public ActionResult Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
var user = usersDAL.GetUser(model.Username);
if (user == null)
{
ModelState.AddModelError("Username", "The username or password is invalid.");
return(View("Login", model));
}
var hashProvider = new HashProvider();
if (!hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt))
{
ModelState.AddModelError("Username", "The username or password is invalid.");
return(View("Login", model));
}
LogUserIn(user.Username);
return(RedirectToAction("Index", "Home"));
}
return(View("Login", model));
}
public ActionResult Login(LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(View("Login", model));
}
User user = userDal.GetUser(model.EmailAddress);
if (user != null)
{
HashProvider hashProvider = new HashProvider();
bool doesPasswordMatch = hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt); //user.Salt)
if (!doesPasswordMatch)
{
ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
return(View("Login", model));
}
}
else
{
ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
return(View("Login", model));
}
FormsAuthentication.SetAuthCookie(user.Email, true);
Session[SessionKeys.Username] = user.Username;
Session[SessionKeys.EmailAddress] = user.Email;
Session[SessionKeys.UserId] = user.User_Id;
return(RedirectToAction("Index", "Home"));
}
public ActionResult LoginPost(User model)
{
if (!ModelState.IsValid)
{
return(View("Index", model));
}
if (model.EmailAddress != null && model.EmailAddress != "")
{
HashProvider hashProvider = new HashProvider();
User u = new User()
{
EmailAddress = model.EmailAddress
};
User validatedUser = userDAL.GetUser(u);
if (validatedUser != null && validatedUser.Password != null && validatedUser.Salt != null)
{
bool passwordMatches = hashProvider.VerifyPasswordMatch(validatedUser.Password, model.Password, validatedUser.Salt);
if (validatedUser.EmailAddress != null && passwordMatches)
{
Session["Login"] = validatedUser;
return(RedirectToAction("Index", "Home"));
}
else
{
return(RedirectToAction("Index"));
}
}
}
return(RedirectToAction("Index"));
}
public User GetUser(LoginViewModel loginInfo)
{
User output = null;
string userName = loginInfo.Email;
HashProvider hashProvider = new HashProvider();
string SQL_LoginString = @"Select TOP 1 * from users WHERE username = @username AND isActive = 'true'";
Dictionary <string, object> dynamicParameterArgs = new Dictionary <string, object>();
dynamicParameterArgs.Add("@username", userName);
//dynamicParameterArgs.Add("@password", hashedPassword.Password);
using (SqlConnection myConnection = new SqlConnection(connectionString))
{
myConnection.Open();
output = myConnection.Query <User>(SQL_LoginString, new DynamicParameters(dynamicParameterArgs)).ToList().FirstOrDefault();
//SqlCommand myCommand = new SqlCommand(SQL_LoginString, myConnection);
}
if (output != null && hashProvider.VerifyPasswordMatch(output.Password, loginInfo.Password, output.Salt))
{
return(output);
}
else
{
return(null);
}
}
public ActionResult Login(UserModel user)
{
UserSqlDal dal = new UserSqlDal();
UserModel existingUser = dal.Login(user.Username);
if (existingUser == null)
{
user.LoginFail = true;
return(View("Login", user));
}
HashProvider provider = new HashProvider();
if (user.LoginPassword != null && provider.VerifyPasswordMatch(existingUser.Password, user.LoginPassword, existingUser.Salt))
{
user.LoginFail = false;
user.IsOnline = true;
Session["user"] = user;
Session["username"] = user.Username;
return(RedirectToAction("LoggedInLanding", "Home"));
}
user.LoginFail = true;
return(View("Login", user));
}
/// <summary>
/// Signs the user in and saves their username in session.
/// </summary>
/// <param name="username"></param>
/// <param name="password"></param>
/// <returns></returns>
public bool SignIn(string emailaddress, string password)
{
var user = userDAL.GetUser(emailaddress);
var hashProvider = new HashProvider();
if (user != null && hashProvider.VerifyPasswordMatch(user.Password, password, user.Salt))
{
HttpContext.Session.SetString(SessionKey, user.EmailAddress);
return(true);
}
return(false);
}
public ActionResult Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
var user = userDal.GetUser(model.Username);
if (user != null)
{
HashProvider hashProvider = new HashProvider();
bool doesPasswordMatch = hashProvider.VerifyPasswordMatch(user.Password, model.Password, ""); //user.Salt)
if (!doesPasswordMatch)
{
ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
return(View("Login", model));
}
}
else
{
ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
return(View("Login", model));
}
// Happy Path
base.LogUserIn(user.Username);
//If they are supposed to be redirected then redirect them else send them to the dashboard
var queryString = this.Request.UrlReferrer.Query;
var urlParams = HttpUtility.ParseQueryString(queryString);
if (urlParams["landingPage"] != null && Url.IsLocalUrl(urlParams["landingPage"]))
{
// then redirect them
return(new RedirectResult(urlParams["landingPage"]));
}
else if (urlParams["landingPage"] != null && !Url.IsLocalUrl(urlParams["landingPage"]))
{
return(RedirectToAction("LeavingSite", "Users", new { destinationUrl = urlParams["landingPage"] }));
}
else
{
return(RedirectToAction("Dashboard", "Messages", new { username = user.Username }));
}
}
else
{
return(View("Login", model));
}
}
public ActionResult Login(LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(View("Login", model));
}
var user = userDAL.GetUser(model.Username);
// Verify username
if (user == null)
{
ModelState.AddModelError("invalid-login", "The username & password combination is invalid.");
return(View("Login", model));
}
// Verify hashed password
HashProvider hashProvider = new HashProvider();
