public ActionResult Login(string ReturnUrl = "", string token = "")
{
if (User.Identity.IsAuthenticated)
{
return(LogOut());
}
#region "Process Token from Email Notification"
if (token.Trim() != string.Empty)
{
try
{
token = token.Replace("plus", "+").Replace("equal", "=");
token = App_Helpers.CryptorHelper.Decrypt(token, "MD5", true);
string[] arrToken = token.Split('|');
if (arrToken.Count() > 0)
{
string controller = arrToken[0];
string actionname = arrToken[1];
string username = arrToken[2];
int companyid = Convert.ToInt32(arrToken[3]);
int locationregid = Convert.ToInt32(arrToken[4]);
//isi login form
var user = (CustomMembershipUser)Membership.GetUser(username, false);
if (user != null)
{
ASM_UI.Models.CustomSerializeViewModel userModel = new ASM_UI.Models.CustomSerializeViewModel()
{
user_id = user.user_id,
user_name = user.user_name,
user_password = user.user_password,
user_type_id = user.user_type_id,
employee_id = user.employee_id,
employee_nik = user.employee_nik,
employee_name = user.employee_name,
employee_email = user.employee_email,
fl_active = user.fl_active,
RoleCode = user.Roles.Select(r => r.RoleCode).ToList()
};
#region setelah login isi user profile
USER_PROFILE UserProfile = Session["USER_PROFILE"] as USER_PROFILE;
UserProfile.UserId = userModel.user_id;
UserProfile.UserName = userModel.user_name;
UserProfile.user_type_id = userModel.user_type_id;
UserProfile.ms_user_type = _db.ms_user_type.Find(userModel.user_type_id);
UserProfile.company_id = companyid;
UserProfile.asset_reg_location_id = locationregid;
UserProfile.register_location = _db.ms_asset_register_location.Find(UserProfile.asset_reg_location_id);
UserProfile.employee_id = userModel.employee_id;
UserProfile.UserFullName = userModel.employee_name;
UserProfile.ms_employee = _db.ms_employee.Find(userModel.employee_id);
ms_employee_detail employee_detail = _db.ms_employee_detail.Where(w => w.employee_id == userModel.employee_id && w.company_id == companyid).FirstOrDefault <ms_employee_detail>();
if (employee_detail != null)
{
UserProfile.CompanyName = employee_detail.ms_asmin_company.company_name;
UserProfile.ms_department = employee_detail.ms_department;
UserProfile.department_id = UserProfile.ms_department.department_id;
UserProfile.ms_job_level = employee_detail.ms_job_level;
UserProfile.job_level_id = UserProfile.ms_job_level.job_level_id;
//UserProfile.ms_user_type = employee_detail.ms_user_type;
//UserProfile.user_type_id = UserProfile.ms_user_type.user_type_id;
if (employee_detail.ms_approval_range != null)
{
UserProfile.ms_approval_range = employee_detail.ms_approval_range;
UserProfile.range_id = UserProfile.ms_approval_range.range_id;
UserProfile.fl_approver = (UserProfile.range_id > 0);
}
}
else //null tidak dapaat menu/role
{
UserProfile.CompanyName = "";
UserProfile.ms_department = new ms_department()
{
department_id = 0
};
UserProfile.department_id = UserProfile.ms_department.department_id;
UserProfile.ms_job_level = new ms_job_level()
{
job_level_id = 0
};
UserProfile.job_level_id = UserProfile.ms_job_level.job_level_id;
UserProfile.ms_user_type = new ms_user_type()
{
user_type_id = 0
};
UserProfile.user_type_id = UserProfile.ms_user_type.user_type_id;
UserProfile.ms_approval_range = new ms_approval_range()
{
range_id = 0
};
UserProfile.range_id = UserProfile.ms_approval_range.range_id;
UserProfile.fl_approver = false;
}
app_logwriter.ToLog(UserProfile.UserName + " logged-in with SessionID=" + Session.SessionID);
app_logwriter.ToLog(string.Format("UserName:{0}, Employee:{1}, UserType={2}, JobLevel={3}, Department={4}, Company={5}, Location={6}, Register={7}"
, UserProfile.UserName
, UserProfile.ms_employee.employee_name
, UserProfile.ms_user_type.user_type_name
, UserProfile.ms_job_level.job_level_name
, UserProfile.ms_department.department_name
, UserProfile.CompanyName
