protected void Application_PostAuthenticateRequest(Object sender, EventArgs e) { if (FormsAuthentication.CookiesSupported == true) { if (Request.Cookies[FormsAuthentication.FormsCookieName] != null) { try { //let us take out the username now string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name; string roles = string.Empty; using (FirstCargoDbEntities entities = new FirstCargoDbEntities()) { USER user = entities.USER.SingleOrDefault(u => u.userName == username); if (user.isAdmin) { roles = "Admin"; } } //let us extract the roles from our own custom cookie //Let us set the Pricipal with our user specific details HttpContext.User = new System.Security.Principal.GenericPrincipal( new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';')); } catch (Exception) { //somehting went wrong } } } }
public async Task <ActionResult> ManageUser(USER user) { ViewBag.ReturnUrl = Url.Action("ManageUser"); // Remove the useles data column because we dont#t need them to Change the password ModelState.Remove("password"); ModelState.Remove("userName"); ModelState.Remove("userID"); ModelState.Remove("email"); int userId = user.userID; // var errors3 = ModelState //.Where(x => x.Value.Errors.Count > 0) //.Select(x => new { x.Key, x.Value.Errors }) //.ToArray(); if (ModelState.IsValid) { // Set obligated User Property before updated the changes user.password = user.newPassword; user.userName = User.Identity.GetUserName().Split('|')[0].ToString(); user.userID = Int32.Parse(User.Identity.GetUserName().Split('|')[1]); using (FirstCargoDbEntities entities = new FirstCargoDbEntities()) { USER userToUpdate = entities.USER.SingleOrDefault(u => u.userName == user.userName); var hashCode = userToUpdate.vCode; //Password Hasing Process Call Helper Class Method var encodingPasswordString = RegistrationLoginHelper.EncodePassword(user.oldPassword, hashCode); if (encodingPasswordString.Equals(userToUpdate.password)) { //Check Login Detail User Name Or Password var query = (from s in entities.USER where (s.userName == user.userName || s.email == user.userName) && s.password.Equals(encodingPasswordString) select s).FirstOrDefault(); if (query != null) { var password = RegistrationLoginHelper.EncodePassword(user.newPassword, hashCode); userToUpdate.oldPassword = userToUpdate.password; userToUpdate.password = userToUpdate.newPassword = userToUpdate.confirmPassword = password; userToUpdate.passwordChangedDates = DateTime.Now; db.Entry(userToUpdate).State = EntityState.Modified; try { await db.SaveChangesAsync(); } catch (System.Data.Entity.Validation.DbEntityValidationException dbEx) { // Todo Log the error } } } } return(RedirectToAction("ManageUser", new { Message = NotificationMessage.ManageMessageId.ChangePasswordSuccess })); } // how form again if there is a failure return(View(user)); }
public ActionResult Login([Bind(Exclude = "oldPassword,confirmPassword")] USER model) { ModelState.Remove("oldPassword"); ModelState.Remove("confirmPassword"); ModelState.Remove("newPassword"); ModelState.Remove("email"); // Lets first check if the Model is valid or not if (ModelState.IsValid) { using (FirstCargoDbEntities entities = new FirstCargoDbEntities()) { string username = model.userName; string password = model.password; USER user = entities.USER.SingleOrDefault(u => u.userName == username); var hashCode = user.vCode; //Password Hasing Process Call Helper Class Method var encodingPasswordString = RegistrationLoginHelper.EncodePassword(password, hashCode); //Check Login Detail User Name Or Password var query = (from s in entities.USER where (s.userName == model.userName || s.email == model.userName) && s.password.Equals(encodingPasswordString) select s).FirstOrDefault(); // User found in the database if (query != null) { FormsAuthentication.SetAuthCookie(username + "|" + user.userID.ToString() + "|" + user.isAdmin, false); int test = CurrentUserId; string test2 = User.Identity.GetUserName().Split('|')[0]; string test3 = User.Identity.GetUserName(); return(RedirectToAction("Index", "Vehicule")); } else { ModelState.AddModelError("", @ViewResources.Resource.LoginError); } } } // If we got this far, something failed, redisplay form return(View(model)); }