public ActionResult Login(LoginCredentialModel loginCredentials)
{
UserProcess userProcessor = new UserProcess();
if (ModelState.IsValid)
{
int result = userProcessor.LoginUser(loginCredentials.Username, MD5HashProvider.CreateMD5Hash(loginCredentials.Password));
if (result == FASTConstant.RETURN_VAL_SUCCESS)
{
// set the forms auth cookie
FormsAuthentication.SetAuthCookie(loginCredentials.Username.ToString(), false);
// reset request.isauthenticated
var authCookie = System.Web.HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
if (authTicket != null && !authTicket.Expired)
{
var roles = authTicket.UserData.Split(',');
System.Web.HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(new FormsIdentity(authTicket), roles);
}
}
return(RedirectToAction("MyAssets", "Home"));
}
else
{
ModelState.AddModelError("", "Wrong Employee Employee ID or Password");
}
}
return(View());
}
public void TestChangePassword()
{
string expected = MD5HashProvider.CreateMD5Hash("111111");
string origPassword = MD5HashProvider.CreateMD5Hash("14560");
Repository.UnitsOfWork.GenericUnitOfWork <Registration> reg =
new Repository.UnitsOfWork.GenericUnitOfWork <Registration>();
Registration result = reg.Repository.GetAllQueryable().Where(m => m.EmployeeID == 114560).First();
int actual = _userProcess.ChangePassword(114560, expected, result.Password);
Assert.AreEqual(FASTConstant.RETURN_VAL_SUCCESS, actual);
_userProcess.ChangePassword(114560, origPassword, result.Password);
}
public ActionResult ChangePassword(ChangePasswordModel changePasswordModel)
{
UserProcess userProcessor = new UserProcess();
int result = userProcessor.ChangePassword(changePasswordModel.Username,
MD5HashProvider.CreateMD5Hash(changePasswordModel.NewPassword), MD5HashProvider.CreateMD5Hash(changePasswordModel.OldPassword));
if (result == FASTConstant.RETURN_VAL_SUCCESS)
{
TempData[FASTConstant.TMPDATA_RESULT] = FASTConstant.SUCCESSFUL;
TempData[FASTConstant.TMPDATA_EXTRAMESSAGE] = "Thank you. Change password was successful.";
}
else
{
TempData[FASTConstant.TMPDATA_RESULT] = FASTConstant.FAILURE;
TempData[FASTConstant.TMPDATA_EXTRAMESSAGE] = "Change password failed. Please try again or contact the AppAdmin.";
}
TempData[FASTConstant.TMPDATA_SOURCE] = "Change Password";
TempData[FASTConstant.TMPDATA_CONTROLLER] = "Home";
TempData[FASTConstant.TMPDATA_ACTION] = "Index";
return(View("~/Views/Shared/Result.cshtml"));
}
public int RegisterUser(int userID)
{
tracer.Info("Registering : " + userID.ToString());
Registration regData;
Employee empData = _unitOfWork.Employees.GetByID(userID);
string password = string.Empty;
string clearPwd = string.Empty;
if (empData != null)
{
int recordFound = _unitOfWork.Registrations.GetAllQueryable().Where(m => m.EmployeeID == userID).ToList().Count;
if (recordFound == 0)
{
password = System.Web.Security.Membership.GeneratePassword(8, 0);
clearPwd = password;
password = MD5HashProvider.CreateMD5Hash(Regex.Replace(password, @"[^a-zA-Z0-9]", m => "$"));
regData = new Registration()
{
EmployeeID = userID, Password = password, Status = 1, DateStamp = DateTime.Now
};
_unitOfWork.Registrations.Insert(regData);
if (_unitOfWork.Save() > 0)
{
