public void Get_DoesNotReturnNullForValidUserName() { var actualUserSession = _userLoginService.GetUserSessionModel(VALID_USER_NAME); //test Assert.IsNotNull(actualUserSession); }
public MobileResponseModel Post([FromBody] UserLoginModel model) { var authenticationModel = new MobileResponseModel { IsSuccess = false }; if (string.IsNullOrEmpty(model.Password) || string.IsNullOrEmpty(model.UserName) || string.IsNullOrEmpty(model.DeviceKey)) { authenticationModel.Message = "UserName or Password can not be empty"; return(authenticationModel); } var isValid = _userLoginRepository.ValidateUser(model.UserName, model.Password); if (isValid) { try { var userSession = _userLoginService.GetUserSessionModel(model.UserName); if (userSession.CurrentOrganizationRole == null) { authenticationModel.Message = "Your default role has been removed. Please contact your administrator."; return(authenticationModel); } if (!userSession.CurrentOrganizationRole.CheckRole((long)Roles.Technician) && !userSession.CurrentOrganizationRole.CheckRole((long)Roles.NursePractitioner)) { authenticationModel.Message = "Your default role must be Technician or Nurse Practitioner. Please contact your administrator."; return(authenticationModel); } int pinExpirationDays = 0; Int32.TryParse(_configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.PinExpirationDays), out pinExpirationDays); int daysBeforAlert = 0; Int32.TryParse(_configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AlertBeforePinExpirationInDays), out daysBeforAlert); var pinExpireInDays = _technicianRepository.GetPinExpireInDays(userSession.CurrentOrganizationRole.OrganizationRoleUserId, pinExpirationDays); if (pinExpireInDays <= daysBeforAlert) { pinExpireInDays = pinExpireInDays <= 0 ? 0 : pinExpireInDays; } _sessionContext.UserSession = userSession; var loggedInUser = _userRepository.GetUser(userSession.UserId); _sessionContext.LastLoggedInTime = loggedInUser.UserLogin.LastLogged.ToString(); _userLoginRepository.UpdateLoginStatus(_sessionContext.UserSession.UserId, true); var sessionId = Guid.NewGuid().ToString(); var userLoginLog = SaveLoginInfo(userSession.UserId, sessionId, model.DeviceKey); _sessionContext.UserSession.UserLoginLogId = userLoginLog.Id; var technicianProfile = new Technician(); if (_sessionContext.UserSession.AvailableOrganizationRoles.Any(x => x.RoleId == (long)Roles.Technician)) { var technicianOrgRoleUserId = _sessionContext.UserSession.AvailableOrganizationRoles.First(x => x.RoleId == (long)Roles.Technician).OrganizationRoleUserId; technicianProfile = _technicianRepository.GetTechnician(technicianOrgRoleUserId); } authenticationModel = new MobileResponseModel { IsSuccess = true, Message = "Successfully Logged In", StatusCode = 200, Data = new AuthenticationModel { UserId = userSession.UserId,//Todo: need to check if OrgRoleUserID Can be Sent Token = (sessionId + "_" + userLoginLog.UserId).Encrypt(), Name = userSession.FullName, Role = userSession.CurrentOrganizationRole.RoleDisplayName, Pin = !string.IsNullOrWhiteSpace(technicianProfile.Pin) ? technicianProfile.Pin.Encrypt() : string.Empty, ShowAlertBeforePinExpirationInDays = daysBeforAlert, RemainingDays = pinExpireInDays, } }; } catch (Exception exception) { _logger.Error("while loging user" + exception.StackTrace); authenticationModel.Message = "UserName or Password is not valid"; return(authenticationModel); } } else { _logger.Warn("Tried to access with invalid cridential"); authenticationModel.Message = "UserName or Password is not valid"; return(authenticationModel); } return(authenticationModel); }
