public JsonResult IsOldPasswordMatching(string OldPassword) { //check if Old Password Matches the Users existing password int id = (int)GenFx.val(GenFx.GetCurrentUserDetails("ID")); bool match = db.Users.Any(x => x.Password == OldPassword && x.ID == id); return(Json(match, JsonRequestBehavior.AllowGet)); }
public ActionResult Index() { //return View(db.SecurityTemplates.ToList()); //Update all the new Permissions (if any) GenFx.PopulatePermission(); return(View()); }
public ActionResult Register([Bind(Include = "ID,FirstName,LastName,Password,ConfirmPassword,Captcha,Telephone,EmailAddress,RoleID,CountryID,UserAgeDescriptionID,capchadata")] RegisterViewModel model) { if (model.capchadata != model.Captcha) { ViewBag.Captcha = "false"; } else { ViewBag.Captcha = "true"; // Lets first check if the Model is valid or not if (ModelState.IsValid) { User user = new User { LoginName = model.EmailAddress, Password = model.Password, FirstName = model.FirstName, LastName = model.LastName, EmailAddress = model.EmailAddress, UserImage = "", //UserSignature = userVM.UserSignature, IsActive = false, Phonenumber = model.Telephone, // Fax = userVM.Fax, CreatedDate = DateTime.Now, ModifiedDate = DateTime.Now, UserAgeDescriptionID = model.UserAgeDescriptionID, RoleID = model.RoleID, SecurityTemplateID = model.RoleID, CountryID = model.CountryID }; db.Users.Add(user); db.SaveChanges(); string Link = System.Web.HttpContext.Current.Request.Url.Scheme + "://" + System.Web.HttpContext.Current.Request.Url.Host + (System.Web.HttpContext.Current.Request.Url.Port == 80 ? string.Empty : ":" + System.Web.HttpContext.Current.Request.Url.Port) + Url.Action("ActivateLine", "Account", new { EmailId = user.LoginName }); string Check = GenFx.EmailToUserifComplaintAdded(user.LoginName, user.Password, Link); if (Check == "1") { Session["siteMsgTyp"] = "success"; Session["siteMsg"] = "You are register successfully.Login confirmation link send your Email"; return(RedirectToAction("Login", "Account")); } else { Session["siteMsgTyp"] = "error"; Session["siteMsg"] = "You are register successfully.but Login confirmation link can not send your Email.Please Contact"; } } } ViewBag.UserAgeDescriptionID = new SelectList(db.UserAgeDescriptions, "ID", "AgeDescription", model.UserAgeDescriptionID); ViewBag.RoleID = new SelectList(db.Roles.Where(a => a.ID > 2), "ID", "RoleName", model.RoleID); ViewBag.CountryID = new SelectList(db.Countries, "ID", "Name", model.CountryID); //// If we got this far, something failed, redisplay form return(View(model)); }
public static string AuthorizedAction(this UrlHelper url, string action, string controller) { if (GenFx.IsUserAuthorized(action, controller)) { //Authorized => let him in return(url.Action(action, controller)); } return(url.Action("AccessDenied", "Error")); }
public ActionResult ChangePassword() { int id = (int)GenFx.val(GenFx.GetCurrentUserDetails("ID")); User user = db.Users.Find(id); if (user == null) { return(HttpNotFound()); } return(View()); }
public static MvcHtmlString Authorized(this HtmlHelper htmlHelper, string linkText, string actionName, string controllerName, object routeValues, object htmlAttributes) { if (HttpContext.Current.User.Identity.IsAuthenticated) { if (GenFx.IsUserAuthorized(actionName, controllerName)) { //Authorized => let him in return(htmlHelper.ActionLink(linkText, actionName, controllerName, routeValues, htmlAttributes)); } return(MvcHtmlString.Empty); } return(MvcHtmlString.Empty); }
public ActionResult ForgotPassword(ForgotPasswordViewModel model, string returnUrl) { // Lets first check if the Model is valid or not if (ModelState.IsValid) { using (DBAuthContext entities = new DBAuthContext()) { string username = model.EmailAddress; string email = model.EmailAddress; // Now if our password was enctypted or hashed we would have done the // same operation on the user entered password here, But for now // since the password is in plain text lets just authenticate directly var userPassword = entities.Users.Where(user => user.LoginName == username && user.EmailAddress == email).Select(user => user.Password).SingleOrDefault(); // User found in the database if (userPassword != null) { string Link = System.Web.HttpContext.Current.Request.Url.Scheme + "://" + System.Web.HttpContext.Current.Request.Url.Host + (System.Web.HttpContext.Current.Request.Url.Port == 80 ? string.Empty : ":" + System.Web.HttpContext.Current.Request.Url.Port) + Url.Action("ActivateLine", "Account", new { EmailId = username }); string Check = GenFx.EmailToUserifComplaintAdded(username, userPassword, ""); if (Check == "1") { Session["siteMsgTyp"] = "success"; Session["siteMsg"] = "You are Password send your Email Address.Check it"; return(RedirectToAction("Login", "Account")); } else { Session["siteMsgTyp"] = "error"; Session["siteMsg"] = "You are Password cant not send your Email Address.Please try Again..."; } //ModelState.AddModelError("", "Your Password is " + userPassword + "."); } else { ModelState.AddModelError("", "The user name or email address provided is incorrect."); } } } // If we got this far, something failed, redisplay form return(View(model)); }