, UserProfile.location_name
, UserProfile.register_location.asset_reg_location_name));
#endregion
string userData = JsonConvert.SerializeObject(userModel);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket
(
1, username.ToString(), DateTime.Now, DateTime.Now.AddHours(5), false, userData
);
string enTicket = FormsAuthentication.Encrypt(authTicket);
string cookie_name = app_setting.COOKIE_NAME + UserProfile.UserName;
//HttpCookie faCookie = new HttpCookie(cookie_name, enTicket);
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, enTicket);
Response.Cookies.Add(faCookie);
}
return(RedirectToAction(actionname, controller));
}
}
catch (Exception ex)
{
app_logwriter.ToLog("Token Invalid:" + ex.Message);
ModelState.AddModelError("", "Token Invalid.");
}
}
#endregion
string controllerName = RouteData.Values["controller"].ToString().ToLower();
string actionName = RouteData.Values["action"].ToString().ToLower();
ReturnUrl = (controllerName.Equals("account") && actionName.Equals("login")) ? "/" : ReturnUrl;
var loginView = new AccountLoginViewModel()
{
company_id = 0,
company_list = _db.ms_asmin_company.Where(r => r.fl_active == true && r.deleted_date == null).ToList(),
asset_reg_location_id = 0,
asset_register_location_list = _db.ms_asset_register_location.Where(r => r.fl_active == true && r.deleted_date == null).ToList(),
user_type_id = 0,
user_type_list = _db.ms_user_type.Where(r => r.fl_active == true && r.deleted_date == null).ToList(),
remember_me = true,
return_url = ReturnUrl,
};
ViewBag.ReturnUrl = loginView.return_url;
return(View(loginView));
}
public ActionResult Login(AccountLoginViewModel loginView, string ReturnUrl = "")
{
try
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(loginView.UserName, App_Helpers.CryptorHelper.Encrypt(loginView.Password, "MD5", true)))
{
var m_user = (CustomMembershipUser)Membership.GetUser(loginView, false);
if (m_user != null)
{
ASM_UI.Models.CustomSerializeViewModel userModel = new ASM_UI.Models.CustomSerializeViewModel()
{
user_id = m_user.user_id,
user_name = m_user.user_name,
user_password = m_user.user_password,
user_type_id = loginView.user_type_id,
employee_id = m_user.employee_id,
employee_nik = m_user.employee_nik,
employee_name = m_user.employee_name,
employee_email = m_user.employee_email,
fl_active = m_user.fl_active,
RoleCode = m_user.Roles.Select(r => r.RoleCode).ToList()
};
#region setelah login isi user profile
USER_PROFILE UserProfile = Session["USER_PROFILE"] as USER_PROFILE;
UserProfile.UserId = userModel.user_id;
UserProfile.UserName = userModel.user_name;
UserProfile.user_type_id = userModel.user_type_id;
UserProfile.ms_user_type = _db.ms_user_type.Find(userModel.user_type_id);
UserProfile.company_id = loginView.company_id;
UserProfile.asset_reg_location_id = loginView.asset_reg_location_id;
UserProfile.register_location = _db.ms_asset_register_location.Find(UserProfile.asset_reg_location_id);
UserProfile.employee_id = userModel.employee_id;
UserProfile.UserFullName = userModel.employee_name;
UserProfile.ms_employee = _db.ms_employee.Find(userModel.employee_id);
ms_employee_detail employee_detail = _db.ms_employee_detail.Where(w => w.employee_id == userModel.employee_id &&
w.company_id == UserProfile.company_id &&
w.asset_reg_location_id == UserProfile.asset_reg_location_id
).FirstOrDefault <ms_employee_detail>();
if (employee_detail != null)
{
UserProfile.CompanyName = employee_detail.ms_asmin_company.company_name;
UserProfile.ms_department = employee_detail.ms_department;
UserProfile.department_id = UserProfile.ms_department.department_id;
UserProfile.ms_job_level = employee_detail.ms_job_level;
UserProfile.job_level_id = UserProfile.ms_job_level.job_level_id;
//UserProfile.ms_user_type = employee_detail.ms_user_type;
//UserProfile.user_type_id = UserProfile.ms_user_type.user_type_id;
