public ActionResult Captcha(string empty)
        {
            LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func();
            string username  = (string)Session["username"];
            User   LoginUser = HelperFunc.UsernameExists(username);

            if (this.IsCaptchaValid("Captcha is not valid"))
            {
                LoginUser.CaptchaCounter = 0;
                DB.Users.Attach(LoginUser);
                var entry1 = DB.Entry(LoginUser);
                entry1.Property(e => e.CaptchaCounter).IsModified = true;
                // other changed properties
                DB.SaveChanges();
                return(RedirectToAction("Login"));
            }
            LoginUser.CaptchaCounter++;
            DB.Users.Attach(LoginUser);
            var entry2 = DB.Entry(LoginUser);

            entry2.Property(e => e.CaptchaCounter).IsModified = true;
            // other changed properties
            DB.SaveChanges();
            if (LoginUser.CaptchaCounter > 5)
            {
                LoginUser.State = "Blocked";
                var entry3 = DB.Entry(LoginUser);
                entry3.Property(e => e.State).IsModified = true;
                DB.SaveChanges();
                return(RedirectToAction("BlockUser"));
            }

            ViewBag.ErrMessage = "Error: captcha is not valid.";
            return(View());
        }
        public ActionResult ResetPassword(string id)
        {
            List <Question> QList = DB.Questions.ToList();

            ViewBag.Quests = QList;
            LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func();
            User returnedUser = HelperFunc.UpdateNavToLisk(id);

            if (returnedUser == null)
            {
                return(RedirectToAction("Expired"));
            }
            int      userID     = returnedUser.ID;
            DateTime epiredDate = (DateTime)(returnedUser.ResetPasswordDate);
            bool     navToLink  = returnedUser.navigateToLink;

            //int userID = DB.Users.Where(x => x.ResetPasswordCode.ToString() == id).FirstOrDefault().ID;
            //DateTime epiredDate = (DateTime)(DB.Users.Where(x => x.ID == userID).FirstOrDefault().ResetPasswordDate);
            //bool navToLink = DB.Users.Where(x => x.ID == userID).FirstOrDefault().navigateToLink;
            if (DateTime.Now > epiredDate.AddDays(1) || navToLink == true)
            {
                return(RedirectToAction("Expired"));
            }
            returnedUser.navigateToLink = true;
            DB.Users.Attach(returnedUser);
            var entry = DB.Entry(returnedUser);

            entry.Property(e => e.navigateToLink).IsModified = true;
            // other changed properties
            DB.SaveChanges();
            resetPasswordModel model = new resetPasswordModel();

            model.id = userID;
            return(View(model));
        }
        public ActionResult ResetPassword(resetPasswordModel model)
        {
            User   U            = DB.Users.Where(n => n.ID == model.id).Where(n => n.ID == model.id).FirstOrDefault();
            string hashedAnswer = LogInOut_ForgPass_Func.GenerateSHA256String(model.Answer);
            int    questinID    = DB.Questions.Where(a => a.QTextEnglish == model.Question).FirstOrDefault().ID;

            //User x = DB.Users.Where(n => n.ID == model.id).Where(n => n.QuestionAnswer == hashedAnswer).FirstOrDefault();
            if (questinID == U.QuestionID && U.QuestionAnswer == hashedAnswer)
            {
                U.Password = LogInOut_ForgPass_Func.GenerateSHA256String(model.Password);
                TempData["passwordChanged"] = "Password changed successfully";
                DB.Entry(U).State           = System.Data.Entity.EntityState.Modified;
                DB.SaveChanges();
            }
            else
            {
                TempData["passwordChanged"] = "Question Or answer is wrong";
            }
            return(RedirectToAction("PassChanged"));
        }
        public ActionResult Login(loginModel model)
        {
            ViewBag.captchacount = 0.ToString();

            if (model.Username == null || model.Password == null)
            {
            }
            else
            {
                Session["username"] = model.Username.ToString();

                string hashedPassword = LogInOut_ForgPass_Func.GenerateSHA256String(model.Password);
                if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.State != "Active").FirstOrDefault() != null)
                {
                    ViewBag.message = "User Blocked";
                }
                else if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.IsEmailVerified == false).FirstOrDefault() != null)
                {
                    ViewBag.message = "User not verified";
                }

