public ActionResult LogOn(LogonUser logonUser, string UserName) { //1 => pass 2=> failed 3 => locked 4 => 90 days pwd expired 5 => first time login 6 => Forget pwd LogonUserSession logonUserSession = new LogonUserSession(); try { int status = 0; if (ModelState.IsValid) { UserLogonData userLogon = new UserLogonData(); UserDetails userDetails = userLogon.GetUserDeatils(logonUser); if (userDetails.Active != 0 && userDetails.UserId > 0) { status = ValidateLogonUser(1, userDetails, logonUser, logonUserSession); } else { status = ValidateLogonUser(0, userDetails, logonUser, logonUserSession); } if (status == 1) { logonUserSession.USERNAME = logonUser.UserName; DataTable dt = userLogon.GetEmployeeId(userDetails.UserId); Session["Username"] = userDetails.Firstname + " " + userDetails.Lastname; Session["EmployeeId"] = dt.Rows[0]["Employee_Id"].ToString(); Session["DepartmentId"] = dt.Rows[0]["DepartmentId"].ToString(); Session["UserID"] = userDetails.UserId; Session["Gender"] = dt.Rows[0]["Gender"].ToString(); Int64 roleid = userDetails.RoleId;; Session["RoleId"] = userDetails.RoleId; Session["MyRole"] = dt.Rows[0]["ROLE_NAME"].ToString(); SessionHelper.LogonUser = logonUserSession; //SessionHelper.IPAddress = WebClientBase.GetIPAddress(HttpContext.Request); //SessionHelper.BrowserName = WebClientBase.GetBrowserTypeAndVersion(HttpContext.Request); return(Redirect(GetHomeUrl())); } else if (status == 3) { if ((byte.Parse(logonUserSession.STATUS.ToString())) == Status.NO_OF_ATM_LOCKED) { logonUser.Message = "User locked for no of attempts"; } else { } } else if (status == 5) { logonUserSession.TEMPUSERNAME = logonUser.UserName;// if first login after enter sec qns then assign to Session[Status.USERNAME] SessionHelper.LogonUser = logonUserSession; return(RedirectToAction("SecurityQuestions", "Account")); } else if (status == Status.PWDEXPIRED || status == Status.FORGETPWD) { logonUserSession.TEMPUSERNAME = logonUser.UserName;// if AFTER 90DAYS login after CHANGE PWD then assign to Session[Status.USERNAME] SessionHelper.LogonUser = logonUserSession; return(RedirectToAction("ForgetChangePassword", "Account")); } else if (status == 2) { logonUser.Message = "The username or password you entered is incorrect."; } else if (status == 8) { logonUser.Message = "User Account is Deactivated"; } else { } } return(View(logonUser)); } catch (Exception ex) { BaseExceptionHandler.HandleException(ref ex); } return(View(logonUser)); }
public ActionResult ForgotPassword(ForgotPasswordModel forget, string Password, string button) { try { if (button == "Cancel") { return(RedirectToAction("Logon", "Account")); } if (ModelState.IsValid) { int status; ForgotPasswordModel forgotPwd = new ForgotPasswordModel(); string secUserAns = forget.inhrtSecurityQuestionModel.SecAns; Int64 secQunId = forget.inhrtSecurityQuestionModel.SelectedSecQsn; encryptSha1 obj = new encryptSha1(); secUserAns = obj.GetSHA1HashData(secUserAns.ToUpper()); string msg = ""; UserLogonData userLogon = new UserLogonData(); LogonUser logonUser = new LogonUser(); logonUser.UserName = forget.UserName; UserDetails userDetails = userLogon.GetUserDeatils(logonUser); if (userDetails.Active != 0 && userDetails.UserId > 0) { status = compareSecAns(forget.UserName, userDetails.SecQunId, userDetails.SecAns, userDetails.Status, userDetails.UserId, secUserAns, secQunId); //1 success 0 incorrect username 2 secQun or ans incorrect if (status == Status.NO_OF_ATM_LOCKED) { forget.inhrtSecurityQuestionModel = initialDDLFillBase(); forget.Message = "User locked for no of attempts"; } else if (status == Status.FIRSTLOGIN) { return(RedirectToAction("logon", "account", new { statusId = Status.FIRSTLOGIN })); } else if (status == Status.PASS) { msg = "FORGET_PASS"; if (userLogon.UpdateStatus(userDetails.UserId, Status.FORGETPWD, msg) == true) { //update cur date in last_pwd_change while ,if pwd expiry ,not change he attempt forget pwd Encrypt encrypt = new Encrypt(); string TempPassword = encrypt.CreateRandomPassword(6); string EncryptedPassword = encrypt.GetSHA1HashData(TempPassword); userLogon.ForgotPassword(userDetails.UserId, encrypt.GetSHA1HashData(EncryptedPassword + userDetails.UserId)); string Templateid = "3"; string spname = "MTS_UserPasswordEmail"; spname = userDetails.Mailid + "," + userDetails.Firstname + "," + userDetails.Lastname + "," + TempPassword; userLogon.MailSending(spname, Templateid); forget.Message = "Password sent your mail id"; return(RedirectToAction("EmailSending", "account")); // for forgot password } else { //forget.Message = resource.GetResource("~/Views/Logon.cshtml", "Failed"); } } else if (status == 2) { forget.inhrtSecurityQuestionModel = initialDDLFillBase(); forget.Message = "The Sec Question or answer you entered is incorrect."; } else { } } else { forget.inhrtSecurityQuestionModel = initialDDLFillBase(); forget.Message = "Invalid user id."; } } else { forget.inhrtSecurityQuestionModel = initialDDLFillBase(); } return(View(forget)); } catch (Exception ex) { throw ex; } }