private static string AuthenticateUser(int userId, int organizationId, bool storeInfo, bool isBackDoor = false)
{
string result = string.Empty;
LoginUser loginUser = new LoginUser(UserSession.ConnectionString, userId, organizationId, null);
User user = Users.GetUser(loginUser, userId);
string deviceID = GetDeviceID();
TSAuthentication.Authenticate(user, isBackDoor, deviceID);
if (!isBackDoor)
{
LoginAttempts.AddAttempt(loginUser, userId, true, HttpContext.Current.Request.UserHostAddress, HttpContext.Current.Request.Browser, HttpContext.Current.Request.UserAgent, deviceID);
System.Web.HttpBrowserCapabilities browser = HttpContext.Current.Request.Browser;
ActionLogs.AddActionLog(loginUser, ActionLogType.Insert, ReferenceType.Users, userId, "Logged in (" + browser.Browser + " " + browser.Version + ")");
ConfirmBaseData(loginUser);
if (storeInfo)
{
HttpContext.Current.Response.Cookies["rm"]["a"] = user.Email;
HttpContext.Current.Response.Cookies["rm"]["b"] = user.OrganizationID.ToString();
HttpContext.Current.Response.Cookies["rm"].Expires = DateTime.UtcNow.AddDays(7);
}
else
{
HttpContext.Current.Response.Cookies["rm"].Value = "";
}
}
if (user.IsPasswordExpired && !isBackDoor)
{
result = string.Format("vcr/1/LoginNewPassword.html?UserID={0}&Token={1}", user.UserID, user.CryptedPassword);
}
else
{
string rawQueryString = null;
try
{
rawQueryString = HttpContext.Current.Request.UrlReferrer.Query;
}
catch (Exception)
{
//vv
}
if (!string.IsNullOrEmpty(rawQueryString))
{
string urlRedirect = GetQueryStringValue(rawQueryString, "ReturnUrl");
if (!string.IsNullOrEmpty(urlRedirect) && urlRedirect.Trim().Length > 0)
{
result = urlRedirect;
}
else
{
result = ".";
}
}
else
{
result = ".";
}
}
return(result);
}
private static SignInResult IsValid(LoginUser loginUser, string email, string password, int organizationId, ref User user, ref Organization organization)
{
SignInResult validation = new SignInResult();
organization = Organizations.GetOrganization(loginUser, organizationId);
bool isNewSignUp = DateTime.UtcNow.Subtract(organization.DateCreatedUtc).TotalMinutes < 10;
if (!organization.IsActive)
{
if (string.IsNullOrEmpty(organization.InActiveReason))
{
validation.Error = "Your account is no longer active. Please contact TeamSupport.com.";
validation.Result = LoginResult.Fail;
}
else
{
validation.Error = "Your company account is no longer active.<br />" + organization.InActiveReason;
validation.Result = LoginResult.Fail;
}
TSEventLog.WriteEvent(TSEventLogEventType.FailedLoginAttempt, HttpContext.Current.Request, null, organization, new string[] { "Email: " + email });
return(validation);
}
Users users = new Users(loginUser);
users.LoadByEmail(1, email);
if (users.Count == 1)
{
user = users[0];
}
else
{
foreach (User u in users)
{
if (u.OrganizationID == organizationId)
{
user = u;
break;
}
}
}
int attempts = LoginAttempts.GetAttemptCount(loginUser, user.UserID, 15);
validation.LoginFailedAttempts = attempts;
if (user != null && attempts <= MAXLOGINATTEMPTS)
{
validation.UserId = user.UserID;
validation.OrganizationId = user.OrganizationID;
if (IsSupportImpersonation(password))
{
_skipVerification = true;
validation.Result = LoginResult.Success;
validation.Error = string.Empty;
//vv Log this information!
}
else
{
if (user.CryptedPassword != EncryptPassword(password) && user.CryptedPassword != password && !isNewSignUp)
{
validation.Error = "Invalid email or password.";
validation.Result = LoginResult.Fail;
}
if (!organization.IsActive)
{
if (string.IsNullOrEmpty(organization.InActiveReason))
{
validation.Error = "Your account is no longer active. Please contact TeamSupport.com.";
validation.Result = LoginResult.Fail;
}
else
{
validation.Error = "Your company account is no longer active.<br />" + organization.InActiveReason;
validation.Result = LoginResult.Fail;
}
}
if (!user.IsActive)
{
validation.Error = "Your account is no longer active.   Please contact your administrator.";
validation.Result = LoginResult.Fail;
}
DateTime passwordCreatedDate = user.PasswordCreatedUtc != null ? (DateTime)user.PasswordCreatedUtc : user.DateCreated;
if (validation.Result != LoginResult.Fail && user.IsPasswordExpired || (organization.DaysBeforePasswordExpire > 0 && DateTime.UtcNow > passwordCreatedDate.AddDays(organization.DaysBeforePasswordExpire)))
{
validation.Error = "Your password has expired.";
validation.Result = LoginResult.PasswordExpired;
}
}
}
else if (user == null)
{
validation.Error = "Invalid email or password.";
validation.Result = LoginResult.Fail;
}
else
{
validation.Error = string.Format("Your account is temporarily locked, because of too many failed login attempts.{0}Try again in 15 minutes or use the forgot password link above to reset your password. ", Environment.NewLine);
validation.Result = LoginResult.Fail;
if (attempts == MAXLOGINATTEMPTS + 1)
{
TSEventLog.WriteEvent(TSEventLogEventType.AccountLocked, HttpContext.Current.Request, user, organization);
EmailPosts.SendTooManyAttempts(loginUser, user.UserID);
}
}
if (validation.Result != LoginResult.Success && validation.Result != LoginResult.Unknown && !string.IsNullOrEmpty(validation.Error))
{
TSEventLog.WriteEvent(TSEventLogEventType.FailedLoginAttempt, HttpContext.Current.Request, user, organization, new string[] { "Attempted Email: " + email });
LoginAttempts.AddAttempt(loginUser, user.UserID, false, HttpContext.Current.Request.UserHostAddress, HttpContext.Current.Request.Browser, HttpContext.Current.Request.UserAgent, GetDeviceID());
}
else
{
TSEventLog.WriteEvent(TSEventLogEventType.LoginSuccess, HttpContext.Current.Request, user, organization);
validation.Result = LoginResult.Success;
}
return(validation);
}