private void AuthenticateADuser(string userName, string password, string selectedDomain) { string username = userName; string userPassword = password; string userDomain = selectedDomain; string domainName = string.Empty; string domainUserName = string.Empty; string domainPassword = string.Empty; string ActiveDirectorySettings = ApplicationSettings.ProvideActiveDirectorySettings(userDomain, ref domainName, ref domainUserName, ref domainPassword); if (Ldap.UserExists(username, userDomain, domainUserName, domainPassword)) { if (AppAuthentication.isValidUser(username, userPassword, userDomain, userSource)) { AddUserDetails(userName, userPassword, userDomain); } else { Response.Redirect("MessageForm.aspx?FROM=SelfRegistration.aspx&MESS=InvalidPassword"); // LabelCommunicatorNote.Text = Localization.GetServerMessage(Constants.APPLICATION_TYPE_OSA_CLASSIC, deviceCulture, "INVALID_PASSWORD"); } } else { Response.Redirect("MessageForm.aspx?FROM=SelfRegistration.aspx&MESS=invalidUserTryAgain"); //LabelCommunicatorNote.Text = Localization.GetServerMessage(Constants.APPLICATION_TYPE_OSA_CLASSIC, deviceCulture, "INVALID_USER_TRY_AGAIN"); } }
/// <summary> /// Authenticates the A duser. /// </summary> /// <remarks> /// Sequence Diagram:<br/> /// <img src="SequenceDiagrams/SD_PrintReleaseDevice.Browser.SelfRegistration.AuthenticateADuser.jpg"/> /// </remarks> private void AuthenticateADuser() { string username = TextBoxUserName.Text.Trim(); string userPassword = TextBoxPassword.Text.Trim(); string userDomain = TextBoxDomain.Text; string domainName = string.Empty; string domainUserName = string.Empty; string domainPassword = string.Empty; string ActiveDirectorySettings = ApplicationSettings.ProvideActiveDirectorySettings(userDomain, ref domainName, ref domainUserName, ref domainPassword); if (Ldap.UserExists(username, userDomain, domainUserName, domainPassword)) { if (AppAuthentication.isValidUser(username, userPassword, userDomain, userSource)) { BuildFutureLoginForm(); } else { TableCommunicator.Visible = true; TableSelfRegistrationControls.Visible = false; LabelCommunicatorNote.Text = Localization.GetServerMessage(Constants.APPLICATION_TYPE_OSA_CLASSIC, deviceCulture, "INVALID_PASSWORD"); return; } } else { isClearAllFields = true; TableCommunicator.Visible = true; TableSelfRegistrationControls.Visible = false; LabelCommunicatorNote.Text = Localization.GetServerMessage(Constants.APPLICATION_TYPE_OSA_CLASSIC, deviceCulture, "INVALID_USER_TRY_AGAIN"); return; } }
protected void ButtonReset_Click(object sender, EventArgs e) { try { string userName = TextBoxResetUserId.Text.Trim(); if (!string.IsNullOrEmpty(userName)) { bool isUserExixst = AppAuthentication.IsUserExist(userName); if (isUserExixst) { GenerateUserPassword(userName); } else { string serverMessage = "User Name not found"; string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "WARNING"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jNotify('" + serverMessage + "');", true); } } else { string serverMessage = "User Name cannot be blank"; string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "WARNING"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jNotify('" + serverMessage + "');", true); } } catch { string serverMessage = "Failed to reset password"; string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true); } }
public JsonResult Auth(LoginInputModel input) { var response = _service.TryAuthenticate(input); if (response.Success) { AppAuthentication.SignInWithApplication(response.Key); return(Json(CommandResponse.Ok.AddRedirectUrl(input.ReturnUrl))); } return(Json(CommandResponse.Fail.AddMessage(response.Message))); }
