/// <summary> /// Retrieve the Registered user security quetion details /// </summary> /// <param name="recID"></param> /// <returns></returns> public HttpResponseMessage Get(int recID) { _logger.Debug("UserSecurity Get called"); //SqlDataReader reader = null; RNDUserSecurityAnswer security = null; try { CurrentUser user = ApiUser; security = new RNDUserSecurityAnswer(); AdoHelper ado = new AdoHelper(); security.RNDSecurityQuestions = new List <SelectListItem>() { GetInitialSelectItem() }; if (recID > 0) { } else { using (SqlDataReader reader = ado.ExecDataReaderProc("RNDSecurityQuestions_READ", "RND", null)) { if (reader.HasRows) { while (reader.Read()) { security.RNDSecurityQuestions.Add(new SelectListItem { Value = Convert.ToString(reader["RNDSecurityQuestionId"]), Text = Convert.ToString(reader["Question"]), }); } } if (ado._conn != null && ado._conn.State == System.Data.ConnectionState.Open) { ado._conn.Close(); ado._conn.Dispose(); } } } security.UserName = ApiUser.UserName; return(Serializer.ReturnContent(security, this.Configuration.Services.GetContentNegotiator(), this.Configuration.Formatters, this.Request)); } catch (Exception ex) { _logger.Error(ex.Message); return(new HttpResponseMessage(HttpStatusCode.InternalServerError)); } }
/// <summary> /// Login validate the registered user details /// </summary> /// <param name="userName"></param> /// <returns></returns> public HttpResponseMessage Get(string userName) { _logger.Debug("Login Get called"); //SqlDataReader reader = null; RNDUserSecurityAnswer answer = null; try { CurrentUser user = ApiUser; answer = new RNDUserSecurityAnswer(); AdoHelper ado = new AdoHelper(); answer.RNDSecurityQuestions = new List <SelectListItem>() { GetInitialSelectItem() }; if (!string.IsNullOrEmpty(userName)) { SqlParameter param1 = new SqlParameter("@UserName", userName); using (SqlDataReader reader = ado.ExecDataReaderProc("RNDUserSecurityAnswers_Read", "RND", new object[] { param1 })) { if (reader.HasRows) { while (reader.Read()) { answer.RNDSecurityQuestions.Add(new SelectListItem { Value = Convert.ToString(reader["RNDSecurityQuestionId"]), Text = Convert.ToString(reader["Question"]), Selected = true, }); answer.RNDSecurityQuestionId = Convert.ToInt32(reader["RNDSecurityQuestionId"]); } } if (ado._conn != null && ado._conn.State == System.Data.ConnectionState.Open) { ado._conn.Close(); ado._conn.Dispose(); } } } return(Serializer.ReturnContent(answer, this.Configuration.Services.GetContentNegotiator(), this.Configuration.Formatters, this.Request)); } catch (Exception ex) { _logger.Error(ex.Message); return(new HttpResponseMessage(HttpStatusCode.InternalServerError)); } }
public ActionResult SecuityConfig(RNDUserSecurityAnswer model) { string message = ""; bool isSuccess = false; try { //start here var client = GetHttpClient(); var task = client.PutAsJsonAsync(Api + "api/login", model).ContinueWith((res) => { if (res.Result.IsSuccessStatusCode) { ApiViewModel VM = JsonConvert.DeserializeObject <ApiViewModel>(res.Result.Content.ReadAsStringAsync().Result); if (VM != null) { if (!string.IsNullOrEmpty(VM.Message)) { message = VM.Message; } else if (VM.Custom != null) { message = VM.Custom.Password; isSuccess = true; LoggedInUser.IsSecurityApplied = true; } if (isSuccess && this.HttpContext.Session["CurrentUser"] != null) { CurrentUser currentUser = (CurrentUser)this.HttpContext.Session["CurrentUser"]; currentUser.StatusCode = VM.Custom.StatusCode; this.HttpContext.Session["CurrentUser"] = currentUser; } } } }); task.Wait(); } catch (Exception ex) { _logger.Error(ex.Message); } return(RedirectToAction("WorkSutdyList", "WorkStudy")); }
public ActionResult SecuityConfig() { bool IsSecurityApplied = LoggedInUser.IsSecurityApplied; RNDUserSecurityAnswer rndUserSecurityAnswer = null; // store list of Security question in ViewBag.ddSecurityQuestions to access from Front End //IEnumerable<LMSSecurityQuestion> securityQuestions = unitofwork.LMSSecurityQuestionRepository.Get(x => x.StatusCode == StatusCodeConstants.Active); //List<SelectListItem> ddSecurityQuestions = new List<SelectListItem> { new SelectListItem { Text = "Please Select", Value = "-1" } }; //securityQuestions.ToList().ForEach(x => ddSecurityQuestions.Add(new SelectListItem { Text = x.Question, Value = x.LMSSecurityQuestionId.ToString() })); List <SelectListItem> ddSecurityQuestions = null; try { var client = GetHttpClient(); var task = client.GetAsync(Api + "api/UserSecurity?recID=0").ContinueWith((res) => { if (res.Result.IsSuccessStatusCode) { // RNDUserSecurityAnswer rndUserSecurityAnswer = JsonConvert.DeserializeObject <RNDUserSecurityAnswer>(res.Result.Content.ReadAsStringAsync().Result); if (rndUserSecurityAnswer != null) { ddSecurityQuestions = rndUserSecurityAnswer.RNDSecurityQuestions; rndUserSecurityAnswer.IsSecurityApplied = IsSecurityApplied; } } }); task.Wait(); // ViewBag.UserName = UserName; } catch (Exception ex) { _logger.Error(ex.Message); } ViewBag.ddSecurityQuestions = ddSecurityQuestions; // returns if the Security question is assigned to the Logged in user. // return View(IsSecurityApplied); return(View(rndUserSecurityAnswer)); }
