/// <summary>
/// Retrieve the Registered user security quetion details
/// </summary>
/// <param name="recID"></param>
/// <returns></returns>
public HttpResponseMessage Get(int recID)
{
_logger.Debug("UserSecurity Get called");
//SqlDataReader reader = null;
RNDUserSecurityAnswer security = null;
try
{
CurrentUser user = ApiUser;
security = new RNDUserSecurityAnswer();
AdoHelper ado = new AdoHelper();
security.RNDSecurityQuestions = new List <SelectListItem>()
{
GetInitialSelectItem()
};
if (recID > 0)
{
}
else
{
using (SqlDataReader reader = ado.ExecDataReaderProc("RNDSecurityQuestions_READ", "RND", null))
{
if (reader.HasRows)
{
while (reader.Read())
{
security.RNDSecurityQuestions.Add(new SelectListItem
{
Value = Convert.ToString(reader["RNDSecurityQuestionId"]),
Text = Convert.ToString(reader["Question"]),
});
}
}
if (ado._conn != null && ado._conn.State == System.Data.ConnectionState.Open)
{
ado._conn.Close(); ado._conn.Dispose();
}
}
}
security.UserName = ApiUser.UserName;
return(Serializer.ReturnContent(security, this.Configuration.Services.GetContentNegotiator(), this.Configuration.Formatters, this.Request));
}
catch (Exception ex)
{
_logger.Error(ex.Message);
return(new HttpResponseMessage(HttpStatusCode.InternalServerError));
}
}
/// <summary>
/// Login validate the registered user details
/// </summary>
/// <param name="userName"></param>
/// <returns></returns>
public HttpResponseMessage Get(string userName)
{
_logger.Debug("Login Get called");
//SqlDataReader reader = null;
RNDUserSecurityAnswer answer = null;
try
{
CurrentUser user = ApiUser;
answer = new RNDUserSecurityAnswer();
AdoHelper ado = new AdoHelper();
answer.RNDSecurityQuestions = new List <SelectListItem>()
{
GetInitialSelectItem()
};
if (!string.IsNullOrEmpty(userName))
{
SqlParameter param1 = new SqlParameter("@UserName", userName);
using (SqlDataReader reader = ado.ExecDataReaderProc("RNDUserSecurityAnswers_Read", "RND", new object[] { param1 }))
{
if (reader.HasRows)
{
while (reader.Read())
{
answer.RNDSecurityQuestions.Add(new SelectListItem
{
Value = Convert.ToString(reader["RNDSecurityQuestionId"]),
Text = Convert.ToString(reader["Question"]),
Selected = true,
});
answer.RNDSecurityQuestionId = Convert.ToInt32(reader["RNDSecurityQuestionId"]);
}
}
if (ado._conn != null && ado._conn.State == System.Data.ConnectionState.Open)
{
ado._conn.Close(); ado._conn.Dispose();
}
}
}
return(Serializer.ReturnContent(answer, this.Configuration.Services.GetContentNegotiator(), this.Configuration.Formatters, this.Request));
}
catch (Exception ex)
{
_logger.Error(ex.Message);
return(new HttpResponseMessage(HttpStatusCode.InternalServerError));
}
}
public ActionResult SecuityConfig(RNDUserSecurityAnswer model)
{
string message = "";
bool isSuccess = false;
try
{
//start here
var client = GetHttpClient();
var task = client.PutAsJsonAsync(Api + "api/login", model).ContinueWith((res) =>
{
if (res.Result.IsSuccessStatusCode)
{
ApiViewModel VM = JsonConvert.DeserializeObject <ApiViewModel>(res.Result.Content.ReadAsStringAsync().Result);
if (VM != null)
{
if (!string.IsNullOrEmpty(VM.Message))
{
message = VM.Message;
}
else if (VM.Custom != null)
{
message = VM.Custom.Password;
isSuccess = true;
LoggedInUser.IsSecurityApplied = true;
}
if (isSuccess && this.HttpContext.Session["CurrentUser"] != null)
