internal void SendResetEmail(Login_DTO_Create dto, string token) { Resources.BBCode bbc = new Resources.BBCode(); using (eMail email = new eMail()) { string Body = ""; string Subject = ""; string InvitationUrl = ""; Body = Label.Get("email.body.account-reset", dto.LngIsoCode); Subject = Label.Get("email.subject.account-reset", dto.LngIsoCode); InvitationUrl = "[url=" + Configuration_BSO.GetCustomConfig(ConfigType.global, "url.application") + Utility.GetCustomConfig("APP_COOKIELINK_INVITATION_1FA") + '/' + dto.CcnUsername + '/' + token + "]" + "[/url]"; Body = Body + Environment.NewLine + InvitationUrl; Body = bbc.Transform(Body, true); email.Body = Body; email.Subject = Subject; email.To.Add(dto.CcnEmail); email.Send(); } }
internal int CreateLogin(Login_DTO_Create dto, string samAccountName, string token = null) { List <ADO_inputParams> inputParamList = new List <ADO_inputParams>() { new ADO_inputParams() { name = "@CcnUsernameCreator", value = samAccountName }, new ADO_inputParams() { name = "@CcnUsername", value = dto.CcnUsername }, }; if (token != null) { inputParamList.Add(new ADO_inputParams() { name = "@LgnToken1FA", value = token }); } // A return parameter is required for the operation ADO_returnParam retParam = new ADO_returnParam(); retParam.name = "return"; retParam.value = 0; //Attempting to create the new entity ado.ExecuteNonQueryProcedure("Security_Login_Create", inputParamList, ref retParam); //Assign the returned value for checking and output return(retParam.value); }
private void SendEmail(Login_DTO_Create lDto, string token, string nextMethod) { string url = Configuration_BSO.GetCustomConfig(ConfigType.global, "url.application") + "?method=" + nextMethod + "&email=" + lDto.CcnEmail + '&' + "name=" + Uri.EscapeUriString(lDto.CcnDisplayname) + '&' + "token=" + token; string link = "<a href = " + url + ">" + Label.Get("email.body.header.anchor-text", lDto.LngIsoCode) + "</a>"; string subject = string.Format(Label.Get("email.subject.update-1fa", lDto.LngIsoCode), Configuration_BSO.GetCustomConfig(ConfigType.global, "title")); string to = lDto.CcnEmail; string header = string.Format(Label.Get("email.body.header.update-1fa", lDto.LngIsoCode), lDto.CcnDisplayname, Configuration_BSO.GetCustomConfig(ConfigType.global, "title")); string subHeader = string.Format(Label.Get("email.body.sub-header.update-1fa"), link); string footer = string.Format(Label.Get("email.body.footer", lDto.LngIsoCode), lDto.CcnDisplayname); Email_BSO.SendLoginTemplateEmail(subject, new List <string>() { to }, header, url, footer, subHeader, lDto.LngIsoCode); }
internal bool CreateLogin(Login_DTO_Create dto, string samAccountName, string token = null) { Login_ADO lAdo = new Login_ADO(ado); return(lAdo.CreateLogin(dto, samAccountName, token) > 0); }
/// <summary> /// Execute /// </summary> /// <returns></returns> protected override bool Execute() { //A power user may not create an Administrator if (IsPowerUser() && DTO.PrvCode.Equals(Resources.Constants.C_SECURITY_PRIVILEGE_ADMINISTRATOR)) { Log.Instance.Debug("A power user may not create an Administrator"); Response.error = Label.Get("error.privilege"); return(false); } //We need to check if the requested user is NOT in Active Directory, otherwise we refuse the request. ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO(); ActiveDirectory_DTO adDto = adAdo.GetUser(Ado, DTO); if (adDto.CcnUsername != null) { Log.Instance.Debug("Account exists already"); Response.error = Label.Get("error.create"); return(false); } //Validation of parameters and user have been successful. We may now proceed to read from the database var adoAccount = new Account_ADO(); //First we must check if the Account exists already (we can't have duplicates) if (adoAccount.Exists(Ado, DTO.CcnEmail)) { //This Account exists already, we can't proceed Log.Instance.Debug("Account exists already"); Response.error = Label.Get("error.duplicate"); return(false); } //Next check if the email exists if (adoAccount.ExistsByEmail(Ado, DTO.CcnEmail)) { //This Account exists already, we can't proceed Log.Instance.Debug("Account exists already"); Response.error = Label.Get("error.duplicate"); return(false); } //make sure this email isn't an AD email - they should not become local users var aduser = adAdo.GetAdSpecificDataForEmail(DTO.CcnEmail); if (aduser != null) { //This Account exists in AD, we can't proceed Log.Instance.Debug("Account exists in AD"); Response.error = Label.Get("error.create"); return(false); } //Create the Account - and retrieve the newly created Id int newId = adoAccount.Create(Ado, new Account_DTO_Create() { CcnUsername = DTO.CcnUsername, CcnNotificationFlag = DTO.CcnNotificationFlag, LngIsoCode = DTO.LngIsoCode, PrvCode = DTO.PrvCode, CcnDisplayName = DTO.CcnDisplayName, CcnEmail = DTO.CcnEmail }, SamAccountName, false); if (newId == 0) { Log.Instance.Debug("adoAccount.Create - can't create Account"); Response.error = Label.Get("error.create"); return(false); } Login_DTO_Create lDto = new Login_DTO_Create() { CcnUsername = DTO.CcnEmail, LngIsoCode = DTO.LngIsoCode, CcnEmail = DTO.CcnEmail, CcnDisplayname = DTO.CcnDisplayName }; Login_BSO lBso = new Login_BSO(Ado); string token = Utility.GetRandomSHA256(newId.ToString()); if (lBso.CreateLogin(lDto, SamAccountName, token)) { SendEmail(lDto, token, "PxStat.Security.Login_API.Create1FA"); } else { Response.error = Label.Get("error.create"); return(false); } Response.data = JSONRPC.success; return(true); }
/// <summary> /// Execute /// </summary> /// <returns></returns> protected override bool Execute() { if (!ReCAPTCHA.Validate(DTO.Captcha)) { Response.error = Label.Get("error.authentication"); return(false); } if (DTO.CcnUsername == null) { DTO.CcnUsername = DTO.CcnEmail; } //Not allowed for AD users ActiveDirectory_ADO adAdo = new ActiveDirectory_ADO(); ActiveDirectory_DTO adDto = adAdo.GetUser(Ado, DTO); if (adDto.CcnDisplayName != null) { Response.data = JSONRPC.success; return(true); } Account_ADO ccnAdo = new Account_ADO(); var user = ccnAdo.Read(Ado, new Account_DTO_Read() { CcnUsername = DTO.CcnEmail }); if (!user.hasData) { Response.data = JSONRPC.success; return(true); } if (user.data[0].CcnEmail.Equals(DBNull.Value) || user.data[0].CcnDisplayName.Equals(DBNull.Value)) { Response.data = JSONRPC.success; return(true); } DTO.CcnEmail = user.data[0].CcnEmail; Login_BSO lBso = new Login_BSO(Ado); string loginToken = Utility.GetRandomSHA256(user.data[0].CcnId.ToString()); Login_DTO_Create ldto = new Login_DTO_Create() { CcnUsername = DTO.CcnEmail, LngIsoCode = DTO.LngIsoCode, CcnEmail = DTO.CcnEmail, CcnDisplayname = user.data[0].CcnDisplayName }; if (lBso.Update1FaTokenForUser(DTO.CcnEmail, loginToken) != null) { SendEmail(new Login_DTO_Create() { CcnUsername = user.data[0].CcnUsername, LngIsoCode = DTO.LngIsoCode, CcnEmail = user.data[0].CcnEmail, CcnDisplayname = user.data[0].CcnDisplayName }, loginToken, "PxStat.Security.Login_API.Update1FA"); Response.data = JSONRPC.success; return(true); } else { Response.error = Label.Get("error.create"); return(false); } }