public void Get_DoesNotReturnNullForValidUserName()
{
var actualUserSession = _userLoginService.GetUserSessionModel(VALID_USER_NAME);
//test
Assert.IsNotNull(actualUserSession);
}
public MobileResponseModel Post([FromBody] UserLoginModel model)
{
var authenticationModel = new MobileResponseModel
{
IsSuccess = false
};
if (string.IsNullOrEmpty(model.Password) || string.IsNullOrEmpty(model.UserName) ||
string.IsNullOrEmpty(model.DeviceKey))
{
authenticationModel.Message = "UserName or Password can not be empty";
return(authenticationModel);
}
var isValid = _userLoginRepository.ValidateUser(model.UserName, model.Password);
if (isValid)
{
try
{
var userSession = _userLoginService.GetUserSessionModel(model.UserName);
if (userSession.CurrentOrganizationRole == null)
{
authenticationModel.Message = "Your default role has been removed. Please contact your administrator.";
return(authenticationModel);
}
if (!userSession.CurrentOrganizationRole.CheckRole((long)Roles.Technician) && !userSession.CurrentOrganizationRole.CheckRole((long)Roles.NursePractitioner))
{
authenticationModel.Message = "Your default role must be Technician or Nurse Practitioner. Please contact your administrator.";
return(authenticationModel);
}
int pinExpirationDays = 0;
Int32.TryParse(_configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.PinExpirationDays), out pinExpirationDays);
int daysBeforAlert = 0;
Int32.TryParse(_configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AlertBeforePinExpirationInDays), out daysBeforAlert);
var pinExpireInDays = _technicianRepository.GetPinExpireInDays(userSession.CurrentOrganizationRole.OrganizationRoleUserId, pinExpirationDays);
if (pinExpireInDays <= daysBeforAlert)
{
pinExpireInDays = pinExpireInDays <= 0 ? 0 : pinExpireInDays;
}
_sessionContext.UserSession = userSession;
var loggedInUser = _userRepository.GetUser(userSession.UserId);
_sessionContext.LastLoggedInTime = loggedInUser.UserLogin.LastLogged.ToString();
_userLoginRepository.UpdateLoginStatus(_sessionContext.UserSession.UserId, true);
var sessionId = Guid.NewGuid().ToString();
var userLoginLog = SaveLoginInfo(userSession.UserId, sessionId, model.DeviceKey);
_sessionContext.UserSession.UserLoginLogId = userLoginLog.Id;
var technicianProfile = new Technician();
if (_sessionContext.UserSession.AvailableOrganizationRoles.Any(x => x.RoleId == (long)Roles.Technician))
{
var technicianOrgRoleUserId = _sessionContext.UserSession.AvailableOrganizationRoles.First(x => x.RoleId == (long)Roles.Technician).OrganizationRoleUserId;
technicianProfile = _technicianRepository.GetTechnician(technicianOrgRoleUserId);
}
authenticationModel = new MobileResponseModel
{
IsSuccess = true,
Message = "Successfully Logged In",
StatusCode = 200,
Data = new AuthenticationModel
{
UserId = userSession.UserId,//Todo: need to check if OrgRoleUserID Can be Sent
Token = (sessionId + "_" + userLoginLog.UserId).Encrypt(),
Name = userSession.FullName,
Role = userSession.CurrentOrganizationRole.RoleDisplayName,
Pin = !string.IsNullOrWhiteSpace(technicianProfile.Pin) ? technicianProfile.Pin.Encrypt() : string.Empty,
ShowAlertBeforePinExpirationInDays = daysBeforAlert,
RemainingDays = pinExpireInDays,
}
};
}
catch (Exception exception)
{
_logger.Error("while loging user" + exception.StackTrace);
authenticationModel.Message = "UserName or Password is not valid";
return(authenticationModel);
}
}
else
{
_logger.Warn("Tried to access with invalid cridential");
authenticationModel.Message = "UserName or Password is not valid";
return(authenticationModel);
}
return(authenticationModel);
}
public ActionResult Index(UserLoginModel userLoginModel, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(userLoginModel));
}
bool isValid = _loginRepository.ValidateUser(userLoginModel.UserName, userLoginModel.Password);
if (isValid)
{
try
{
var userLogin = _loginRepository.GetByUserName(userLoginModel.UserName);
var user = _userRepository.GetUser(userLogin.Id);
var orgRoles = _organizationRoleUserRepository.GetOrganizationRoleUserCollectionforaUser(user.Id);
if (orgRoles.Any(oru => oru.RoleId == (long)Roles.Customer) && user.DefaultRole == Roles.Customer)
{
