private void btnSave_Click(object sender, RoutedEventArgs e)
{
this.Cursor = Cursors.Wait;
db = new LetranIntegratedSystemEntities();
var passwordHasher = new Microsoft.AspNet.Identity.PasswordHasher();
AspNetUser search = db.AspNetUsers.Where(m => m.UserName == App.EmployeeNumber).FirstOrDefault();
string compare = passwordHasher.VerifyHashedPassword(search.PasswordHash, pbCurrent.Password).ToString();
if (compare != "Success")
{
MessageBox.Show("Incorrect current password.", "Warning", MessageBoxButton.OK, MessageBoxImage.Warning);
return;
}
if (pbNew.Password != pbVerify.Password)
{
MessageBox.Show("Verify password does not match.", "Warning", MessageBoxButton.OK, MessageBoxImage.Warning);
return;
}
if (String.IsNullOrEmpty(pbCurrent.Password) || String.IsNullOrEmpty(pbNew.Password) || String.IsNullOrEmpty(pbVerify.Password))
{
MessageBox.Show("Password cannot be empty.", "Warning", MessageBoxButton.OK, MessageBoxImage.Warning);
return;
}
search.PasswordHash = passwordHasher.HashPassword(pbVerify.Password);
db.SaveChanges();
MessageBox.Show("Password has been changed.", "Successful", MessageBoxButton.OK);
pbCurrent.Clear();
pbNew.Clear();
pbVerify.Clear();
this.Cursor = Cursors.Arrow;
}
private void Button2_Click(object sender, EventArgs e)
{
var ph = new Microsoft.AspNet.Identity.PasswordHasher <ApplicationUser>();
MessageBox.Show(ph.VerifyHashedPassword(new ApplicationUser()
{
SecurityStamp = "45b85708-5851-45cf-998b-3522"
}, hashPassword_tb.Text, password_tb.Text).ToString());
}
public ResultModel Login(LoginViewModel loginViewModel)
{
ResultModel resultModel = new ResultModel();
if (!string.IsNullOrEmpty(loginViewModel.Email))
{
var ph = new Microsoft.AspNet.Identity.PasswordHasher();
var hash = ph.HashPassword(loginViewModel.Password);
User user = _userRepo.GetByEmailOrUserName(loginViewModel.Email);
if (user != null)
{
if (ph.VerifyHashedPassword(user.Password, loginViewModel.Password).ToString() == "Success")
{
if (user.Active == 1)
{
HttpContext.Current.Session["UserType"] = user.UserType;
HttpContext.Current.Session["UserId"] = Convert.ToString(user.UserID);
//if (user.PasswordExpirationDate != null && (DateTime.Now >= Convert.ToDateTime(user.PasswordExpirationDate.Value.AddDays(Convert.ToInt32(ConfigurationManager.AppSettings["ExpiryDays"])))))
if (user.PasswordExpirationDate != null && (DateTime.Now > Convert.ToDateTime(user.PasswordExpirationDate.Value)))
{
resultModel.IsPasswordExpire = true;
resultModel.Message = "";
return(resultModel);
}
resultModel.IsSuccess = true;
resultModel.Message = "";
}
else
{
resultModel.IsSuccess = false;
resultModel.Message = "Your account is inactive, please contact your WFJ Administrator";
}
}
else
{
resultModel.IsSuccess = false;
resultModel.Message = "Please enter valid password.";
}
}
else
{
resultModel.IsSuccess = false;
resultModel.Message = "Please enter vaild username/email address.";
}
}
else
{
resultModel.IsSuccess = false;
resultModel.Message = "Email address can not be set Empty.";
}
return(resultModel);
}
public void EncryptionPassword()
{
List <User> users = _userRepo.GetAll().Where(x => x.IsPasswordHashed == false && !string.IsNullOrEmpty(x.Password)).ToList();
foreach (User user in users)
{
var ph = new Microsoft.AspNet.Identity.PasswordHasher();
var hash = ph.HashPassword(user.Password);
var respnse = ph.VerifyHashedPassword(hash, user.Password);
user.Password = hash;
user.PasswordExpirationDate = DateTime.Now.AddDays(Convert.ToInt32(ConfigurationManager.AppSettings["ExpiryDays"]));;
user.IsPasswordHashed = true;
_userRepo.Update(user);
}
}
public ResultModel ChangePassword(int userId, string currentPassword, string newPassword, string newConfirmPassword)
{
ResultModel resultModel = new ResultModel();
if (newPassword == newConfirmPassword)
{
User user = _userRepo.GetById(userId);
if (user != null)
{
var ph = new Microsoft.AspNet.Identity.PasswordHasher();
if (ph.VerifyHashedPassword(user.Password, currentPassword).ToString() == "Success")
{
if (user.Active == 1)
{
var hash = ph.HashPassword(newPassword);
user.Password = hash;
user.PasswordExpirationDate = DateTime.Now.AddDays(Convert.ToInt32(ConfigurationManager.AppSettings["ExpiryDays"]));
_userRepo.Update(user);
resultModel.IsSuccess = true;
resultModel.Message = "Password changed successfully.";
}
else
{
resultModel.IsSuccess = false;
resultModel.Message = "Your account is inactive, please contact your WFJ Administrator";
}
}
else
{
resultModel.IsSuccess = false;
resultModel.Message = "The current password is incorrect.";
}
}
else
{
// do code here.