// GET: Account/Logout public ActionResult Logout() { GenFx.AddToUserLog("Logout"); //HttpContext.Response.Cache.SetExpires(DateTime.UtcNow.AddHours(-1)); //HttpContext.Response.Cache.SetCacheability(HttpCacheability.NoCache); //HttpContext.Response.Cache.SetNoStore(); // Response.Buffer = true; //Response.ExpiresAbsolute = DateTime.Now.AddDays(-1d); // Response.Expires = -1000; // Response.CacheControl = "no-cache"; // Response.Cache.SetNoStore(); Session.Clear(); Session.Abandon(); Session.RemoveAll(); FormsAuthentication.SignOut();//you write this when you use FormsAuthentication return(RedirectToAction("Login", "Account")); }
protected override bool AuthorizeCore(HttpContextBase httpContext) { var authorized = base.AuthorizeCore(httpContext); if (!authorized) { // The user is not authenticated return(false); } var rd = httpContext.Request.RequestContext.RouteData; string currentAction = rd.GetRequiredString("action"); string currentController = rd.GetRequiredString("controller"); string currentArea = rd.DataTokens["area"] as string; //check if the logged in user has access to this page if (GenFx.IsUserAuthorized(currentAction, currentController)) { //Authorized => let him in return(true); } return(false); }
public ActionResult ChangePassword([Bind(Include = "OldPassword,NewPassword,RepeatPassword")] ChangePasswordViewModel cpModel) { int id = (int)GenFx.val(GenFx.GetCurrentUserDetails("ID")); User user = db.Users.Find(id); if (user == null) { return(HttpNotFound()); } if (ModelState.IsValid) { user.Password = cpModel.NewPassword; user.ModifiedDate = DateTime.Now; db.Entry(user).State = EntityState.Modified; db.SaveChanges(); Session["siteMsgTyp"] = "success"; Session["siteMsg"] = "Your password was changed successfully."; return(RedirectToAction("Index", "Home")); } return(View(cpModel)); }
public ActionResult Login(LoginViewModel model, string returnUrl) { // Lets first check if the Model is valid or not if (ModelState.IsValid) { using (DBAuthContext entities = new DBAuthContext()) { string username = model.LoginName; string password = model.Password; bool CheckUserActiveornot = entities.Users.Any(user => user.LoginName == username && user.IsActive == false); if (CheckUserActiveornot) { Session["siteMsgTyp"] = "error"; //Congrats on signing up for Zoom!In order to activate your account please click the button below to verify your email address: Session["siteMsg"] = "Please Activate Your Account using link send your Email Address"; return(RedirectToAction("Login", "Account")); } // Now if our password was enctypted or hashed we would have done the // same operation on the user entered password here, But for now // since the password is in plain text lets just authenticate directly bool userValid = entities.Users.Any(user => user.LoginName == username && user.Password == password); // User found in the database if (userValid) { //var userData = ""; //var identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username), }, DefaultAuthenticationTypes.ApplicationCookie); //var ticket = new FormsAuthenticationTicket(1, username, DateTime.UtcNow, DateTime.UtcNow.AddMinutes(30), false, userData, FormsAuthentication.FormsCookiePath); //var encryptedTicket = FormsAuthentication.Encrypt(ticket); //var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { HttpOnly = true }; //Response.Cookies.Add(authCookie); //AuthenticationManager.SignIn(identity); FormsAuthentication.SetAuthCookie(username, false); //Update User Log long userid = entities.Users.Where(user => user.LoginName == username && user.Password == password).Select(user => user.ID).Single(); GenFx.AddToUserLog("Login", userid); if (model.ChkRememberMe.Equals(true)) { Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(30); Response.Cookies["Password"].Expires = DateTime.Now.AddDays(30); } else { Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(-1); Response.Cookies["Password"].Expires = DateTime.Now.AddDays(-1); } Response.Cookies["UserName"].Value = model.LoginName; Response.Cookies["Password"].Value = model.Password; if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return(Redirect(returnUrl)); } else { return(RedirectToAction("Index", "Home")); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } } // If we got this far, something failed, redisplay form return(View(model)); }