if (!hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt))
{
ModelState.AddModelError("invalid-login", "The username & password combination is invalid.");
return(View("Login", model));
}
// If username and password combination found in database, log user in
base.LogUserIn(user.Username);
//If they are supposed to be redirected then redirect them; otherwise, send them to the home page
var queryString = this.Request.UrlReferrer.Query;
var urlParams = HttpUtility.ParseQueryString(queryString);
if (urlParams["landingPage"] != null)
{
//If it is one of CityTours' web pages
if (Url.IsLocalUrl(urlParams["landingPage"]))
{
return(new RedirectResult(urlParams["landingPage"]));
}
else
{
return(RedirectToAction("Index", "Home", new { destination = urlParams["landingPage"] }));
}
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
public ActionResult Login(LoginModel model)
{
if (!ModelState.IsValid)
{
return(View());
}
//HashProvider hash = new HashProvider();
//string password = hash.HashPassword(model.Password);
//model.Password = model.Password;
UserModel m = userDal.GetUser(model.UserName);
if (ModelState.IsValid && m.Salt != null)
{
UserModel userLogin = userDal.GetUser(model.UserName);
if (userLogin != null)
{
HashProvider hashProvider = new HashProvider();
bool doesPasswordMatch = hashProvider.VerifyPasswordMatch(userLogin.Password, model.Password, userLogin.Salt);
if (!doesPasswordMatch)
{
ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
return(View("Login", model));
}
else
{
FormsAuthentication.SetAuthCookie(userLogin.UserName, true);
Session["authorizationlevel"] = userLogin.AuthorizationLevel;
Session["username"] = userLogin.UserName;
Session["user"] = userLogin;
return(RedirectToAction("Index", "Home"));
}
}
else
{
ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
return(View("Login", model));
}
//return View("Login", model);
}
UserModel user = userDal.GetUser(model.UserName);
return(View("Login"));
}
public ActionResult ChangePassword(ChangePasswordModel model)
{
if (!ModelState.IsValid)
{
return(View());
}
UserModel user = Session["user"] as UserModel;
HashProvider hash = new HashProvider();
string s = model.TempPassword;
s = hash.HashPassword(s);
//if (!ModelState.IsValid)
//{
// return View("ChangePassword");
//}
if (hash.VerifyPasswordMatch(user.Password, model.TempPassword, user.Salt) == false)
{
return(View("ChangePassword"));
}
else
{
string password = hash.HashPassword(model.Password);
user.Salt = hash.SaltValue;
model.Password = password;
user.AuthorizationLevel = 2;
userDal.ChangePassword(model.Password, user.Salt, user.UserName);
//FormsAuthentication.SetAuthCookie(user.Email, true);
// Session[SessionKeys.Username] = model.EmailAddress;
//Session[SessionKeys.UserId] = user.Id; ??? whats session keys
}
return(RedirectToAction("ChangeSuccess"));
}
public ActionResult Login(ParentLoginModel model)
{
// validation redirect
if (!ModelState.IsValid)
{
return(View("Login", model));
}
ParentModel parent = parentDAL.GetParent(model.Email);
HashProvider hash = new HashProvider();
// check if parent exists and passwords match
if (parent == null || !hash.VerifyPasswordMatch(parent.Password, model.Password, parent.Salt))
{
ModelState.AddModelError("invalid-credentials", "Invalid email password combination");
return(View("Login", model));
}
Session["parent"] = parent;
return(RedirectToAction("Dashboard"));
}
public ActionResult Login(ChildLoginModel model)
{
// validation redirect
if (!ModelState.IsValid)
{
return(View("Login", model));
}
ChildModel child = childDAL.GetChild(model.UserName);
HashProvider hash = new HashProvider();
// check if child exists and passwords match
if (child == null || !hash.VerifyPasswordMatch(child.Password, model.Password, child.Salt))
{
ModelState.AddModelError("invalid-credentials", "Invalid email password combination");
return(View("Login", model));
}
// check if child has time remaining
if (child.Seconds <= 0)
{
ModelState.AddModelError("no-time-remaining", "You do not have any time remaining. You need more steps to earn more time.");
return(View("Login", model));
}
child.Mascot = mascotDAL.GetMascot(child);
Session["child"] = child;
// check if child needs to create mascot
if (child.Mascot == null)
{
return(RedirectToAction("ChooseMascot"));
}
return(RedirectToAction("Dashboard"));
}
public ActionResult Login(UserLogin userLogin, int selectedButton)
{
try
{
UserProfile userProfile = userSqlDAL.GetUser(userLogin.UserEmail);
bool passwordMatches = hashProvider.VerifyPasswordMatch(userProfile.UserPassword, userLogin.UserPassword, userProfile.Salt);
//
// // TODO : Add a variable to the parameters to represent whether the user
// // is logging in from the TakeSurvey page or from the general login in button.
// // RedirectToAction will change depending on the starting point.
// Jarrod: Right now I've set it so that once you've loggin in the program checksto see if you have a survey result in th DB
// If you do, the you are taken to your custom franchise list
// If you haven't take a survey yet, you are taken to the survey page
if (passwordMatches)
{
SaveUserSession(userLogin.UserEmail);
SurveyAnswers existingSurvey = surveyAnswerDAL.GetSurveyResult(userProfile.UserEmail);
if (existingSurvey.business != null)
{
return(RedirectToAction("ViewProfile"));
}
else
{
return(RedirectToAction("Survey", "Home"));
}
}
}
catch
{
return(RedirectToAction("IncorrectLogin"));
}
return(RedirectToAction("IncorrectLogin"));
}
public void HashProvider_ReturnsPasswordMatch(string password, string salt, string hashedPassword)
{
HashProvider hashProvider = new HashProvider();
Assert.IsTrue(hashProvider.VerifyPasswordMatch(hashedPassword, password, salt));
}
