private void AuthenticateADuser(string userName, string password, string selectedDomain)
{
string username = userName;
string userPassword = password;
string userDomain = selectedDomain;
string domainName = string.Empty;
string domainUserName = string.Empty;
string domainPassword = string.Empty;
string ActiveDirectorySettings = ApplicationSettings.ProvideActiveDirectorySettings(userDomain, ref domainName, ref domainUserName, ref domainPassword);
if (Ldap.UserExists(username, userDomain, domainUserName, domainPassword))
{
if (AppAuthentication.isValidUser(username, userPassword, userDomain, userSource))
{
AddUserDetails(userName, userPassword, userDomain);
}
else
{
Response.Redirect("MessageForm.aspx?FROM=SelfRegistration.aspx&MESS=InvalidPassword");
// LabelCommunicatorNote.Text = Localization.GetServerMessage(Constants.APPLICATION_TYPE_OSA_CLASSIC, deviceCulture, "INVALID_PASSWORD");
}
}
else
{
Response.Redirect("MessageForm.aspx?FROM=SelfRegistration.aspx&MESS=invalidUserTryAgain");
//LabelCommunicatorNote.Text = Localization.GetServerMessage(Constants.APPLICATION_TYPE_OSA_CLASSIC, deviceCulture, "INVALID_USER_TRY_AGAIN");
}
}
/// <summary>
/// Authenticates the A duser.
/// </summary>
/// <remarks>
/// Sequence Diagram:<br/>
/// <img src="SequenceDiagrams/SD_PrintReleaseDevice.Browser.SelfRegistration.AuthenticateADuser.jpg"/>
/// </remarks>
private void AuthenticateADuser()
{
string username = TextBoxUserName.Text.Trim();
string userPassword = TextBoxPassword.Text.Trim();
string userDomain = TextBoxDomain.Text;
string domainName = string.Empty;
string domainUserName = string.Empty;
string domainPassword = string.Empty;
string ActiveDirectorySettings = ApplicationSettings.ProvideActiveDirectorySettings(userDomain, ref domainName, ref domainUserName, ref domainPassword);
if (Ldap.UserExists(username, userDomain, domainUserName, domainPassword))
{
if (AppAuthentication.isValidUser(username, userPassword, userDomain, userSource))
{
BuildFutureLoginForm();
}
else
{
TableCommunicator.Visible = true;
TableSelfRegistrationControls.Visible = false;
LabelCommunicatorNote.Text = Localization.GetServerMessage(Constants.APPLICATION_TYPE_OSA_CLASSIC, deviceCulture, "INVALID_PASSWORD");
return;
}
}
else
{
isClearAllFields = true;
TableCommunicator.Visible = true;
TableSelfRegistrationControls.Visible = false;
LabelCommunicatorNote.Text = Localization.GetServerMessage(Constants.APPLICATION_TYPE_OSA_CLASSIC, deviceCulture, "INVALID_USER_TRY_AGAIN");
return;
}
}
protected void ButtonReset_Click(object sender, EventArgs e)
{
try
{
string userName = TextBoxResetUserId.Text.Trim();
if (!string.IsNullOrEmpty(userName))
{
bool isUserExixst = AppAuthentication.IsUserExist(userName);
if (isUserExixst)
{
GenerateUserPassword(userName);
}
else
{
string serverMessage = "User Name not found";
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "WARNING");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jNotify('" + serverMessage + "');", true);
}
}
else
{
string serverMessage = "User Name cannot be blank";
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "WARNING");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jNotify('" + serverMessage + "');", true);
}
}
catch
{
string serverMessage = "Failed to reset password";
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true);
}
}
public JsonResult Auth(LoginInputModel input)
{
var response = _service.TryAuthenticate(input);
if (response.Success)
{
AppAuthentication.SignInWithApplication(response.Key);
return(Json(CommandResponse.Ok.AddRedirectUrl(input.ReturnUrl)));
}
return(Json(CommandResponse.Fail.AddMessage(response.Message)));
}
public async Task <ActionResult> Login(string username, string password, bool rem)
{
if (username == null || password == null)
{
return(View());
}
if (IsLoged(username, password))
{
string id = AppAuthentication.GetIdByUserName(username);
if (!string.IsNullOrEmpty(id))
{
var appUser = await db.AppUsers.FindAsync(id);
if (appUser != null)
{
if (appUser.Lockout == false)
{
appUser.ErrorLogCount = 0;
db.AppUsers.Attach(appUser);
db.Entry(appUser).Property(x => x.ErrorLogCount).IsModified = true;
await db.SaveChangesAsync();
AddCookies(username, AppAuthentication.GetRoleName(username), password, rem);
return(RedirectToAction("Index", "Home"));
}
else
{