tracer.Info("Registration Success. Sending Email Notification.");
//send email notification to user uisng the emp email
FastEmail email = new FastEmail();
email.Receipients = new List <string>()
{
empData.EmailAddress
};
email.Subject = FASTConstant.EMAIL_SIMPLE_SUBJECT.Replace("[XXX]", "User Registration");
email.HTMLBody = Helper.EmailHelper.GenerateHTMLBody(Helper.EmailHelper.EmailType.REGISTRATION);
email.HTMLBody = email.HTMLBody.Replace(FASTConstant.EMAIL_RECEIPIENT_NAME, empData.FirstName + " " + empData.LastName);
email.HTMLBody = email.HTMLBody.Replace(FASTConstant.EMAIL_USERNAME, empData.EmployeeID.ToString());
email.HTMLBody = email.HTMLBody.Replace(FASTConstant.EMAIL_PASSWORD, clearPwd);
SMTPEmail emailSender = new SMTPEmail(_emailConfig, email);
emailSender.SendEmail();
_unitOfWork.LogSuccess(FASTConstant.AUDIT_ACTION_USER_REG, "", employeeID: userID);
return(FASTConstant.RETURN_VAL_SUCCESS);
}
else
{
tracer.Warn("Registration Failed.");
return(FASTConstant.RETURN_VAL_FAILED);
}
}
else
{
tracer.Warn("Registration Failed. User already registered.");
_unitOfWork.LogFailure(FASTConstant.AUDIT_ACTION_USER_REG, "Duplicate ID", employeeID: userID);
return(FASTConstant.RETURN_VAL_DUPLICATE);
}
}
else
{
tracer.Warn("Registration Failed. User not found in DB.");
_unitOfWork.LogFailure(FASTConstant.AUDIT_ACTION_USER_REG, "Not Found", employeeID: userID);
return(FASTConstant.RETURN_VAL_NOT_FOUND);
}
}
public int ResetPassword(int userID)
{
tracer.Info("Reset Password : "******"[^a-zA-Z0-9]", m => "$");
password = MD5HashProvider.CreateMD5Hash(clearPassword);
regData.Password = password;
_unitOfWork.Registrations.Update(regData);
if (_unitOfWork.Save() > 0)
{
tracer.Info("Reset Password Success. Sending Email Notification.");
//notify through email
FastEmail email = new FastEmail();
email.Receipients = new List <string>()
{
empData.EmailAddress
};
email.Subject = FASTConstant.EMAIL_SIMPLE_SUBJECT.Replace("[XXX]", "Reset Password");
email.HTMLBody = Helper.EmailHelper.GenerateHTMLBody(Helper.EmailHelper.EmailType.RESET_PASSWORD);
email.HTMLBody = email.HTMLBody.Replace(FASTConstant.EMAIL_RECEIPIENT_NAME, empData.FirstName + " " + empData.LastName);
email.HTMLBody = email.HTMLBody.Replace(FASTConstant.EMAIL_USERNAME, empData.EmployeeID.ToString());
email.HTMLBody = email.HTMLBody.Replace(FASTConstant.EMAIL_PASSWORD, clearPassword);
SMTPEmail emailSender = new SMTPEmail(_emailConfig, email);
emailSender.SendEmail();
_unitOfWork.LogSuccess(FASTConstant.AUDIT_ACTION_USER_RESET, "", employeeID: userID);
return(FASTConstant.RETURN_VAL_SUCCESS);
}
else
{
tracer.Warn("Reset Password Failed.");
_unitOfWork.LogFailure(FASTConstant.AUDIT_ACTION_USER_RESET, "", employeeID: userID);
return(FASTConstant.RETURN_VAL_FAILED);
}
}
else
{
tracer.Warn("Reset Password Failed. User Not Found.");
_unitOfWork.LogFailure(FASTConstant.AUDIT_ACTION_USER_RESET, "Not Found", employeeID: userID);
return(FASTConstant.RETURN_VAL_NOT_FOUND);
}
}
else
{
tracer.Warn("Reset Password Failed. User Not Found.");
_unitOfWork.LogFailure(FASTConstant.AUDIT_ACTION_USER_RESET, "Not Found", employeeID: userID);
return(FASTConstant.RETURN_VAL_NOT_FOUND);
}
}