public ActionResult ChangePassword(UserAccess model)
{
if (ModelState.IsValid)
{
var uacnew = new UserAccess();
var readuser = uacnew.Read(model.UserID);
uacnew.UserID = model.UserID;
uacnew.Salt = System.DateTime.Now.Hour.ToString();
uacnew.Password = model.PasswordRetype;
// Check if current password match
//
UserAccess ua = new UserAccess();
ua.UserID = model.UserID;
ua.Read(model.UserID);
var userAuthenticate = ua.AuthenticateUser(model.UserID, model.Password);
if (userAuthenticate.ReturnCode == 0001 && userAuthenticate.ReasonCode == 0001)
{
if (model.PasswordRetype != model.ConfirmPassword)
{
ModelState.AddModelError("", "The current password is incorrect or the new password is invalid.");
return(View(model));
}
var response = BUSUserAccess.SavePassword(uacnew);
return(RedirectToAction("ChangePasswordSuccess"));
}
ModelState.AddModelError("", "The current password is incorrect or the new password is invalid.");
return(View(model));
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public Felhasznalo AuthenticateUser(string loginName, string password)
{
var result = _userAccess.AuthenticateUser(loginName, password);
if (result != null)
{
var currentUser = new Felhasznalo();
currentUser.Id = result.Id;
currentUser.LoginNev = result.Loginnev;
currentUser.Nev = result.Nev;
var modul = new List <string>();
foreach (var row in result.FelhasznaloJogok)
{
modul.Add(row.Jog.Nev);
}
currentUser.Modul = modul;
return(currentUser);
}
else
{
throw new Exception("NOT_AUTHENTICATED");
}
}
public ActionResult LogOn(UserAccess model, string returnUrl)
{
if (ModelState.IsValid)
{
//if (Membership.ValidateUser(model.UserName, model.Password))
//{
// FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
// if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
// && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
// {
// return Redirect(returnUrl);
// }
// else
// {
// return RedirectToAction("Index", "Home");
// }
//}
//else
//{
// ModelState.AddModelError("", "The user name or password provided is incorrect.");
//}
// Daniel - My way of authentication
//
// Set the connection string
ConnString.ConnectionString = ConnectionString.GetConnectionString();
ConnString.ConnectionStringFramework = ConnectionString.GetConnectionString("makkframework");
SessionInfo.StoreConnectionString(this,
ConnString.ConnectionString,
ConnString.ConnectionStringFramework);
SecurityUserRole fcmUserRole = new SecurityUserRole(HeaderInfo.Instance);
var userRoleList = fcmUserRole.UserRoleList(model.UserID);
string listOfRole = "";
foreach (var ur in userRoleList)
{
listOfRole += ur.FK_Role + ",";
}
UserAccess ua = new UserAccess();
ua.UserID = model.UserID;
ua.Read(model.UserID);
if (ua.LogonAttempts > 4)
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
else
{
var userAuthenticate = ua.AuthenticateUser(model.UserID, model.Password);
if (userAuthenticate.ReturnCode == 0001 && userAuthenticate.ReasonCode == 0001)
{
// Create a new ticket used for authentication
//
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
version: 1, // Ticket version
name: model.UserID, // Username associated with ticket
issueDate: DateTime.Now, // Date/time issued
expiration: DateTime.Now.AddMinutes(30), // Date/time to expire
isPersistent: true, // "true" for a persistent user cookie
userData: listOfRole, // User-data, in this case the roles
cookiePath: FormsAuthentication.FormsCookiePath); // Path cookie valid for
// Encrypt the cookie using the machine key for secure transport
//
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(name: FormsAuthentication.FormsCookieName, // Name of auth cookie
value: hash); // Hashed ticket
// Set the cookie's expiration time to the tickets expiration time
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
// Add the cookie to the list for outgoing response