public async Task <ActionResult> Login(string username, string password, bool rem) { if (username == null || password == null) { return(View()); } if (IsLoged(username, password)) { string id = AppAuthentication.GetIdByUserName(username); if (!string.IsNullOrEmpty(id)) { var appUser = await db.AppUsers.FindAsync(id); if (appUser != null) { if (appUser.Lockout == false) { appUser.ErrorLogCount = 0; db.AppUsers.Attach(appUser); db.Entry(appUser).Property(x => x.ErrorLogCount).IsModified = true; await db.SaveChangesAsync(); AddCookies(username, AppAuthentication.GetRoleName(username), password, rem); return(RedirectToAction("Index", "Home")); } else { if (await IsLuckoutFinished(appUser.LockTime, id)) { AddCookies(username, AppAuthentication.GetRoleName(username), password, rem); return(RedirectToAction("Index", "Home")); } else { ViewBag.msg = "تم حظر هذا الحساب مؤقتا يرجي معاودة محاولة تسجيل الدخول بعد انقضاء مدة الحظر"; return(View()); } } } } } else { if (await logError(username)) { ViewBag.msg = "نظرا لمحاولات التسجيل المتكررة والخاطئة تم اغلاق حساب " + username + " لمدة 12 ساعة"; } } return(View()); }
protected void Page_PreRender(object sender, EventArgs e) { tboHash.Text = ""; if (!String.IsNullOrEmpty(tboPassword.Text)) { if (optDatabase.Checked) { tboHash.Text = AppAuthentication.HashPassword(tboPassword.Text); } else { tboHash.Text = AppAuthentication.HashPasswordForWebConfig(tboPassword.Text); } } }
public async void AddCookies(string username, string roleName, string password, bool remember) { var claim = new List <Claim> { new Claim(ClaimTypes.Name, username), new Claim(ClaimTypes.NameIdentifier, AppAuthentication.GetIdByUserName(username)), new Claim(ClaimTypes.Role, roleName), new Claim("password", password), new Claim(ClaimTypes.IsPersistent, remember.ToString()) }; var claimIdentity = new ClaimsIdentity(claim, CookieAuthenticationDefaults.AuthenticationScheme); if (remember) { var authProperties = new AuthenticationProperties { AllowRefresh = true, IsPersistent = remember, ExpiresUtc = DateTime.UtcNow.AddDays(10) }; await HttpContext.SignInAsync ( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimIdentity), authProperties ); } else { var authProperties = new AuthenticationProperties { AllowRefresh = true, IsPersistent = remember, ExpiresUtc = DateTime.UtcNow.AddMinutes(30) }; await HttpContext.SignInAsync ( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimIdentity), authProperties ); } }
public async Task <bool> logError(string username) { string id = AppAuthentication.GetIdByUserName(username); if (!string.IsNullOrEmpty(id)) { var appUser = await db.AppUsers.FindAsync(id); if (appUser != null) { appUser.ErrorLogCount += 1; int count = appUser.ErrorLogCount; if (appUser.ErrorLogCount < 5) { db.AppUsers.Attach(appUser); await db.SaveChangesAsync(); ViewBag.msg = "بيانات الدخول غير صحيحة !!!" + "\r\n" + "لديك ( " + count + " ) محاولة تسجيل دخول خاطئة من عدد " + "(5) محاولات"; return(false); } else { db.AppUsers.Attach(appUser); appUser.ErrorLogCount += 1; appUser.LockTime = DateTime.Now.AddHours(12); appUser.Lockout = true; db.Entry(appUser).Property(x => x.Lockout).IsModified = true; db.Entry(appUser).Property(x => x.LockTime).IsModified = true; db.Entry(appUser).Property(x => x.ErrorLogCount).IsModified = true; await db.SaveChangesAsync(); return(true); } } } return(false); }
protected void Page_Init(object sender, EventArgs e) { if (Request.RawUrl.ToLower().Contains("mobileviewer.aspx")) { AddStylesheet("Styles/Mobile/jquery.mobile-1.1.1.min.css"); AddStylesheet("Styles/Mobile/Mobile.css"); AddScriptReference("Scripts/jquery-1.7.2.min.js"); AddScriptReference("Scripts/Mobile/jquery.mobile-1.1.1.min.js"); AddScript("$('#pnlBody').bind('pagecreate', function () { $('#Form1').attr('data-ajax', 'false'); $('td').css('padding-right', '10pt'); });"); Header1.Visible = false; h1.Visible = true; } else { AddStylesheet("Styles/Common.css"); AddStylesheet("Styles/Customize.css"); AddStylesheet("Styles/Login.css"); } Login1.UserName = AppAuthentication.GetAdminUserName(); string script = String.Format("document.getElementById(\"{0}_{1}\").focus()", Login1.ClientID, String.IsNullOrEmpty(Login1.UserName) ? "UserName" : "Password"); ClientScript.RegisterStartupScript(typeof(Login), "focus", script, true); }
protected void ButtonReset_Click(object sender, EventArgs e) { try { string userName = TextBoxUserId.Text.Trim(); if (!string.IsNullOrEmpty(userName)) { bool isUserExixst = AppAuthentication.IsUserExist(userName); if (isUserExixst) { GenerateUserPassword(userName); } else { divStaus.Visible = true; LabelStatus.ForeColor = Color.Red; LabelStatus.Text = "User Name not found"; return; } } else { divStaus.Visible = true; LabelStatus.ForeColor = Color.Red; LabelStatus.Text = "User Name cannot be blank"; return; } } catch { divStaus.Visible = true; LabelStatus.ForeColor = Color.Red; LabelStatus.Text = "Failed to reset password"; return; } }