/// <summary> /// Load Security /// </summary> /// <param name="UserName"></param> /// <returns></returns> public ActionResult LoadSecurity(string UserName) { try { bool isSuccess = false; string securityQuestion = ""; string message = ""; var client = GetHttpClient(); var task = client.GetAsync(Api + "api/login?userName="******"Invalid user"; } } else { message = "Invalid user"; } } }); task.Wait(); return(Json(new { IsSuccess = isSuccess, SecurityQuestion = securityQuestion, Message = message }, JsonRequestBehavior.AllowGet)); } catch (Exception ex) { _logger.Error(ex.Message); throw; } }
/// <summary> /// Save the Registered user security quetion details /// </summary> /// <param name="answer"></param> /// <returns></returns> public HttpResponseMessage Post(RNDUserSecurityAnswer answer) { string data = string.Empty; try { CurrentUser user = ApiUser; AdoHelper ado = new AdoHelper(); SqlParameter param1 = new SqlParameter("@RNDLoginId", user.UserId); SqlParameter param2 = new SqlParameter("@RNDSecurityQuestionId", answer.RNDSecurityQuestionId); // SqlParameter param3 = new SqlParameter("@SecurityAnswer", answer.SecurityAnswer); SqlParameter param4 = new SqlParameter("@CreatedBy", user.UserId); string strCurrentDate = DateTime.Now.ToString(); byte[] passwordSalt = Encryptor.EncryptText(strCurrentDate, user.UserName); string se = Convert.ToBase64String(passwordSalt); byte[] passwordHash = Encryptor.GenerateHash(answer.Password, se.ToString()); SqlParameter param5 = new SqlParameter("@PasswordHash", passwordHash); SqlParameter param6 = new SqlParameter("@PasswordSalt", passwordSalt); var id = ado.ExecScalarProc("RNDUserSecurityAnswers_Insert", "RND", new object[] { param1, param2, param3, param4, param5, param6 }); if (id != null) { answer.RNDUserSecurityAnswerId = Convert.ToInt32(id); } } catch (Exception ex) { _logger.Error(ex.Message); return(new HttpResponseMessage(HttpStatusCode.InternalServerError)); } return(Serializer.ReturnContent(answer, this.Configuration.Services.GetContentNegotiator(), this.Configuration.Formatters, this.Request)); }
public ActionResult ForgotPassword(RNDUserSecurityAnswer model) { bool isSuccess = false; string message = ""; try { var client = GetHttpClient(); var task = client.PutAsJsonAsync(Api + "api/login", model).ContinueWith((res) => { if (res.Result.IsSuccessStatusCode) { ApiViewModel VM = JsonConvert.DeserializeObject <ApiViewModel>(res.Result.Content.ReadAsStringAsync().Result); if (VM != null) { if (!string.IsNullOrEmpty(VM.Message)) { message = VM.Message; } else if (VM.Custom != null) { message = VM.Custom.Password; isSuccess = true; // LoggedInUser.IsSecurityApplied = true; } } } }); task.Wait(); } catch (Exception ex) { _logger.Error(ex.Message); } return(Json(new { isSuccess = isSuccess, message = message }, JsonRequestBehavior.AllowGet)); }
/// <summary> /// Save or Update the user details. /// </summary> /// <param name="answer"></param> /// <returns></returns> public HttpResponseMessage Put(RNDUserSecurityAnswer answer) { //SqlDataReader reader = null; ApiViewModel VM = new ApiViewModel(); // RNDLogin dbUser = null; try { // VM = new ApiViewModel(); if (answer != null) { int charaters = CommonConstants.PasswordLength; string newPassword = answer.Password;// charaters.RandomString(); string strCurrentDate = DateTime.Now.ToString(); byte[] strSaltTemp = Encryptor.EncryptText(strCurrentDate, answer.UserName); string se = Convert.ToBase64String(strSaltTemp); byte[] strPasswordHash = Encryptor.GenerateHash(newPassword, se.ToString()); AdoHelper ado = new AdoHelper(); SqlParameter param1 = new SqlParameter("@UserName", answer.UserName); SqlParameter param2 = new SqlParameter("@RNDSecurityQuestionId", answer.RNDSecurityQuestionId); SqlParameter param3 = new SqlParameter("@SecurityAnswer", answer.SecurityAnswer); SqlParameter param4 = new SqlParameter("@PasswordHash", strPasswordHash); SqlParameter param5 = new SqlParameter("@PasswordSalt", strSaltTemp); using (SqlDataReader reader = ado.ExecDataReaderProc("RNDUserPasswordReset", "RND", new object[] { param1, param2, param3, param4, param5 })) { if (reader.HasRows && reader.Read()) { int result = Convert.ToInt32(reader[0]); string userStatus = reader[1].ToString(); if (result == 0) { VM.Message = "Wrong Security Answer."; } else { VM.Custom = new RNDLogin { Password = newPassword, StatusCode = userStatus }; } } else { VM.Message = MessageConstants.InvalidUser; } if (ado._conn != null && ado._conn.State == System.Data.ConnectionState.Open) { ado._conn.Close(); ado._conn.Dispose(); } } } } catch (Exception ex) { _logger.Error(ex.Message); return(new HttpResponseMessage(HttpStatusCode.InternalServerError)); } return(Serializer.ReturnContent(VM, this.Configuration.Services.GetContentNegotiator(), this.Configuration.Formatters, this.Request)); }