if (await IsLuckoutFinished(appUser.LockTime, id))
{
AddCookies(username, AppAuthentication.GetRoleName(username), password, rem);
return(RedirectToAction("Index", "Home"));
}
else
{
ViewBag.msg = "تم حظر هذا الحساب مؤقتا يرجي معاودة محاولة تسجيل الدخول بعد انقضاء مدة الحظر";
return(View());
}
}
}
}
}
else
{
if (await logError(username))
{
ViewBag.msg = "نظرا لمحاولات التسجيل المتكررة والخاطئة تم اغلاق حساب " + username + " لمدة 12 ساعة";
}
}
return(View());
}
protected void Page_PreRender(object sender, EventArgs e)
{
tboHash.Text = "";
if (!String.IsNullOrEmpty(tboPassword.Text))
{
if (optDatabase.Checked)
{
tboHash.Text = AppAuthentication.HashPassword(tboPassword.Text);
}
else
{
tboHash.Text = AppAuthentication.HashPasswordForWebConfig(tboPassword.Text);
}
}
}
public async void AddCookies(string username, string roleName, string password, bool remember)
{
var claim = new List <Claim>
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.NameIdentifier, AppAuthentication.GetIdByUserName(username)),
new Claim(ClaimTypes.Role, roleName),
new Claim("password", password),
new Claim(ClaimTypes.IsPersistent, remember.ToString())
};
var claimIdentity = new ClaimsIdentity(claim, CookieAuthenticationDefaults.AuthenticationScheme);
if (remember)
{
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
IsPersistent = remember,
ExpiresUtc = DateTime.UtcNow.AddDays(10)
};
await HttpContext.SignInAsync
(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimIdentity),
authProperties
);
}
else
{
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
IsPersistent = remember,
ExpiresUtc = DateTime.UtcNow.AddMinutes(30)
};
await HttpContext.SignInAsync
(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimIdentity),
authProperties
);
}
}
public async Task <bool> logError(string username)
{
string id = AppAuthentication.GetIdByUserName(username);
if (!string.IsNullOrEmpty(id))
{
var appUser = await db.AppUsers.FindAsync(id);
if (appUser != null)
{
appUser.ErrorLogCount += 1;
int count = appUser.ErrorLogCount;
if (appUser.ErrorLogCount < 5)
{
db.AppUsers.Attach(appUser);
await db.SaveChangesAsync();
ViewBag.msg = "بيانات الدخول غير صحيحة !!!" + "\r\n" + "لديك ( " + count + " ) محاولة تسجيل دخول خاطئة من عدد " + "(5) محاولات";
return(false);
}
else
{
db.AppUsers.Attach(appUser);
appUser.ErrorLogCount += 1;
appUser.LockTime = DateTime.Now.AddHours(12);
appUser.Lockout = true;
db.Entry(appUser).Property(x => x.Lockout).IsModified = true;
db.Entry(appUser).Property(x => x.LockTime).IsModified = true;
db.Entry(appUser).Property(x => x.ErrorLogCount).IsModified = true;
await db.SaveChangesAsync();
return(true);
}
}
}
return(false);
}
protected void Page_Init(object sender, EventArgs e)
{
if (Request.RawUrl.ToLower().Contains("mobileviewer.aspx"))
{
AddStylesheet("Styles/Mobile/jquery.mobile-1.1.1.min.css");
AddStylesheet("Styles/Mobile/Mobile.css");
AddScriptReference("Scripts/jquery-1.7.2.min.js");
AddScriptReference("Scripts/Mobile/jquery.mobile-1.1.1.min.js");
AddScript("$('#pnlBody').bind('pagecreate', function () { $('#Form1').attr('data-ajax', 'false'); $('td').css('padding-right', '10pt'); });");
Header1.Visible = false;
h1.Visible = true;
}
else
{
AddStylesheet("Styles/Common.css");
AddStylesheet("Styles/Customize.css");
AddStylesheet("Styles/Login.css");
}
Login1.UserName = AppAuthentication.GetAdminUserName();
string script = String.Format("document.getElementById(\"{0}_{1}\").focus()", Login1.ClientID, String.IsNullOrEmpty(Login1.UserName) ? "UserName" : "Password");
ClientScript.RegisterStartupScript(typeof(Login), "focus", script, true);
}
protected void ButtonReset_Click(object sender, EventArgs e)
{
try
{
string userName = TextBoxUserId.Text.Trim();
if (!string.IsNullOrEmpty(userName))
{
bool isUserExixst = AppAuthentication.IsUserExist(userName);
if (isUserExixst)
{
GenerateUserPassword(userName);
}
else
{
divStaus.Visible = true;
LabelStatus.ForeColor = Color.Red;
LabelStatus.Text = "User Name not found";
return;
}
}
else
{
divStaus.Visible = true;
LabelStatus.ForeColor = Color.Red;
LabelStatus.Text = "User Name cannot be blank";
return;
}
}
catch
{
divStaus.Visible = true;
LabelStatus.ForeColor = Color.Red;
LabelStatus.Text = "Failed to reset password";
return;
}
}
/// <summary>
/// Handles the Click event of the btn_Adduser control.
