public ActionResult forgotPassword(forgotPassword User) { if (!ModelState.IsValid) { ModelState.AddModelError("BadRequest", "Invalid Request!"); } try { using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { var emailId = db.tblUsers.FirstOrDefault(e => e.Email == User.Email); emailId.forgotPasswordCode = Guid.NewGuid(); db.SaveChanges(); changePasswordEmail(emailId.Email, emailId.forgotPasswordCode.ToString()); ModelState.AddModelError("Sent", "Link to change password has been sent to your email id."); } } catch (Exception ex) { string s = ex.Message; ModelState.AddModelError("BadRequest", "Invalid Request!"); } return(View()); }
// Delete a user or an admin public ActionResult DeleteSelectedUser(int id) { if (Session["Login"] == null) { return(RedirectToAction("SignIn", "Login")); } else { using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { var deleteUser = db.tblUsers.Where(e => e.Id == id).FirstOrDefault(); if (id != (int)Session["Login"]) // User cannot delete himself as there should be atleast one admin { // if he deletes all other admins. db.tblUsers.Remove(deleteUser); db.SaveChanges(); return(RedirectToAction("User_Data", "UserData")); } else { Session["CannotDelete"] = 1; return(RedirectToAction("SelectedUser", "UserData", new { id = deleteUser.Id })); } } } }
public ActionResult Notes_Data() { if (Session["Login"] == null) { return(RedirectToAction("SignIn", "Login")); } using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { var notes = db.tblNotes.ToList(); return(View(notes)); } }
public ActionResult User_Data() { Session["CannotDelete"] = null; if (Session["Login"] == null) { return(RedirectToAction("SignIn", "Login")); } using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { var users = db.tblUsers.ToList(); return(View(users)); } }
public ActionResult changePassword(string id, changePassword pass) { try { using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { if (pass.newPassword.Equals(pass.confirmNewPassword) && pass.newPassword.Length >= 6 && pass.newPassword.Length <= 15) { var passwordChanged = db.tblUsers.Where(e => e.forgotPasswordCode == new Guid(id)).FirstOrDefault(); string newPass = pass.newPassword; var sha384Factory = HmacFactory; var random = new CryptoRandom(); byte[] derivedKey; string hashedPassword = null; string passwordText = newPass; byte[] passwordBytes = SafeUTF8.GetBytes(passwordText); var salt = random.NextBytes(384 / 8); using (var pbkdf2 = new PBKDF2(sha384Factory, passwordBytes, salt, 256 * 1000)) derivedKey = pbkdf2.GetBytes(384 / 8); using (var hmac = sha384Factory()) { hmac.Key = derivedKey; hashedPassword = hmac.ComputeHash(passwordBytes).ToBase16(); } passwordChanged.Password = hashedPassword; passwordChanged.Salt = salt; passwordChanged.forgotPasswordCode = null; db.SaveChanges(); ModelState.AddModelError("Changed", "Password changed successfully!"); } } } catch (Exception ex) { string s = ex.Message; ModelState.AddModelError("BadRequest", "Error occurred, please try again!"); } return(View()); }
public ActionResult SelectedUser(int id) { if (Session["Login"] == null) { return(RedirectToAction("SignIn", "Login")); } else { using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { if (Session["CannotDelete"] != null) { ModelState.AddModelError("CannotDelete", "Admin cannot delete himself!"); } var selectUser = db.tblUsers.Where(e => e.Id == id).FirstOrDefault(); return(View(selectUser)); } } }
