public ActionResult ResetPassword(ResetNewPasswordViewModel _passwordInfo) { try { if (!ModelState.IsValid) { return(View()); } AuthenticatedUser _authUser; using (AuthRepository Repo = new AuthRepository()) { _authUser = Repo.GetAuthenticatedUserById(CurrentUser.EmployeeInfoId); } if (_authUser.IsFirstTimeLogin == false) { return(RedirectToAction("GeneralInfo", "Profile")); } if (RijndaelCrypt.DecryptPassword(_authUser.PasswordHash, _authUser.Salt) == _passwordInfo.NewPassword) { TempData["Msg"] = AlertMessageProvider.FailureMessage("New password should not be same as current password."); return(View()); } var _accountInfo = new AccountInfo(); _accountInfo.Id = CurrentUser.AccountId; _accountInfo.Salt = RandomPassword.Generate(18, 20); _accountInfo.PasswordHash = RijndaelCrypt.EncryptPassword(_passwordInfo.NewPassword, _accountInfo.Salt); _accountInfo.IsFirstTimeLogin = false; using (AccountRepository Repo = new AccountRepository()) { Repo.ChangeNewPassword(_accountInfo); } var ctx = Request.GetOwinContext(); var authManager = ctx.Authentication; authManager.SignOut("ApplicationCookie"); TempData["Msg"] = "<span style='color:green; text-align:center;'>Password has been reset successfully.</span>"; return(RedirectToAction("Login", "Auth", new { area = "" })); } catch (Exception ex) { TempData["Msg"] = AlertMessageProvider.FailureMessage(ex.ToString()); return(View()); } }
public ActionResult ResetPassword(ResetNewPasswordViewModel passwordInfo) { try { if (TempData["AccountId"] == null) { return(RedirectToAction("Login", "Auth")); } if (!ModelState.IsValid) { return(View()); } int _accountId = (int)TempData["AccountId"]; var _accountInfo = new AccountInfo(); _accountInfo.Id = _accountId; _accountInfo.Salt = RandomPassword.Generate(18, 20); _accountInfo.PasswordHash = RijndaelCrypt.EncryptPassword(passwordInfo.NewPassword, _accountInfo.Salt); _accountInfo.IsFirstTimeLogin = false; using (AccountRepository Repo = new AccountRepository()) { Repo.ChangeNewPassword(_accountInfo); } using (AccountConfirmationRepository Repo = new AccountConfirmationRepository()) { AccountConfirmationInfo _accountConfirmation = null; _accountConfirmation = Repo.GetAccountConfirmationByAccountId(_accountId); if (_accountConfirmation != null) { Repo.DeleteAccountConfirmation(_accountConfirmation.Id); } } TempData["Msg"] = "<span style='color:green; text-align:center;'>Password has been reset successfully.</span>"; return(RedirectToAction("Login", "Auth")); } catch (Exception ex) { TempData["Msg"] = "<span style='color:red; text-align:center;'>" + ex.Message.ToString() + ".</span>"; return(View()); } }
public ActionResult ChangePassword(ChangePasswordViewModel passwordInfo) { try { if (!ModelState.IsValid) { return(View()); } var _account = new AccountInfo(); using (AccountRepository Repo = new AccountRepository()) { _account = Repo.GetEmployeeAccountById(CurrentUser.AccountId); } string decryptedPassword = RijndaelCrypt.DecryptPassword(_account.PasswordHash, _account.Salt); if (decryptedPassword != passwordInfo.CurrentPassword) { TempData["Msg"] = AlertMessageProvider.FailureMessage("Current password is invalid."); return(View()); } if (decryptedPassword == passwordInfo.NewPassword) { TempData["Msg"] = AlertMessageProvider.FailureMessage("New password should not be same as current password."); return(View()); } _account.Salt = RandomPassword.Generate(18, 20); _account.PasswordHash = RijndaelCrypt.EncryptPassword(passwordInfo.NewPassword, _account.Salt); using (AccountRepository Repo = new AccountRepository()) { Repo.ChangeNewPassword(_account); } TempData["Msg"] = AlertMessageProvider.SuccessMessage("Password changed successfully."); return(View()); } catch (Exception ex) { return(View("Error", new HandleErrorInfo(ex, "Auth", "ChangePassword"))); } }