{
CurrentUser currentUser = (CurrentUser)this.HttpContext.Session["CurrentUser"];
currentUser.StatusCode = VM.Custom.StatusCode;
this.HttpContext.Session["CurrentUser"] = currentUser;
}
}
}
});
task.Wait();
}
catch (Exception ex)
{
_logger.Error(ex.Message);
}
return(RedirectToAction("WorkSutdyList", "WorkStudy"));
}
public ActionResult SecuityConfig()
{
bool IsSecurityApplied = LoggedInUser.IsSecurityApplied;
RNDUserSecurityAnswer rndUserSecurityAnswer = null;
// store list of Security question in ViewBag.ddSecurityQuestions to access from Front End
//IEnumerable<LMSSecurityQuestion> securityQuestions = unitofwork.LMSSecurityQuestionRepository.Get(x => x.StatusCode == StatusCodeConstants.Active);
//List<SelectListItem> ddSecurityQuestions = new List<SelectListItem> { new SelectListItem { Text = "Please Select", Value = "-1" } };
//securityQuestions.ToList().ForEach(x => ddSecurityQuestions.Add(new SelectListItem { Text = x.Question, Value = x.LMSSecurityQuestionId.ToString() }));
List <SelectListItem> ddSecurityQuestions = null;
try
{
var client = GetHttpClient();
var task = client.GetAsync(Api + "api/UserSecurity?recID=0").ContinueWith((res) =>
{
if (res.Result.IsSuccessStatusCode)
{
// RNDUserSecurityAnswer
rndUserSecurityAnswer = JsonConvert.DeserializeObject <RNDUserSecurityAnswer>(res.Result.Content.ReadAsStringAsync().Result);
if (rndUserSecurityAnswer != null)
{
ddSecurityQuestions = rndUserSecurityAnswer.RNDSecurityQuestions;
rndUserSecurityAnswer.IsSecurityApplied = IsSecurityApplied;
}
}
});
task.Wait();
// ViewBag.UserName = UserName;
}
catch (Exception ex)
{
_logger.Error(ex.Message);
}
ViewBag.ddSecurityQuestions = ddSecurityQuestions;
// returns if the Security question is assigned to the Logged in user.
// return View(IsSecurityApplied);
return(View(rndUserSecurityAnswer));
}
/// <summary>
/// Load Security
/// </summary>
/// <param name="UserName"></param>
/// <returns></returns>
public ActionResult LoadSecurity(string UserName)
{
try
{
bool isSuccess = false;
string securityQuestion = "";
string message = "";
var client = GetHttpClient();
var task = client.GetAsync(Api + "api/login?userName="******"Invalid user";
}
}
else
{
message = "Invalid user";
}
}
});
task.Wait();
return(Json(new { IsSuccess = isSuccess, SecurityQuestion = securityQuestion, Message = message }, JsonRequestBehavior.AllowGet));
}
catch (Exception ex)
{
_logger.Error(ex.Message);
throw;
}
}
/// <summary>
/// Save the Registered user security quetion details
/// </summary>
/// <param name="answer"></param>
/// <returns></returns>
public HttpResponseMessage Post(RNDUserSecurityAnswer answer)
{
string data = string.Empty;
try
{
CurrentUser user = ApiUser;
AdoHelper ado = new AdoHelper();
SqlParameter param1 = new SqlParameter("@RNDLoginId", user.UserId);
SqlParameter param2 = new SqlParameter("@RNDSecurityQuestionId", answer.RNDSecurityQuestionId);
//
SqlParameter param3 = new SqlParameter("@SecurityAnswer", answer.SecurityAnswer);
SqlParameter param4 = new SqlParameter("@CreatedBy", user.UserId);
string strCurrentDate = DateTime.Now.ToString();
byte[] passwordSalt = Encryptor.EncryptText(strCurrentDate, user.UserName);
string se = Convert.ToBase64String(passwordSalt);
byte[] passwordHash = Encryptor.GenerateHash(answer.Password, se.ToString());
