId); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { if (filterContext.HttpContext.User.Identity.IsAuthenticated == false) { filterContext.Result = new RedirectResult("/login", true); } else { var isAdmin = GlobalAppSettings.IsAdmin(Convert.ToInt32(filterContext.HttpContext.User.Identity.Name)); if (isAdmin == false) { filterContext.Result = new ViewResult { ViewName = "../Home/PermissionDenied" }; } } base.OnActionExecuting(filterContext); }
public ActionResult Login(string username, string password, string remember, string returnUrl) { var tokenCryptography = new TokenCryptography(); if (username != null && password != null) { var ipAddress = Request.UserHostAddress; var encryptedUsername = tokenCryptography.Encrypt(username, ipAddress); var encryptedPassword = tokenCryptography.Encrypt(password, ipAddress); LogExtension.LogInfo("Login Encryption done", MethodBase.GetCurrentMethod(), " UserName - " + username + " Password - " + password + " Remember - " + remember + " ReturnUrl - " + returnUrl); var headers = new Dictionary <string, object> { { "Authorization", Convert.ToBase64String(Encoding.UTF8.GetBytes(encryptedUsername + ":" + encryptedPassword)) } }; LogExtension.LogInfo("Login API requested", MethodBase.GetCurrentMethod()); var apiResponse = _javaScriptSerializer.Deserialize <ApiResponse>(_apiHandler.ApiProcessor("/api/accounts/login", headers, new Dictionary <string, object>())); var apiData = DictionaryHelper.GetObject(apiResponse.Data as Dictionary <string, object>, typeof(ApiData)) as ApiData; LogExtension.LogInfo("Login API Data received", MethodBase.GetCurrentMethod(), " UserName - " + username + " Password - " + password + " Remember - " + remember + " ReturnUrl - " + returnUrl); LogExtension.LogInfo("Login result is " + apiData.StatusText, MethodBase.GetCurrentMethod(), " UserName - " + username + " Password - " + password + " Remember - " + remember + " ReturnUrl - " + returnUrl); var isValid = apiData.StatusText; switch (isValid.ToLower()) { case "validuser": var userDetail = _userManagement.FindUserByUserName(username); FormsAuthentication.SetAuthCookie(userDetail.UserId.ToString(), remember != null && remember.ToLower().Trim() == "on"); GlobalAppSettings.SetTimeZone(userDetail.UserId); HttpContext.Session["displayname"] = userDetail.DisplayName; HttpContext.Session["firstname"] = userDetail.FirstName; HttpContext.Session["lastname"] = userDetail.LastName; HttpContext.Session["IsAdmin"] = GlobalAppSettings.IsAdmin(userDetail.UserId); _userManagement.UpdateLoginTime(userDetail.UserId, DateTime.UtcNow); if (String.IsNullOrWhiteSpace(returnUrl)) { return(RedirectToAction("reports", "reports")); } return(Redirect(returnUrl)); case "invalidpassword": TempData["currentValue"] = username; TempData["errorUserName"] = ""; TempData["errorPassword"] = apiData.Message; TempData["errorUserStatus"] = ""; TempData["errorPasswordStatus"] = "inline-block"; return(View()); case "throttleduser": TempData["errorUserName"] = ""; TempData["errorPassword"] = ""; TempData["User"] = apiData.Message; return(View()); case "invalidusername": TempData["currentValue"] = username; TempData["errorUserName"] = apiData.Message; TempData["errorPassword"] = ""; TempData["errorUserStatus"] = "inline-block"; TempData["errorPasswordStatus"] = ""; return(View()); case "deactivateduser": TempData["errorUserName"] = ""; TempData["errorPassword"] = ""; TempData["errorUserStatus"] = "inline-block"; TempData["User"] = apiData.Message; return(View()); default: TempData["errorUserName"] = ""; TempData["errorPassword"] = ""; TempData["errorUserStatus"] = "inline-block"; TempData["User"] = apiData.Message; return(View()); } } return(View()); }
public JsonResult CheckMailSettingsExist() { var isAdmin = GlobalAppSettings.IsAdmin(Convert.ToInt32(HttpContext.User.Identity.Name)); return(Json(new { result = SystemSettingsModel.MailSettingsExist(), isAdmin })); }