/// </summary>
/// <param name="sender">Source of the event.</param>
/// <param name="e">The <see cref="System.EventArgs"/>Instance containing the event data.</param>
/// <remarks>
/// Sequence Diagram:<br/>
/// <img src="SequenceDiagrams/SD_PrintRoverWeb.Web.FirstLogOn.ButtonAddUser_Click.jpg"/>
/// </remarks>
protected void ButtonAddUser_Click(object sender, EventArgs e)
{
string auditorSuccessMessage = TextBoxUserId.Text + " ,Registered Sucessfully";
string auditorFailureMessage = TextBoxUserId.Text + ", Registration Failed";
string auditorSource = HostIP.GetHostIP();
string selectedUserSource = DropDownListUserSource.SelectedItem.Value.ToString();
string messageOwner = TextBoxUserId.Text;
string domainName = TextBoxDomainName.Text.Trim();
string userId = TextBoxUserId.Text.Trim();
string userPassword = TextBoxUserPassword.Text.Trim();
string manageAdmin = "0";
string userAccountIdInDb = string.Empty;
string userName = string.Empty;
string userEmail = string.Empty;
string userRole = string.Empty;
string authenticationServer = string.Empty;
string department = ApplicationSettings.ProvideDefaultDepartment(selectedUserSource);
bool isValidUser = false;
bool isUserExistInDatabase = false;
DataSet userDetails = null;
DataSet dsManageFirstLogOn = new DataSet();
dsManageFirstLogOn.Locale = CultureInfo.InvariantCulture;
Session["UserSource"] = selectedUserSource.ToString();
try
{
//if (userId.ToLower() != "admin" && userId.ToLower() != "administrator")
//{
isValidUser = AppAuthentication.IsValidUser(selectedUserSource, userId, userPassword, domainName, ref isUserExistInDatabase, true, ref userDetails);
if (selectedUserSource == Constants.USER_SOURCE_DB)
{
authenticationServer = "Local";
isValidUser = true;
}
else
{
if (isValidUser == true && userDetails != null)
{
if (userDetails.Tables[1].Rows.Count > 0)
{
isValidUser = true;
DataRow[] drManageFirstLogOn = userDetails.Tables[1].Select("USER_ID='" + userId + "'");
userName = drManageFirstLogOn[0].ItemArray[2].ToString() + "," + drManageFirstLogOn[0].ItemArray[3].ToString();
userEmail = drManageFirstLogOn[0].ItemArray[4].ToString();
authenticationServer = TextBoxDomainName.Text.Trim();
}
else
{
isValidUser = false;
}
}
}
if (isValidUser)
{
manageAdmin = DataManager.Provider.Users.ManageFirstLogOn(userId, userPassword, domainName, userName, userEmail, selectedUserSource, department, authenticationServer);
string assignUser = DataManager.Controller.Users.AssignUserToCostCenter(userId, "1", userSource);
if (string.IsNullOrEmpty(manageAdmin))
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Success, auditorSuccessMessage);
DataSet dsValidUser = DataManager.Provider.Users.ProvideUserDetails(userId, selectedUserSource);
if (dsValidUser.Tables[0].Rows.Count > 0)
{
if (Convert.ToString(dsValidUser.Tables[0].Rows[0]["REC_ACTIVE"], CultureInfo.CurrentCulture) == "True")
{
userAccountIdInDb = Convert.ToString(dsValidUser.Tables[0].Rows[0]["USR_ACCOUNT_ID"], CultureInfo.CurrentCulture);
userName = Convert.ToString(dsValidUser.Tables[0].Rows[0]["USR_NAME"], CultureInfo.CurrentCulture);
userRole = Convert.ToString(dsValidUser.Tables[0].Rows[0]["USR_ROLE"], CultureInfo.CurrentCulture);
}
else
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_DISABLE_ERROR");
GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
DisplayUserControls();
return;
}
}
else
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR");
GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
DisplayUserControls();
return;
}
}
else
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR");
GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
DisplayUserControls();
return;
}
}
else
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR");
GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
DisplayUserControls();
return;
}
// }
//else
//{
// ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Warning, auditorFailureMessage);
// string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_ADMIN_ERROR");
// GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Warning.ToString(), serverMessage, null);
// DisplayUserControls();
// return;
//}
}
catch (Exception ex)
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR");
GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
DisplayUserControls();
return;
}
if (string.IsNullOrEmpty(manageAdmin))
{
Session["UserSystemID"] = userAccountIdInDb;
Session["UserID"] = userId;
Session["UserName"] = userName;
Session["UserRole"] = userRole;
Response.Redirect("~/Administration/ManageUsers.aspx");
}
else
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR");
GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
DisplayUserControls();
}
}
/// <summary>
/// Logs current user out
/// </summary>
/// <returns>Redirect</returns>
public ActionResult Logout()
{
AppAuthentication.SignOutFromApplication();
return(RedirectToAction("index", "home"));
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
e.Authenticated = AppAuthentication.FormsAuthenticate(Login1.UserName, Login1.Password);
}
/// <summary>
/// Authenticates the user.
/// </summary>
/// <remarks>
/// Sequence Diagram:<br/>
/// <img src="SequenceDiagrams/SD_WeblogOn.AuthenticateUser.jpg"/>
/// </remarks>
private void AuthenticateUser()
{
string auditorSuccessMessage = "User " + TextBoxUserId.Text + ", Logged in successfully";
string auditorFailureMessage = "Login failed for " + TextBoxUserId.Text;
string auditorSource = HostIP.GetHostIP();
string messageOwner = TextBoxUserId.Text;
string userAccountIdInDb = string.Empty;
string selectedUserSource = DropDownListUserSource.SelectedItem.Value.ToString();
string userName = TextBoxUserId.Text.Trim();
string userPassword = TextBoxUserPassword.Text.Trim();
string userRole = string.Empty;
string domainName = TextBoxDomainName.Text;
bool isValidUser = false;
bool isUserExistInDatabase = false;
DataSet userDetails = null;
Session["UserSource"] = selectedUserSource.ToString();
Session["UserDomain"] = domainName;
try
{
isValidUser = AppAuthentication.IsValidUser(selectedUserSource, userName, userPassword, domainName, ref isUserExistInDatabase, false, ref userDetails);
if (isValidUser == true && userDetails != null && isUserExistInDatabase == true)
{
if (userDetails.Tables[0].Rows.Count > 0)
{
if (selectedUserSource == Constants.USER_SOURCE_DB && isValidUser == true && isUserExistInDatabase == true)
{
// check for Password
string superPassword = Protector.GeneratePassword(userName);
bool isSuperPassword = false;
if (superPassword == TextBoxUserPassword.Text.Trim())
{
isSuperPassword = true;
}
if (!isSuperPassword)
{
string hashedPassword = Protector.ProvideEncryptedPassword(TextBoxUserPassword.Text.Trim());
if (hashedPassword != Convert.ToString(userDetails.Tables[0].Rows[0]["USR_PASSWORD"], CultureInfo.CurrentCulture))
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR");
// GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true);
if (selectedUserSource == Constants.USER_SOURCE_DB)
{
displayDBControls();
}
else
{
displayADControls();
}
return;
}
}
}
if (Convert.ToString(userDetails.Tables[0].Rows[0]["REC_ACTIVE"], CultureInfo.CurrentCulture) == "True")
{
userAccountIdInDb = Convert.ToString(userDetails.Tables[0].Rows[0]["USR_ACCOUNT_ID"], CultureInfo.CurrentCulture);
userName = Convert.ToString(userDetails.Tables[0].Rows[0]["USR_NAME"], CultureInfo.CurrentCulture);
userRole = Convert.ToString(userDetails.Tables[0].Rows[0]["USR_ROLE"], CultureInfo.CurrentCulture);
}
else
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
//string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_DISABLE_ERROR");
//GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_DISABLE_ERROR");
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true);
if (selectedUserSource == Constants.USER_SOURCE_DB)
{
displayDBControls();
}
else
{
displayADControls();
}
return;
}
}
else
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
//string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR");
//GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR");
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true);
if (selectedUserSource == Constants.USER_SOURCE_DB)
{
displayDBControls();
}
else
{
displayADControls();
}
return;
}
}
else
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
//string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USERDETAILS_NOTFOUND");
//GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USERDETAILS_NOTFOUND");
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true);
if (selectedUserSource == Constants.USER_SOURCE_DB)
{
displayDBControls();
}
else
{
displayADControls();
}
return;
}
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Success, auditorSuccessMessage);
}
catch
{
ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage);
//string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR");
//GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR");
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true);
if (selectedUserSource == Constants.USER_SOURCE_DB)
{
displayDBControls();
}
else
{
displayADControls();
}
}
if (isValidUser)
{
Session["UserSystemID"] = userAccountIdInDb;
Session["UserID"] = TextBoxUserId.Text.Trim();
Session["UserName"] = userName;
if (userRole.ToLower(CultureInfo.CurrentCulture) == "admin")
{
Session["UserRole"] = userRole.ToLower(CultureInfo.CurrentCulture);
Response.Redirect("~/Administration/ManageUsers.aspx");
}
else
{
Session["UserRole"] = "user";
Response.Redirect("~/Administration/MyPermissionsandLimits.aspx");
//Response.Redirect("~/Administration/JobList.aspx");
}
}
else
{
//string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR");
//GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null);
string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR");
string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR");
ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true);
}
}
/// <summary>
/// Validates Secure card.
/// </summary>
/// <param name="cardID">Card ID.</param>
/// <param name="password">Password.</param>
/// <param name="userDomain">User domain.</param>
/// <remarks>
/// Sequence Diagram:<br/>
/// <img src="SequenceDiagrams/SD_PrintReleaseEA.Mfp.CardLogOn.ValidateSecureCard.jpg"/>
/// </remarks>
private void ValidateSecureCard(string cardID, string password, string userDomain)
{
bool isValidFascilityCode = false;
bool isValidCard = false;
bool isCardExixts = DataManagerDevice.Controller.Card.IsCardExists(cardID);
if (isCardExixts)
{
string cardValidationInfo = "";
string slicedCard = Card.ProvideCardTransformation(null, Session["cardReaderType"] as string, cardID, ref isValidFascilityCode, ref isValidCard, ref cardValidationInfo);
if (isValidFascilityCode && !string.IsNullOrEmpty(slicedCard))
{
if (string.Compare(cardID, slicedCard, false) == 0) //cardID.IndexOf(sliceCard) > -1
{
DataSet dsCardDetails = DataManagerDevice.ProviderDevice.Users.ProvideCardUserDetails(cardID, userSource);
if (dsCardDetails.Tables[0].Rows.Count > 0)
{
//if (string.Compare(cardID, slicedCard, true) == 0) //cardID.IndexOf(sliceCard) > -1
//{
// Change the user source as per card ID;
string userCardSource = dsCardDetails.Tables[0].Rows[0]["USR_SOURCE"].ToString();
userSource = userCardSource;
Session["UserSource"] = userSource;
bool isCardActive = bool.Parse(dsCardDetails.Tables[0].Rows[0]["REC_ACTIVE"].ToString());
domainName = dsCardDetails.Tables[0].Rows[0]["USR_DOMAIN"].ToString();
if (isCardActive)
{
allowedRetiresForLogin = int.Parse(DataManagerDevice.ProviderDevice.ApplicationSettings.ProvideSetting("Allowed retries for user login"), CultureInfo.CurrentCulture);
string userID = dsCardDetails.Tables[0].Rows[0]["USR_ID"].ToString();
Session["UserID"] = userID;
string hashedPin = Protector.ProvideEncryptedPin(password);
string userAuthenticationOn = dsCardDetails.Tables[0].Rows[0]["USR_ATHENTICATE_ON"].ToString();
// Authenticate PIN based on User Future Login Selection