public ActionResult Create(AccountInfo accountInfo) { try { if (ModelState.IsValid) { var _employeeInfo = new Model.EmployeeInfo(); _employeeInfo.CreatedByAccountId = CurrentUser.AccountId; _employeeInfo.CreatedDate = DateTime.Now; int employeeInfoId; int accountId; string saltValue = RandomPassword.Generate(18, 20); string password = RijndaelCrypt.EncryptPassword(RandomPassword.Generate(), saltValue); accountInfo.CompanyEmail = accountInfo.CompanyEmail.ToLower(); accountInfo.PasswordHash = password; accountInfo.Salt = saltValue; accountInfo.LastLoginDate = DateTime.Now; accountInfo.LastLoginIp = ""; accountInfo.IsActive = true; accountInfo.IsFirstTimeLogin = true; using (var transaction = new System.Transactions.TransactionScope()) { using (AccountRepository Repo = new AccountRepository()) { if (Repo.IsEmailExist(accountInfo.CompanyEmail) == true) { TempData["Msg"] = AlertMessageProvider.FailureMessage("Email already exist."); return(View()); } int roleId = Repo.GetRoleIdByName("Anonymous"); accountInfo.RoleId = roleId; accountId = Repo.CreateAccount(accountInfo); } using (AccountCheckListRepository Repo = new AccountCheckListRepository()) { var _accountCheckList = new AccountCheckListInfo(accountId); Repo.SaveAccountCheckList(_accountCheckList); } using (EmployeeRepository Repo = new EmployeeRepository()) { _employeeInfo.AccountId = accountId; employeeInfoId = Repo.SaveEmployeeInfo(_employeeInfo); } using (LeaveAllowedRepository Repo = new LeaveAllowedRepository()) { LeaveAllowedInfo _leaveAllowed = new LeaveAllowedInfo(0, 0, employeeInfoId, CurrentUser.AccountId); Repo.SaveLeaveAllowed(_leaveAllowed); } using (SalaryRepository Repo = new SalaryRepository()) { var _salaryInfo = new SalaryInfo(CurrentUser.AccountId, employeeInfoId); Repo.SaveSalary(_salaryInfo); } using (FamilyMemberRepository Repo = new FamilyMemberRepository()) { var _familyMember = new FamilyMemberInfo { Name = "Self", Relation = "Selef", EmployeeInfoId = employeeInfoId }; Repo.SaveFamilyMember(_familyMember); } transaction.Complete(); } List <string> To = new List <string>() { accountInfo.CompanyEmail }; string Subject = "LPS Online Account Information"; var LoginUrl = Url.Action("Login", "Auth", new { Area = "" }, protocol: Request.Url.Scheme); string Body = "Dear Employee, <br/><br/>" + "Your account has been created.<br/>" + "Please ensure to save the username and password written below:<br/><br/>" + "Username: <b>" + accountInfo.CompanyEmail + "</b><br/>" + "Password: <b>" + RijndaelCrypt.DecryptPassword(accountInfo.PasswordHash, accountInfo.Salt) + "</b><br/><br/>" + "<a href='" + LoginUrl + "' target='_blank'>" + LoginUrl + "</a><br/>" + "You can login to your account to use LPS online services.<br/><br/>" + "Thanks,<br/>" + "<b>Logic Powered Solutions</b>"; bool result = EmailSender.Send(Subject, Body, To); if (result) { TempData["Msg"] = AlertMessageProvider.SuccessMessage("Account created, email has been sent to employee successfully."); } else { TempData["Msg"] = AlertMessageProvider.FailureMessage("Something went wrong! email not sent, please try again later."); } return(RedirectToAction("Manage", "Account")); } return(View()); } catch (Exception ex) { return(View("Error", new HandleErrorInfo(ex, "Account", "Create"))); } }