public ActionResult VerifyAccount(string id) { // bool Status = false; using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { bool deleted = false; bool expired = false; bool activated = false; var activate = db.tblUsers.Where(e => e.ActivationCode == new Guid(id)).FirstOrDefault(); if (activate == null) { deleted = true; ViewBag.Deleted = deleted; ModelState.AddModelError("Deleted", "Account deleted! Create Again!"); return(View()); } else { DateTime expire = activate.Created_at.Value.AddDays(1); DateTime present = DateTime.Now; if (present >= expire) { expired = true; ViewBag.Expired = expired; ModelState.AddModelError("Expired", "Link Expired! Register Again!"); return(View()); } else { activate.IsEmailVerified = 1; db.SaveChanges(); activated = true; ViewBag.Activated = activated; ModelState.AddModelError("Activated", "Congratulations! Account activated! You are also a Notestash admin now."); return(View()); } } } }
public string Create(signUp objUser) { var sha384Factory = HmacFactory; var random = new CryptoRandom(); byte[] derivedKey; string hashedPassword = null; string passwordText = objUser.Password; byte[] passwordBytes = SafeUTF8.GetBytes(passwordText); var salt = random.NextBytes(384 / 8); using (var pbkdf2 = new PBKDF2(sha384Factory, passwordBytes, salt, 256 * 1000)) derivedKey = pbkdf2.GetBytes(384 / 8); using (var hmac = sha384Factory()) { hmac.Key = derivedKey; hashedPassword = hmac.ComputeHash(passwordBytes).ToBase16(); } try { tblUser objTblUser = new tblUser(); objTblUser.Id = objUser.Id; objTblUser.FullName = objUser.FullName; objTblUser.Password = hashedPassword; objTblUser.Email = objUser.Email; objTblUser.Salt = salt; objTblUser.ProfilePicture = null; objTblUser.IsEmailVerified = 0; objTblUser.ActivationCode = Guid.NewGuid(); objTblUser.Created_at = DateTime.Now; objTblUser.AdminOrUser = 2; using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { DateTime present = DateTime.Now; var userList = db.tblUsers.Where(a => a.IsEmailVerified == 0).ToList(); foreach (tblUser user in userList) { DateTime expire = user.Created_at.Value.AddDays(1); if (present >= expire) { db.tblUsers.Remove(user); } } db.SaveChanges(); var existingUser = db.tblUsers.FirstOrDefault(e => e.Email.Equals(objUser.Email)); if (existingUser == null) { db.tblUsers.Add(objTblUser); db.SaveChanges(); return(objUser.Email + " " + objTblUser.ActivationCode.ToString()); } else { return("exists"); } } } catch (Exception ex) { string s = ex.ToString(); return("error"); } }
public ActionResult SignIn(signIn User) { try { using (Notestash_Database_Entities db = new Notestash_Database_Entities()) { var user = db.tblUsers.FirstOrDefault(e => e.Email.Equals(User.Email)); if (user != null) { var sha384Factory = HmacFactory; byte[] derivedKey; string hashedPassword = null; string suppliedPassword = User.Password; byte[] passwordBytes = SafeUTF8.GetBytes(suppliedPassword); using (var pbkdf2 = new PBKDF2(sha384Factory, passwordBytes, user.Salt, 256 * 1000)) derivedKey = pbkdf2.GetBytes(384 / 8); using (var hmac = sha384Factory()) { hmac.Key = derivedKey; hashedPassword = hmac.ComputeHash(passwordBytes).ToBase16(); } var userCredentials = db.tblUsers.FirstOrDefault(e => e.Email.Equals(user.Email) && e.Password.Equals(hashedPassword) && e.AdminOrUser == 2); if (userCredentials != null) { Session["Login"] = user.Id; // cookie based login //int timeout = User.RememberMe ? 52560 : 20; //var ticket = new FormsAuthenticationTicket(User.Email, User.RememberMe, timeout); //string encrypted = FormsAuthentication.Encrypt(ticket); //var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted); //cookie.Expires = DateTime.Now.AddMinutes(timeout); //cookie.HttpOnly = true; //Response.Cookies.Add(cookie); return(RedirectToAction("User_Data", "UserData")); } else { ModelState.AddModelError("WrongCredentials", "Wrong Credentials!"); } } else { ModelState.AddModelError("WrongCredentials", "Wrong Credentials!"); } } } catch (Exception ex) { string s = ex.ToString(); ModelState.AddModelError("BadRequest", "Invalid Request!"); } return(View()); }