var customer = _customerRepository.GetCustomerByUserId(user.Id);
if (!string.IsNullOrEmpty(customer.Tag))
{
var account = _corporateAccountRepository.GetByTag(customer.Tag);
if (account != null && !account.AllowCustomerPortalLogin)
{
userLoginModel.FeedbackMessage =
FeedbackMessageModel.CreateFailureMessage("Unable to login in. Please contact " +
_settings.SupportEmail + " OR call us at " +
_settings.PhoneTollFree);
return(View(userLoginModel));
}
}
}
var userName = userLoginModel.UserName;
FormsAuthentication.SetAuthCookie(userName, true);
_sessionContext.UserSession = _loginService.GetUserSessionModel(userName);
_sessionContext.LastLoggedInTime = userLogin.LastLogged.ToString();
if (_sessionContext.UserSession.CurrentOrganizationRole == null)
{
userLoginModel.FeedbackMessage =
FeedbackMessageModel.CreateFailureMessage(
"Your default role has been removed. Please contact your administrator.");
return(View(userLoginModel));
}
Role role = null;
var isTwoFactorAuthrequired = true;
var useOtpSms = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms);
var useOtpEmail = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail);
var useOtpByGoogleAuthenticator = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator);
var isPinRequired = false;
if (useOtpSms == "True" || useOtpEmail == "True" || useOtpByGoogleAuthenticator == "True")
{
var defaultRole = orgRoles.FirstOrDefault(oru => oru.RoleId == (long)user.DefaultRole);
if (defaultRole != null)
{
role = _roleRepository.GetByRoleId(defaultRole.RoleId);
isPinRequired = role.IsPinRequired;
}
if (userLogin.IsTwoFactorAuthrequired == null)
{
if (defaultRole != null)
{
isTwoFactorAuthrequired = role.IsTwoFactorAuthrequired;
}
}
else
{
isTwoFactorAuthrequired = userLogin.IsTwoFactorAuthrequired.Value;
}
}
else
{
isTwoFactorAuthrequired = false;
}
if (isTwoFactorAuthrequired || isPinRequired)
{
var loginSettings = _loginSettingRepository.Get(_sessionContext.UserSession.UserId);
if (loginSettings == null || loginSettings.IsFirstLogin)
{
TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired;
return(RedirectToAction("Setup"));
}
else if (isPinRequired && loginSettings.DownloadFilePin == "")
{
TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired;
TempData["setPinOnly"] = true;
return(RedirectToAction("Setup"));
}
if (isTwoFactorAuthrequired)
{
var isSafe = false;
var isSafeAllowed = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember);
if (isSafeAllowed == "True")
{
var browserName = Request.Browser.Browser + " " + Request.Browser.Version;
var requestingIp = Request.UserHostAddress;
var safeComputer = new SafeComputerHistory()
{
BrowserType = browserName,
ComputerIp = requestingIp,
DateCreated = DateTime.Now,
IsActive = true,
UserLoginId = user.Id
};
isSafe = _safeComputerHistoryService.IsSafe(safeComputer);
}
if (!isSafe)
{
if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Sms)
{
if (useOtpSms == "True")
{
return(RedirectToAction("Otp"));
}
TempData["IsTwoFactorAuthrequired"] = true;
TempData["IsOnGlobalSettingChange"] = true;
return(RedirectToAction("Setup"));
}
if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Email)
{
if (useOtpEmail == "True")
{
return(RedirectToAction("Otp"));
}
TempData["IsTwoFactorAuthrequired"] = true;
TempData["IsOnGlobalSettingChange"] = true;
return(RedirectToAction("Setup"));
}
if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.BothSmsEmail)
{
if (useOtpSms == "True" || useOtpEmail == "True")
{
return(RedirectToAction("Otp"));
}
TempData["IsTwoFactorAuthrequired"] = true;
TempData["IsOnGlobalSettingChange"] = true;
return(RedirectToAction("Setup"));
}
if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.AuthenticatorApp)
{
return(RedirectToAction("Authenticator"));
}
}
}
}
return(GoToDashboard(_sessionContext.UserSession.UserId, returnUrl));
}
catch (Exception ex)
{
_logger.Error("Error: Message: " + ex.Message + "\n Stack trace:" + ex.StackTrace);
userLoginModel.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("System Error: Unable to login in. Please contact support.");
return(View(userLoginModel));
}
}
//not logged in.
return(View(GetLoginFailureMessage(userLoginModel)));
}
