public ActionResult Login(string username, string password, string captcha) { string CapImaText = Convert.ToString(Session["Captcha"]); if (captcha != CapImaText) { return(Json(new { data = 3 }, JsonRequestBehavior.AllowGet)); } Session["MustChangePW"] = false; _iLogSystemService.CreateNew(username.Trim(), "Đăng nhập hệ thống ", "Thực hiện đăng nhập hệ thống", Helper.GetIPAddress.GetVisitorIPAddress(), HttpContext.Request.Browser.Browser); try { Session["password"] = password; if (authenticationService.Logon(username.Trim(), password.Trim())) { //isert log system_iLogSystemService.CreateNew(username.Trim(), "Đăng nhập hệ thống ", "Đăng nhập thành công",Helper.GetIPAddress.GetVisitorIPAddress(), HttpContext.Request.Browser.Browser); //CheckChangePassword cc_password = new CheckChangePassword(); //bool isChange = cc_password.CheckChange(password); //var currentUser = UserDataService.Query.FirstOrDefault(x => x.username.ToUpper() == username.ToUpper()) ?? new user(); //var nguoidungId = NguoidungService.Query.FirstOrDefault(x => x.TENDANGNHAP.ToUpper() == username.Trim().ToUpper()) ?? new NGUOIDUNG(); //if (currentUser.ISADMIN != true && nguoidungId.ISPQ != true && nguoidungId.DF_LOAITG == null) //{ // if (!isChange) // { // Session["MustChangePW"] = true; // } // System.Web.HttpContext.Current.Session["COSOKCB_Session"] = nguoidungId.COSOKCBS; // return Json(new { data = 5 }, JsonRequestBehavior.AllowGet); //} //if (!isChange) //{ // Session["MustChangePW"] = true; // return Json(new { data = 4 }, JsonRequestBehavior.AllowGet); //} #region tungns - lấy danh sách permission của Người dùng var currentuser = UserDataService.Query.FirstOrDefault(x => x.username.ToUpper() == username.ToUpper()); if (currentuser == null) { return(Json(new { data = 2 }, JsonRequestBehavior.AllowGet)); } var currentuserRoles = currentuser.Roles; var listPer = new List <permission>(); foreach (var role in currentuserRoles) { listPer.AddRange(role.Permissions.ToList()); } var lstPer = new HashSet <String>(listPer.Select(item => item.name)).ToList(); Session["LIST_PERMISSION"] = lstPer; #endregion return(Json(new { data = 1 }, JsonRequestBehavior.AllowGet)); } return(Json(new { data = 2 }, JsonRequestBehavior.AllowGet)); } catch (Exception e) { log.Error(e.Message); return(Json(new { data = 6, message = e.Message, stack = e.StackTrace }, JsonRequestBehavior.AllowGet)); } }
public ActionResult LogOn(LogOnModel _model, string captch) { if (string.IsNullOrWhiteSpace(captch)) { _model.lblErrorMessage = "Nhập đúng mã xác thực."; _model.Password = ""; return(View(_model)); } bool cv = CaptchaController.IsValidCaptchaValue(captch); if (!cv) { _model.lblErrorMessage = "Nhập đúng mã xác thực."; _model.Password = ""; return(View(_model)); } log.Info("Login: "******"LogOn:" + HttpContext.User.Identity.Name + ", Date:" + DateTime.Now); if (!string.IsNullOrWhiteSpace(_model.ReturnUrl) && Url.IsLocalUrl(_model.ReturnUrl)) { return(Redirect(_model.ReturnUrl)); } return(Redirect("/")); } else { IuserService userSrv = IoC.Resolve <IuserService>(); var currComp = ((EInvoiceContext)FXContext.Current).CurrentCompany; user TempUser = userSrv.Query.Where(u => u.username == _model.UserName && u.GroupName.Equals(currComp.id.ToString())).FirstOrDefault(); if (TempUser != null) { if (TempUser.IsLockedOut) { _model.lblErrorMessage = "Tài khoản đã bị khóa."; } else { if (!_model.IsThread) { if (TempUser.FailedPasswordAttemptCount > 0) { TempUser.FailedPasswordAttemptCount = 0; userSrv.Save(TempUser); userSrv.CommitChanges(); } _model.lblErrorMessage = Resources.Message.User_MesWrongAccOrPass; _model.Password = ""; _model.IsThread = true; return(View(_model)); } if (TempUser.FailedPasswordAttemptCount == 4) { TempUser.IsLockedOut = true; } TempUser.FailedPasswordAttemptCount++; _model.lblErrorMessage = Resources.Message.User_MesWrongAccOrPass; userSrv.Save(TempUser); userSrv.CommitChanges(); } _model.Password = ""; return(View(_model)); } _model.lblErrorMessage = Resources.Message.User_MesWrongAccOrPass; _model.Password = ""; return(View(_model)); } } else { _model.Password = ""; return(View("LogOn", _model)); } } catch (Exception ex) { log.Error("Error", ex); _model.lblErrorMessage = Resources.Message.User_MesWrongAccOrPass; _model.Password = ""; return(View("LogOn", _model)); } }