Response.Cookies.Add(cookie);
// FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
// Redirect to requested URL, or homepage if no previous page
// requested
// Commented out on 08 Feb 2012
//
//string returnUrl = Request.QueryString["ReturnUrl"];
//if (returnUrl == null) returnUrl = "/";
if (returnUrl == null)
{
return(RedirectToAction("Index", "Home"));
}
// Don't call FormsAuthentication.RedirectFromLoginPage since it
// could
// replace the authentication ticket (cookie) we just added
// Store client in session
//if (ua.ClientUID > 0)
//{
// var client = new Client(HeaderInfo.Instance);
// client.UID = ua.ClientUID;
// var response = client.Read();
// if (client.UID > 0)
// {
// // 08 Feb 2012 - Daniel, come back here, session info may be different
// //
// SessionInfo.StoreClientInSession(client, this);
// }
//}
// FormsAuthentication.RedirectFromLoginPage(UserEmail.Text, Persist.Checked);
//if (returnUrl == "/")
// returnUrl = @"~/default.aspx";
//if (returnUrl == "/")
// returnUrl = @"Index";
//returnUrl = @"/FCMWebSite/default.aspx";
// returnUrl = @"/default.aspx";
// Response.Redirect(returnUrl);
// Enable/ Disable Menu options according to security
//
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
//
//
//
//
}
// If we got this far, something failed, redisplay form
return(View(model));
}
private void btnLogon_Click(object sender, EventArgs e)
{
connectedTo = "not connected";
if (rbLocal.Checked || rbServer.Checked)
{//ok
}
else
{
MessageBox.Show("Please select database.");
return;
}
if (rbLocal.Checked)
{
ConnString.ConnectionString = ConnString.ConnectionStringLocal;
connectedTo = "Local";
}
if (rbServer.Checked)
{
ConnString.ConnectionString = ConnString.ConnectionStringServer;
connectedTo = "Server";
}
// Set framework db as the same at this stage
ConnString.ConnectionStringFramework = ConnString.ConnectionString;
if (string.IsNullOrEmpty(ConnString.ConnectionString))
{
return;
}
try
{
Utils.UserID = txtUserID.Text;
}
catch (Exception ex)
{
MessageBox.Show("Error loading database. Contact system administrator. " + ex.ToString());
Application.Exit();
}
// Check if user is valid
var uacnew = new UserAccess();
var readuser = uacnew.Read(txtUserID.Text);
if (readuser.ReturnCode == 0001 && readuser.ReasonCode == 0001)
{
// cool
}
if (readuser.ReturnCode == 0001 && readuser.ReasonCode == 0002)
{
MessageBox.Show("User not found.");
return;
}
if (readuser.ReturnCode <= 000)
{
MessageBox.Show(readuser.Message);
return;
}
if (string.IsNullOrWhiteSpace(uacnew.Password))
{
MessageBox.Show("User not found. Contact System Support.");
return;
}
var response = uacnew.AuthenticateUser(txtUserID.Text, txtPassword.Text);
if (response.ReturnCode == 0001 && response.ReasonCode == 0001)
{
// Cool
}
else
{
// Invalid Password
//
ControllerUtils.ShowFCMMessage(response.UniqueCode, txtUserID.Text, response.Message, "UILogon.cs");
return;
}
var responseClientList = new BUSClient().ClientList(HeaderInfo.Instance);
Utils.ClientList = responseClientList.clientList;
string ret = LogFile.WriteToTodaysLogFile("User has logged on", Utils.UserID);
if (ret != "" && ret.Length > 3 && ret.Substring(0, 5) == "Error")
{
MessageBox.Show(ret);
Application.Exit();
}
// Retrieve User Settings - Load in memory
//
Utils.LoadUserSettingsInCache();
LogFile.WriteToTodaysLogFile("User Settings loaded in cache", Utils.UserID);
// Load reference data in cache
//
CachedInfo.LoadReferenceDataInCache(HeaderInfo.Instance);
LogFile.WriteToTodaysLogFile("Reference Data loaded in cache", Utils.UserID);
CachedInfo.LoadRelatedCodeInCache();
LogFile.WriteToTodaysLogFile("Related code loaded in cache", Utils.UserID);
// Set Header Info
//
HeaderInfo.Instance.CurrentDateTime = System.DateTime.Today;
HeaderInfo.Instance.UserID = txtUserID.Text;
this.Hide();
}