public static User FromRUser(this RA.User raUser) { return(new User() { Username = raUser.userLogin, FirstName = raUser.userFirstName, LastName = raUser.userLastName, }); }
public bool AuthenticateUser(string username, string password, out string msg, out string fullName) { RA.User u = null; bool result = false; SessionManager.Instance.MetaData.Users.BackgroundListLoad(); fullName = string.Empty; var users = SessionManager.Instance.MetaData.Users; bool validUser = users.Any(x => ((RA.User)x).userLogin.ToLower() == username.ToLower()); if (validUser) { u = (RA.User)(users.First(x => ((RA.User)x).userLogin.ToLower() == username.ToLower())); } String encryptedPassword = RiskAppCore.User.encryptPassword(password); bool authenticated = false; int numFailedAttempts = 0; int numMaxFailures = 5; int lockoutPeriod = 0; string lockoutMsg = ""; RiskApps3.Utilities.ParameterCollection pc = new RiskApps3.Utilities.ParameterCollection(); pc.Add("ntLoginName", ""); pc.Add("userLogin", (u != null) ? u.userLogin : username); pc.Add("userPassword", encryptedPassword); SqlDataReader reader = BCDB2.Instance.ExecuteReaderSPWithParams("sp_Authenticate_User", pc); if (reader != null) { if (reader.Read()) { authenticated = (bool)reader.GetSqlBoolean(0); numFailedAttempts = (int)reader.GetInt32(1); numMaxFailures = (int)reader.GetInt32(2); lockoutPeriod = (int)reader.GetInt32(3); } reader.Close(); } if ((!validUser) || (!authenticated)) //note that if they're not a valid user they won't be authenticated, but we've updated the failed count and timeout values { if (lockoutPeriod > 0) { lockoutMsg = "\r\nLogin attempts will be blocked for " + lockoutPeriod.ToString() + " minute" + ((lockoutPeriod > 1) ? "s." : "."); } else { lockoutMsg = "\r\nYou have made " + numFailedAttempts.ToString() + " failed Login attempt" + ((numFailedAttempts > 1) ? "s" : "") + " of a maximum " + numMaxFailures.ToString() + " allowed."; } } msg = lockoutMsg; if (numFailedAttempts == 1) { msg = "You have provided an incorrect username or password.\r\nPlease correct your password or try a different user." + lockoutMsg; } result = (validUser && authenticated); if (result) { SessionManager.Instance.ActiveUser = u; HraObject.AuditUserLogin(u.userLogin); fullName = u.User_userFullName; _hraSessionManager.SetRaActiveUser(username); } return(result); }
/// <summary> /// For use with user default meta data contruction /// </summary> /// <param name="u"></param> /// <param name="readOnly">should this object be locked against db persistance?</param> public GUIPreference(User u, bool readOnly = false) { this.ReadOnly = readOnly; this.PrefSubtype = Subtype.User; annotations = new PedigreeAnnotationList("-1"); owningPatient = null; parentName = u.userLogin; formName = "Default"; }
private static void InitUserGUIPrefs(User u) { SessionManager.Instance.MetaData.CurrentUserDefaultPedigreePrefs = new RiskApps3.Model.PatientRecord.GUIPreference(u); }
private void loginButton_Click(object sender, EventArgs e) { string lockoutMsg = ""; User u = null; bool validUser = users.Any(x => ((User)x).userLogin.ToLower() == usernameTextBox.Text.ToLower()); if (validUser) { u = (User)(users.First(x => ((User)x).userLogin.ToLower() == usernameTextBox.Text.ToLower())); } // begin jdg 10/30/15 NameValueCollection values = Configurator.GetConfig("AppSettings"); if (values != null) { LDAPSecurityContext = values["SecurityContext"]; } if (String.IsNullOrEmpty(LDAPSecurityContext)) { LDAPSecurityContext = "Off"; } bool bLDAPSuccess = false; bool bLDAP = (((LDAPSecurityContext.ToUpper() == "MACHINE") || (LDAPSecurityContext.ToUpper() == "DOMAIN")) ? true : false); try { if (bLDAP) { switch (LDAPSecurityContext.ToUpper()) { case "MACHINE": using (var context = new PrincipalContext(ContextType.Machine)) { if (context.ValidateCredentials(usernameTextBox.Text, passwordTextBox.Text)) { bLDAPSuccess = true; } } break; case "DOMAIN": using (var context = new PrincipalContext(ContextType.Domain)) { if (context.ValidateCredentials(usernameTextBox.Text, passwordTextBox.Text)) { bLDAPSuccess = true; } } break; default: break; } } } catch (Exception excLDAP) { RiskApps3.Utilities.Logger.Instance.WriteToLog("LDAP Authentication failed for user " + usernameTextBox.Text + " for this reason: " + excLDAP.ToString()); } // end jdg 10/30/15 String encryptedPassword = RiskAppCore.User.encryptPassword(passwordTextBox.Text); bool authenticated = false; int numFailedAttempts = 0; int numMaxFailures = 5; int lockoutPeriod = 0; lockoutMsg = ""; Utilities.ParameterCollection pc = new Utilities.ParameterCollection(); pc.Add("ntLoginName", DBUtils.makeSQLSafe(ntUser)); pc.Add("userLogin", DBUtils.makeSQLSafe((u != null) ? u.userLogin : usernameTextBox.Text)); //if (SessionManager.Instance.MetaData.Globals.encryptPasswords) if ((SessionManager.Instance.MetaData.Globals.encryptPasswords) && (!bLDAP)) { pc.Add("userPassword", DBUtils.makeSQLSafe(encryptedPassword)); } else { pc.Add("userPassword", DBUtils.makeSQLSafe(passwordTextBox.Text)); } // begin jdg 10/30/15 pc.Add("bLDAP", (bLDAP ? 1 : 0)); pc.Add("bLDAPSuccess", (bLDAPSuccess ? 1 : 0)); // end jdg 10/30/15 SqlDataReader reader = BCDB2.Instance.ExecuteReaderSPWithParams("sp_Authenticate_User", pc); if (reader != null) { if (reader.Read()) { authenticated = (bool)reader.GetSqlBoolean(0); numFailedAttempts = (int)reader.GetInt32(1); numMaxFailures = (int)reader.GetInt32(2); lockoutPeriod = (int)reader.GetInt32(3); } reader.Close(); } if ((!validUser) || (!authenticated)) //note that if they're not a valid user they won't be authenticated, but we've updated the failed count and timeout values { if (lockoutPeriod > 0) { lockoutMsg = "\r\nLogin attempts will be blocked for " + lockoutPeriod.ToString() + " minute" + ((lockoutPeriod > 1) ? "s." : "."); } else { lockoutMsg = "\r\nYou have made " + numFailedAttempts.ToString() + " failed Login attempt" + ((numFailedAttempts > 1) ? "s" : "") + " of a maximum " + numMaxFailures.ToString() + " allowed."; } } if (validUser && authenticated) { //see if user is forced to change password if (!bLDAP) // jdg 10/30/15 { if (ApplicationUtils.checkPasswordForceChange(u.userLogin)) { String username = usernameTextBox.Text; SessionManager.Instance.MetaData.Users.BackgroundListLoad(); passwordTextBox.Text = ""; usernameTextBox.Text = username; this.DialogResult = System.Windows.Forms.DialogResult.None; return; } if (ApplicationUtils.checkPasswordDateOK(u.userLogin) == false) { String username = usernameTextBox.Text; SessionManager.Instance.MetaData.Users.BackgroundListLoad(); passwordTextBox.Text = ""; usernameTextBox.Text = username; this.DialogResult = System.Windows.Forms.DialogResult.None; return; } } roleID = RiskAppCore.User.fetchUserRoleID(u.userLogin); roleName = RiskAppCore.User.fetchUserRoleName(u.userLogin); switch (roleName) { case "Tablet": RiskAppCore.ErrorMessages.Show(RiskAppCore.ErrorMessages.ROLE_ACCESS_DENIED); return; default: break; } SessionManager.Instance.ActiveUser = u; InitUserGUIPrefs(u); u.UserClinicList.user_login = u.userLogin; u.UserClinicList.AddHandlersWithLoad(null, UserClinicListLoaded, null); //DialogResult = DialogResult.OK; HraObject.AuditUserLogin(u.userLogin); stopWatch.Stop(); // Get the elapsed time as a TimeSpan value. TimeSpan ts = stopWatch.Elapsed; if (ts.TotalSeconds < requiredSplashTime) { progressBar1.Style = ProgressBarStyle.Blocks; progressBar1.Value = progressBar1.Maximum; progressBar1.Refresh(); Application.DoEvents(); Thread.Sleep((int)(1000 * (requiredSplashTime - ts.TotalSeconds))); } return; } if (numFailedAttempts == 1) { MessageBox.Show( "You have provided an incorrect username or password.\r\nPlease correct your password or try a different user." + lockoutMsg, "Incorrect Username/Password", MessageBoxButtons.OK, MessageBoxIcon.Information); } else if (numFailedAttempts > 1) { MessageBox.Show( lockoutMsg, "Incorrect Username/Password", MessageBoxButtons.OK, MessageBoxIcon.Information); } return; }