UserProfile.location_id = employee_detail.location_id;
ms_asset_location asset_location = _db.ms_asset_location.Where(w => w.location_id == UserProfile.location_id).FirstOrDefault <ms_asset_location>();
UserProfile.location_name = asset_location.location_name;
if (employee_detail.ms_approval_range != null)
{
UserProfile.ms_approval_range = employee_detail.ms_approval_range;
UserProfile.range_id = UserProfile.ms_approval_range.range_id;
UserProfile.fl_approver = (UserProfile.range_id > 0);
}
}
else //null tidak dapaat menu/role
{
UserProfile.CompanyName = "";
UserProfile.ms_department = new ms_department()
{
department_id = 0
};
UserProfile.department_id = UserProfile.ms_department.department_id;
UserProfile.ms_job_level = new ms_job_level()
{
job_level_id = 0
};
UserProfile.job_level_id = UserProfile.ms_job_level.job_level_id;
UserProfile.ms_user_type = new ms_user_type()
{
user_type_id = 0
};
UserProfile.user_type_id = UserProfile.ms_user_type.user_type_id;
UserProfile.ms_approval_range = new ms_approval_range()
{
range_id = 0
};
UserProfile.range_id = UserProfile.ms_approval_range.range_id;
UserProfile.fl_approver = false;
}
app_logwriter.ToLog(UserProfile.UserName + " logged-in with SessionID=" + Session.SessionID);
app_logwriter.ToLog(string.Format("UserName:{0}, Employee:{1}, UserType={2}, JobLevel={3}, Department={4}, Company={5}, Location={6}, Register={7}"
, UserProfile.UserName
, UserProfile.ms_employee.employee_name
, UserProfile.ms_user_type.user_type_name
, UserProfile.ms_job_level.job_level_name
, UserProfile.ms_department.department_name
, UserProfile.CompanyName
, UserProfile.location_name
, UserProfile.register_location.asset_reg_location_name));
#endregion
string userData = JsonConvert.SerializeObject(userModel);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1, loginView.UserName, DateTime.Now, DateTime.Now.AddHours(5), false, userData
);
string enTicket = FormsAuthentication.Encrypt(authTicket);
string cookie_name = app_setting.COOKIE_NAME + UserProfile.UserName;
//HttpCookie faCookie = new HttpCookie(cookie_name, enTicket);
HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, enTicket);
Response.Cookies.Add(faCookie);
}
else
{
ModelState.AddModelError("", "Something Wrong : User not Found or user login not matched.");
//throw new Exception("Something Wrong : User not Found or user login not matched.");
}
string controllerName = RouteData.Values["controller"].ToString().ToLower();
string actionName = RouteData.Values["action"].ToString().ToLower();
ReturnUrl = (controllerName.Equals("account") && actionName.Equals("login")) ? "/" : ReturnUrl;
//if (Url.IsLocalUrl(ReturnUrl))
if (!string.IsNullOrWhiteSpace(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
else
{
return(RedirectToAction("Index"));
}
}
else
{
ModelState.AddModelError("", "Something Wrong : Username/nik or Password invalid.");
}
}
else
{
ModelState.AddModelError("", "Something Wrong : Username/nik or Password invalid.");
}
}
catch (Exception _ex)
{
//ModelState.AddModelError("", "Invalid Login." + ex.Message);
App_Helpers.app_logwriter.ToLog("Invalid Login." + _ex.Message);
ModelState.AddModelError("", "Invalid Login.");
}
if (loginView.company_list == null || loginView.company_list.Count == 0)
{
loginView.company_list = _db.ms_asmin_company.Where(r => r.fl_active == true && r.deleted_date == null).ToList();
}
if (loginView.asset_register_location_list == null || loginView.asset_register_location_list.Count == 0)
{
loginView.asset_register_location_list = _db.ms_asset_register_location.Where(r => r.fl_active == true && r.deleted_date == null).ToList();
}
if (loginView.user_type_list == null || loginView.user_type_list.Count == 0)
{
loginView.user_type_list = _db.ms_user_type.Where(r => r.fl_active == true && r.deleted_date == null).ToList();
}
return(View(loginView));
}