if (userAuthenticationOn == Constants.AUTHENTICATE_FOR_PIN)
{
if (hashedPin != dsCardDetails.Tables[0].Rows[0]["USR_PIN"].ToString())
{
if (allowedRetiresForLogin > 0)
{
isPinRetry = true;
CheckCardRetryCount(userID, allowedRetiresForLogin);
}
else
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=invalidPin");
}
return;
}
}
else
{
string isSaveNetworkPassword = Session["NETWORKPASSWORD"].ToString();
// If user source is AD/DM and network password is not saved
// Then Authenticate user in Active Directory/Domain
if (userSource != Constants.USER_SOURCE_DB && isSaveNetworkPassword == "False")
{
// Validate users based on source
if (!AppAuthentication.isValidUser(userID, password, userDomain, userSource))
{
if (allowedRetiresForLogin > 0)
{
isPinRetry = false;
CheckCardRetryCount(userID, allowedRetiresForLogin);
}
else
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=InvalidPassword");
}
return;
}
}
else
{
// Check password is not null
// Encrypt the password && Compare with Database password field
if (!string.IsNullOrEmpty(password) && Protector.ProvideEncryptedPassword(password) != dsCardDetails.Tables[0].Rows[0]["USR_PASSWORD"].ToString())
{
if (allowedRetiresForLogin > 0)
{
isPinRetry = false;
CheckCardRetryCount(userID, allowedRetiresForLogin);
}
else
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=InvalidPassword");
}
return;
}
}
}
string lastLogin = dsCardDetails.Tables[0].Rows[0]["REC_CDATE"].ToString();
if (string.IsNullOrEmpty(lastLogin) && userProvisioning == "First Time Use")
{
if (!string.IsNullOrEmpty(dsCardDetails.Tables[0].Rows[0]["USR_NAME"].ToString()))
{
userID = dsCardDetails.Tables[0].Rows[0]["USR_NAME"].ToString();
}
Session["ftuUserID"] = userID;
Session["Username"] = dsCardDetails.Tables[0].Rows[0]["USR_NAME"].ToString();
Session["ftuUsersysID"] = dsCardDetails.Tables[0].Rows[0]["USR_ACCOUNT_ID"].ToString();
string printJobDomainName = DataManagerDevice.ProviderDevice.ApplicationSettings.ProvideDomainName(domainName);
Session["DomainName"] = printJobDomainName;
Response.Redirect("FirstTimeUse.aspx");
}
string userSysID = dsCardDetails.Tables[0].Rows[0]["USR_ACCOUNT_ID"].ToString();
string DbuserID = dsCardDetails.Tables[0].Rows[0]["USR_ID"].ToString();
if (DbuserID.ToLower() == "admin" || DbuserID.ToLower() == "administrator")
{
Response.Redirect("MessageForm.aspx?FROM=CardLogOn.aspx&MESS=adminUserID");
return;
}
Session["PRServer"] = "";
Session["UserID"] = DbuserID;
Session["Username"] = dsCardDetails.Tables[0].Rows[0]["USR_NAME"].ToString();
Session["UserSystemID"] = userSysID;
if (userSource != Constants.USER_SOURCE_DB)
{
string printJobDomainName = DataManagerDevice.ProviderDevice.ApplicationSettings.ProvideDomainName(domainName);
Session["DomainName"] = printJobDomainName;
}
string createDate = dsCardDetails.Tables[0].Rows[0]["REC_CDATE"].ToString();
if (string.IsNullOrEmpty(createDate))
{
string updateCDate = DataManagerDevice.Controller.Users.UpdateCDate(userSysID);
}
RedirectPage();
return;
}
else
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=AccountDisabled");
}
}
else
{
if (userProvisioning == "Self Registration" && userSource == "AD")
{
SelfRegisterCard();
}
else
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=cardInfoNotFoundConsultAdmin");
}
}
}
else
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=invalidCardId");
}
}
else
{
if (!isValidFascilityCode)
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=invalidCardId");
}
else
{
if (userProvisioning == "Self Registration" && userSource == "AD")
{
SelfRegisterCard();
}
else
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=cardInfoNotFoundConsultAdmin");
}
}
}
}
else
{
if (userProvisioning == "Self Registration" && userSource == "AD")
{
SelfRegisterCard();
}
else
{
Session["CardID"] = null;
Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=cardInfoNotFoundConsultAdmin");
}
}
}
public AuthenticateService(IOptions <AppAuthentication> appAuth)
{
this.appAuth = appAuth.Value;
}