public ActionResult Index(UserLoginModel userLoginModel, string returnUrl) { if (!ModelState.IsValid) { return(View(userLoginModel)); } bool isValid = _loginRepository.ValidateUser(userLoginModel.UserName, userLoginModel.Password); if (isValid) { try { var userLogin = _loginRepository.GetByUserName(userLoginModel.UserName); var user = _userRepository.GetUser(userLogin.Id); var orgRoles = _organizationRoleUserRepository.GetOrganizationRoleUserCollectionforaUser(user.Id); if (orgRoles.Any(oru => oru.RoleId == (long)Roles.Customer) && user.DefaultRole == Roles.Customer) { var customer = _customerRepository.GetCustomerByUserId(user.Id); if (!string.IsNullOrEmpty(customer.Tag)) { var account = _corporateAccountRepository.GetByTag(customer.Tag); if (account != null && !account.AllowCustomerPortalLogin) { userLoginModel.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("Unable to login in. Please contact " + _settings.SupportEmail + " OR call us at " + _settings.PhoneTollFree); return(View(userLoginModel)); } } } var userName = userLoginModel.UserName; FormsAuthentication.SetAuthCookie(userName, true); _sessionContext.UserSession = _loginService.GetUserSessionModel(userName); _sessionContext.LastLoggedInTime = userLogin.LastLogged.ToString(); if (_sessionContext.UserSession.CurrentOrganizationRole == null) { userLoginModel.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage( "Your default role has been removed. Please contact your administrator."); return(View(userLoginModel)); } Role role = null; var isTwoFactorAuthrequired = true; var useOtpSms = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms); var useOtpEmail = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail); var useOtpByGoogleAuthenticator = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator); var isPinRequired = false; if (useOtpSms == "True" || useOtpEmail == "True" || useOtpByGoogleAuthenticator == "True") { var defaultRole = orgRoles.FirstOrDefault(oru => oru.RoleId == (long)user.DefaultRole); if (defaultRole != null) { role = _roleRepository.GetByRoleId(defaultRole.RoleId); isPinRequired = role.IsPinRequired; } if (userLogin.IsTwoFactorAuthrequired == null) { if (defaultRole != null) { isTwoFactorAuthrequired = role.IsTwoFactorAuthrequired; } } else { isTwoFactorAuthrequired = userLogin.IsTwoFactorAuthrequired.Value; } } else { isTwoFactorAuthrequired = false; } if (isTwoFactorAuthrequired || isPinRequired) { var loginSettings = _loginSettingRepository.Get(_sessionContext.UserSession.UserId); if (loginSettings == null || loginSettings.IsFirstLogin) { TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired; return(RedirectToAction("Setup")); } else if (isPinRequired && loginSettings.DownloadFilePin == "") { TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired; TempData["setPinOnly"] = true; return(RedirectToAction("Setup")); } if (isTwoFactorAuthrequired) { var isSafe = false; var isSafeAllowed = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember); if (isSafeAllowed == "True") { var browserName = Request.Browser.Browser + " " + Request.Browser.Version; var requestingIp = Request.UserHostAddress; var safeComputer = new SafeComputerHistory() { BrowserType = browserName, ComputerIp = requestingIp, DateCreated = DateTime.Now, IsActive = true, UserLoginId = user.Id }; isSafe = _safeComputerHistoryService.IsSafe(safeComputer); } if (!isSafe) { if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Sms) { if (useOtpSms == "True") { return(RedirectToAction("Otp")); } TempData["IsTwoFactorAuthrequired"] = true; TempData["IsOnGlobalSettingChange"] = true; return(RedirectToAction("Setup")); } if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Email) { if (useOtpEmail == "True") { return(RedirectToAction("Otp")); } TempData["IsTwoFactorAuthrequired"] = true; TempData["IsOnGlobalSettingChange"] = true; return(RedirectToAction("Setup")); } if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.BothSmsEmail) { if (useOtpSms == "True" || useOtpEmail == "True") { return(RedirectToAction("Otp")); } TempData["IsTwoFactorAuthrequired"] = true; TempData["IsOnGlobalSettingChange"] = true; return(RedirectToAction("Setup")); } if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.AuthenticatorApp) { return(RedirectToAction("Authenticator")); } } } } return(GoToDashboard(_sessionContext.UserSession.UserId, returnUrl)); } catch (Exception ex) { _logger.Error("Error: Message: " + ex.Message + "\n Stack trace:" + ex.StackTrace); userLoginModel.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("System Error: Unable to login in. Please contact support."); return(View(userLoginModel)); } } //not logged in. return(View(GetLoginFailureMessage(userLoginModel))); }