resultModel.IsSuccess = false;
resultModel.Message = "No User Found.";
}
}
else
{
resultModel.IsSuccess = false;
resultModel.Message = "The password and confirmation password do not match.";
}
return(resultModel);
}
// GET api/values
public IEnumerable <string> Get()
{
var a1 = new Microsoft.AspNet.Identity.PasswordHasher();
var ppp = a1.HashPassword("Nss#222222");
var ph = new Microsoft.AspNet.Identity.PasswordHasher <ApplicationUser>();
var pwd = ph.HashPassword(new ApplicationUser()
{
UserName = "******",
SecurityStamp = "18076d02-6d8f-420d-b150-50531f18123f"
}, "Nss#222222");
var sss = ph.VerifyHashedPassword(new ApplicationUser()
{
SecurityStamp = "08076d02-6d8f-420d-b150-50531f18105f"
}, "ADhVPnM6XRHONiJbNP4zQEc0KzQUQl3a/d0XF4aub9yF+A49vck7qTEIrCbDAbZqww==", "Nss#123456").ToString();
return(new string[] { pwd, "ADhVPnM6XRHONiJbNP4zQEc0KzQUQl3a/d0XF4aub9yF+A49vck7qTEIrCbDAbZqww==", sss, ppp });
}
private void loginbtn_Click(object sender, RoutedEventArgs e)
{
Mouse.OverrideCursor = Cursors.Wait;
try
{
if (String.IsNullOrEmpty(usernametb.Text) || String.IsNullOrEmpty(passwordpb.Password))
{
MessageBox.Show("Please input your sign-in credentials");
}
else
{
if (SystemClass.CheckConnection())
{
using (var db = new ImusCityHallEntities())
{
var passwordHasher = new Microsoft.AspNet.Identity.PasswordHasher();
string pass = "";
var asp = db.AspNetUsers.Where(m => m.UserName == usernametb.Text).FirstOrDefault();
if (asp != null)
{
pass = passwordHasher.VerifyHashedPassword(asp.PasswordHash, passwordpb.Password).ToString();
}
else
{
MessageBox.Show("Log-in failed!");
Mouse.OverrideCursor = null;
return;
}
if (pass == "Success")
{
Mouse.OverrideCursor = Cursors.Wait;
var emp = db.Employees.FirstOrDefault(m => m.EmployeeNo == usernametb.Text);
App.EmployeeID = emp.EmployeeID;
if (passwordpb.Password == "imuscitygov")
{
Mouse.OverrideCursor = null;
MessageBox.Show("Please change your default password.");
ChangePasswordWindow password = new ChangePasswordWindow();
password.Show();
}
else if (emp.SecurityQuestionUsers.Count < 3 && emp.EmployeeNo != "123456")
{
Mouse.OverrideCursor = null;
MessageBox.Show("Please set-up your security questions.");
SecurityQuestion secquestion = new SecurityQuestion();
secquestion.Show();
//
}
else
{
var audit = new AuditTrailModel
{
Activity = "Log-in to the system",
ModuleName = this.GetType().Name,
EmployeeID = App.EmployeeID
};
SystemClass.InsertLog(audit);
MainWindow mw = new MainWindow();
mw.Password = passwordpb.Password;
mw.Show();
this.Close();
}
}
else
{
MessageBox.Show("Log-in failed!");
Mouse.OverrideCursor = null;
return;
}
}
}
else
{
MessageBox.Show(SystemClass.DBConnectionErrorMessage);
}
}
}
catch (Exception ex)
{
MessageBox.Show(ex.ToString());
}
Mouse.OverrideCursor = null;
}
private void Button2_Click(object sender, EventArgs e)
{
var ph = new Microsoft.AspNet.Identity.PasswordHasher();
MessageBox.Show(ph.VerifyHashedPassword(textBox1.Text, "Nss#123456").ToString());
}
public async void logme()
{
try
{
this.Cursor = Cursors.Wait;
db = new LetranIntegratedSystemEntities();
if (String.IsNullOrEmpty(usernametb.Text) || String.IsNullOrEmpty(passwordtb.Password))
{
await this.ShowMessageAsync("Warning", "Employee number and/or Password cannot be empty.");
return;
}
var user = db.AspNetUsers.Where(m => m.UserName == usernametb.Text).FirstOrDefault();
if (user != null)
{
var passwordHasher = new Microsoft.AspNet.Identity.PasswordHasher();
if (passwordHasher.VerifyHashedPassword(user.PasswordHash, passwordtb.Password) == Microsoft.AspNet.Identity.PasswordVerificationResult.Success)
{
var employee = (from a in db.Employees
join b in db.AcademicDepartments on a.EmployeeDepartmentID equals b.AcaDeptID
where a.Archive == false && a.EmployeeNo == usernametb.Text
select a).FirstOrDefault();
if (employee == null)
{
await this.ShowMessageAsync("Warning", "Employee not found.");
}
else
{
if (employee.EmployeeDepartmentID == 1 || employee.EmployeeDepartmentID == 13)
{
//Main Menu
App.EmployeeName = employee.FirstName + " " + employee.LastName;
App.EmployeeNumber = employee.EmployeeNo;
App.EmployeeID = employee.EmployeeID;
App.EmployeeUserName = employee.FirstName.Substring(0, 1).ToUpper() + employee.LastName.ToUpper();
MainMenu x = new MainMenu();
x.Show();
this.Close();
}
else
{
await this.ShowMessageAsync("Warning", "Invalid login type.");
return;
}
}
}
else
{
await this.ShowMessageAsync("Warning", "Password is incorrect.");
return;
}
}
else
{
await this.ShowMessageAsync("Warning", "Employee number not found.");
return;
}
this.Cursor = Cursors.Arrow;
}
catch (Exception ex)
{
MessageBox.Show("Something went wrong.", "System Error!", MessageBoxButton.OK, MessageBoxImage.Error);
}
}
private void Button2_Click(object sender, EventArgs e)
{
var ph = new Microsoft.AspNet.Identity.PasswordHasher();
MessageBox.Show(ph.VerifyHashedPassword(hashPassword_tb.Text, password_tb.Text).ToString());
}