SqlParameter param5 = new SqlParameter("@PasswordHash", passwordHash);
SqlParameter param6 = new SqlParameter("@PasswordSalt", passwordSalt);
var id = ado.ExecScalarProc("RNDUserSecurityAnswers_Insert", "RND", new object[] { param1, param2, param3, param4, param5, param6 });
if (id != null)
{
answer.RNDUserSecurityAnswerId = Convert.ToInt32(id);
}
}
catch (Exception ex)
{
_logger.Error(ex.Message);
return(new HttpResponseMessage(HttpStatusCode.InternalServerError));
}
return(Serializer.ReturnContent(answer, this.Configuration.Services.GetContentNegotiator(), this.Configuration.Formatters, this.Request));
}
public ActionResult ForgotPassword(RNDUserSecurityAnswer model)
{
bool isSuccess = false;
string message = "";
try
{
var client = GetHttpClient();
var task = client.PutAsJsonAsync(Api + "api/login", model).ContinueWith((res) =>
{
if (res.Result.IsSuccessStatusCode)
{
ApiViewModel VM = JsonConvert.DeserializeObject <ApiViewModel>(res.Result.Content.ReadAsStringAsync().Result);
if (VM != null)
{
if (!string.IsNullOrEmpty(VM.Message))
{
message = VM.Message;
}
else if (VM.Custom != null)
{
message = VM.Custom.Password;
isSuccess = true;
// LoggedInUser.IsSecurityApplied = true;
}
}
}
});
task.Wait();
}
catch (Exception ex)
{
_logger.Error(ex.Message);
}
return(Json(new { isSuccess = isSuccess, message = message }, JsonRequestBehavior.AllowGet));
}
/// <summary>
/// Save or Update the user details.
/// </summary>
/// <param name="answer"></param>
/// <returns></returns>
public HttpResponseMessage Put(RNDUserSecurityAnswer answer)
{
//SqlDataReader reader = null;
ApiViewModel VM = new ApiViewModel();
// RNDLogin dbUser = null;
try
{
// VM = new ApiViewModel();
if (answer != null)
{
int charaters = CommonConstants.PasswordLength;
string newPassword = answer.Password;// charaters.RandomString();
string strCurrentDate = DateTime.Now.ToString();
byte[] strSaltTemp = Encryptor.EncryptText(strCurrentDate, answer.UserName);
string se = Convert.ToBase64String(strSaltTemp);
byte[] strPasswordHash = Encryptor.GenerateHash(newPassword, se.ToString());
AdoHelper ado = new AdoHelper();
SqlParameter param1 = new SqlParameter("@UserName", answer.UserName);
SqlParameter param2 = new SqlParameter("@RNDSecurityQuestionId", answer.RNDSecurityQuestionId);
SqlParameter param3 = new SqlParameter("@SecurityAnswer", answer.SecurityAnswer);
SqlParameter param4 = new SqlParameter("@PasswordHash", strPasswordHash);
SqlParameter param5 = new SqlParameter("@PasswordSalt", strSaltTemp);
using (SqlDataReader reader = ado.ExecDataReaderProc("RNDUserPasswordReset", "RND", new object[] { param1, param2, param3, param4, param5 }))
{
if (reader.HasRows && reader.Read())
{
int result = Convert.ToInt32(reader[0]);
string userStatus = reader[1].ToString();
if (result == 0)
{
VM.Message = "Wrong Security Answer.";
}
else
{
VM.Custom = new RNDLogin {
Password = newPassword, StatusCode = userStatus
};
}
}
else
{
VM.Message = MessageConstants.InvalidUser;
}
if (ado._conn != null && ado._conn.State == System.Data.ConnectionState.Open)
{
ado._conn.Close(); ado._conn.Dispose();
}
}
}
}
catch (Exception ex)
{
_logger.Error(ex.Message);
return(new HttpResponseMessage(HttpStatusCode.InternalServerError));
}
return(Serializer.ReturnContent(VM, this.Configuration.Services.GetContentNegotiator(), this.Configuration.Formatters, this.Request));
}