                else if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.Password == hashedPassword).FirstOrDefault() != null)
                {
                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                        1,                        // Ticket version
                        model.Username,           // Username to be associated with this ticket
                        DateTime.Now,             // Date/time ticket was issued
                        DateTime.Now.AddDays(14), // Date and time the cookie will expire
                        false,                    // if user has chcked rememebr me then create persistent cookie
                        model.Username,
                        FormsAuthentication.FormsCookiePath);
                    string encrypted = FormsAuthentication.Encrypt(ticket);
                    var    cooki     = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
                    cooki.Expires  = DateTime.Now.AddDays(14);
                    cooki.HttpOnly = true;
                    Response.Cookies.Add(cooki);

                    using (DBentities db = new DBentities())
                    {
                        LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func();
                        User resetCaptcha = HelperFunc.UsernameExists(model.Username);
                        resetCaptcha.CaptchaCounter = 0;
                        db.Users.Attach(resetCaptcha);
                        var ourentry = db.Entry(resetCaptcha);
                        ourentry.Property(e => e.CaptchaCounter).IsModified = true;
                        db.SaveChanges();
                    }
                    return(RedirectToAction("UserDashboard", "Dashboard"));
                }
                else
                {
                    ViewBag.message = "Wrong password";

                    LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func();
                    User LoginUser = HelperFunc.UsernameExists(model.Username);
                    //User LoginUser = (from u in DB.Users
                    //          where u.Email == model.EmailID
                    //          select u).FirstOrDefault();
                    if (LoginUser != null)
                    {
                        LoginUser.CaptchaCounter++;
                        ViewBag.captchacount = LoginUser.CaptchaCounter.ToString();
                        DB.Users.Attach(LoginUser);
                        var entry = DB.Entry(LoginUser);
                        entry.Property(e => e.CaptchaCounter).IsModified = true;
                        // other changed properties
                        DB.SaveChanges();
                        if (LoginUser.CaptchaCounter > 3)
                        {
                            return(RedirectToAction("Captcha"));
                        }
                    }
                    else
                    {
                        ViewBag.message = "Wrong username or password";
                    }
                }
            }
            return(View());
        }
예제 #5
0
        public ActionResult Register([Bind(Exclude = "Admin,State,IsEmailVerified,ActivationCode")] User user)
        {
            bool   Status  = false;
            string message = "";

            //
            //model validation
            if (ModelState.IsValid)
            {
                #region    //email already exists
                //User exist = RegisterHelperFunc.UserExists(user.Email);
                User emailExist    = DB.Users.Where(x => x.Email == user.Email).FirstOrDefault();
                User usernameExist = RegisterHelperFunc.UsernameExists(user.UserName);
                if (emailExist != null && usernameExist != null)
                {
                    ViewBag.validate = "Username and Email already exist";
                    return(View(user));
                }
                else if (emailExist != null)
                {
                    ViewBag.validate = "Email already exist";
                    ModelState.AddModelError("Email Exists", "Email already exists");
                    return(View(user));
                }
                else if (usernameExist != null)
                {
                    ViewBag.validate = "Username already exist";
                    return(View(user));
                }
                #endregion
                #region Generate Activation code
                user.ActivationCode = Guid.NewGuid();
                #endregion
                #region password hashing
                user.Password = LogInOut_ForgPass_Func.GenerateSHA256String(user.Password);
                //user.ConfirmPassword = Crypto.Hash(user.ConfirmPassword);
                #endregion

                #region answer hashing
                user.QuestionAnswer = LogInOut_ForgPass_Func.GenerateSHA256String(user.QuestionAnswer);
                #endregion

                user.IsEmailVerified = false;
                user.CaptchaCounter  = 0;
                user.navigateToLink  = false;
                #region save to database
                // using (DBentities db = new DBentities())
                //{
                //   user.State = "active";
                ///  string ques = Request.Params[6].ToString();
                // user.Question = (from q in db.Questions
                //                 where q.QTextEnglish == ques
                //                select q).FirstOrDefault();
                user.Admin = false;
                user.State = "Active";
                DB.Users.Add(user);
                DB.SaveChanges();

                //send email to user
                RegisterHelperFunc.OldURL = Request.Url.PathAndQuery;
                RegisterHelperFunc.sendverification(user.Email, user.ActivationCode.ToString());
                message = "successfully registered. Account activation link has been sent to email: " + user.Email;
                Status  = true;
                // }
                #endregion
            }
            else
            {
                message = "Invalid Request";
            }

            //generate activation code

            //password  hashing


            //save data to database
            ViewBag.Message   = message;
            ViewBag.Status    = Status;
            ViewBag.questions = DB.Questions.ToList();
            return(View(user));
            //return Content("ok");
        }