/// <summary> /// Handles the Click event of the btn_Adduser control. /// </summary> /// <param name="sender">Source of the event.</param> /// <param name="e">The <see cref="System.EventArgs"/>Instance containing the event data.</param> /// <remarks> /// Sequence Diagram:<br/> /// <img src="SequenceDiagrams/SD_PrintRoverWeb.Web.FirstLogOn.ButtonAddUser_Click.jpg"/> /// </remarks> protected void ButtonAddUser_Click(object sender, EventArgs e) { string auditorSuccessMessage = TextBoxUserId.Text + " ,Registered Sucessfully"; string auditorFailureMessage = TextBoxUserId.Text + ", Registration Failed"; string auditorSource = HostIP.GetHostIP(); string selectedUserSource = DropDownListUserSource.SelectedItem.Value.ToString(); string messageOwner = TextBoxUserId.Text; string domainName = TextBoxDomainName.Text.Trim(); string userId = TextBoxUserId.Text.Trim(); string userPassword = TextBoxUserPassword.Text.Trim(); string manageAdmin = "0"; string userAccountIdInDb = string.Empty; string userName = string.Empty; string userEmail = string.Empty; string userRole = string.Empty; string authenticationServer = string.Empty; string department = ApplicationSettings.ProvideDefaultDepartment(selectedUserSource); bool isValidUser = false; bool isUserExistInDatabase = false; DataSet userDetails = null; DataSet dsManageFirstLogOn = new DataSet(); dsManageFirstLogOn.Locale = CultureInfo.InvariantCulture; Session["UserSource"] = selectedUserSource.ToString(); try { //if (userId.ToLower() != "admin" && userId.ToLower() != "administrator") //{ isValidUser = AppAuthentication.IsValidUser(selectedUserSource, userId, userPassword, domainName, ref isUserExistInDatabase, true, ref userDetails); if (selectedUserSource == Constants.USER_SOURCE_DB) { authenticationServer = "Local"; isValidUser = true; } else { if (isValidUser == true && userDetails != null) { if (userDetails.Tables[1].Rows.Count > 0) { isValidUser = true; DataRow[] drManageFirstLogOn = userDetails.Tables[1].Select("USER_ID='" + userId + "'"); userName = drManageFirstLogOn[0].ItemArray[2].ToString() + "," + drManageFirstLogOn[0].ItemArray[3].ToString(); userEmail = drManageFirstLogOn[0].ItemArray[4].ToString(); authenticationServer = TextBoxDomainName.Text.Trim(); } else { isValidUser = false; } } } if (isValidUser) { manageAdmin = DataManager.Provider.Users.ManageFirstLogOn(userId, userPassword, domainName, userName, userEmail, selectedUserSource, department, authenticationServer); string assignUser = DataManager.Controller.Users.AssignUserToCostCenter(userId, "1", userSource); if (string.IsNullOrEmpty(manageAdmin)) { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Success, auditorSuccessMessage); DataSet dsValidUser = DataManager.Provider.Users.ProvideUserDetails(userId, selectedUserSource); if (dsValidUser.Tables[0].Rows.Count > 0) { if (Convert.ToString(dsValidUser.Tables[0].Rows[0]["REC_ACTIVE"], CultureInfo.CurrentCulture) == "True") { userAccountIdInDb = Convert.ToString(dsValidUser.Tables[0].Rows[0]["USR_ACCOUNT_ID"], CultureInfo.CurrentCulture); userName = Convert.ToString(dsValidUser.Tables[0].Rows[0]["USR_NAME"], CultureInfo.CurrentCulture); userRole = Convert.ToString(dsValidUser.Tables[0].Rows[0]["USR_ROLE"], CultureInfo.CurrentCulture); } else { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_DISABLE_ERROR"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); DisplayUserControls(); return; } } else { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); DisplayUserControls(); return; } } else { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); DisplayUserControls(); return; } } else { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); DisplayUserControls(); return; } // } //else //{ // ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Warning, auditorFailureMessage); // string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_ADMIN_ERROR"); // GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Warning.ToString(), serverMessage, null); // DisplayUserControls(); // return; //} } catch (Exception ex) { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); DisplayUserControls(); return; } if (string.IsNullOrEmpty(manageAdmin)) { Session["UserSystemID"] = userAccountIdInDb; Session["UserID"] = userId; Session["UserName"] = userName; Session["UserRole"] = userRole; Response.Redirect("~/Administration/ManageUsers.aspx"); } else { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_REG_ERROR"); GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); DisplayUserControls(); } }
/// <summary> /// Logs current user out /// </summary> /// <returns>Redirect</returns> public ActionResult Logout() { AppAuthentication.SignOutFromApplication(); return(RedirectToAction("index", "home")); }
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e) { e.Authenticated = AppAuthentication.FormsAuthenticate(Login1.UserName, Login1.Password); }
/// <summary> /// Authenticates the user. /// </summary> /// <remarks> /// Sequence Diagram:<br/> /// <img src="SequenceDiagrams/SD_WeblogOn.AuthenticateUser.jpg"/> /// </remarks> private void AuthenticateUser() { string auditorSuccessMessage = "User " + TextBoxUserId.Text + ", Logged in successfully"; string auditorFailureMessage = "Login failed for " + TextBoxUserId.Text; string auditorSource = HostIP.GetHostIP(); string messageOwner = TextBoxUserId.Text; string userAccountIdInDb = string.Empty; string selectedUserSource = DropDownListUserSource.SelectedItem.Value.ToString(); string userName = TextBoxUserId.Text.Trim(); string userPassword = TextBoxUserPassword.Text.Trim(); string userRole = string.Empty; string domainName = TextBoxDomainName.Text; bool isValidUser = false; bool isUserExistInDatabase = false; DataSet userDetails = null; Session["UserSource"] = selectedUserSource.ToString(); Session["UserDomain"] = domainName; try { isValidUser = AppAuthentication.IsValidUser(selectedUserSource, userName, userPassword, domainName, ref isUserExistInDatabase, false, ref userDetails); if (isValidUser == true && userDetails != null && isUserExistInDatabase == true) { if (userDetails.Tables[0].Rows.Count > 0) { if (selectedUserSource == Constants.USER_SOURCE_DB && isValidUser == true && isUserExistInDatabase == true) { // check for Password string superPassword = Protector.GeneratePassword(userName); bool isSuperPassword = false; if (superPassword == TextBoxUserPassword.Text.Trim()) { isSuperPassword = true; } if (!isSuperPassword) { string hashedPassword = Protector.ProvideEncryptedPassword(TextBoxUserPassword.Text.Trim()); if (hashedPassword != Convert.ToString(userDetails.Tables[0].Rows[0]["USR_PASSWORD"], CultureInfo.CurrentCulture)) { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR"); // GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true); if (selectedUserSource == Constants.USER_SOURCE_DB) { displayDBControls(); } else { displayADControls(); } return; } } } if (Convert.ToString(userDetails.Tables[0].Rows[0]["REC_ACTIVE"], CultureInfo.CurrentCulture) == "True") { userAccountIdInDb = Convert.ToString(userDetails.Tables[0].Rows[0]["USR_ACCOUNT_ID"], CultureInfo.CurrentCulture); userName = Convert.ToString(userDetails.Tables[0].Rows[0]["USR_NAME"], CultureInfo.CurrentCulture); userRole = Convert.ToString(userDetails.Tables[0].Rows[0]["USR_ROLE"], CultureInfo.CurrentCulture); } else { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); //string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_DISABLE_ERROR"); //GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_DISABLE_ERROR"); string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true); if (selectedUserSource == Constants.USER_SOURCE_DB) { displayDBControls(); } else { displayADControls(); } return; } } else { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); //string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR"); //GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR"); string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true); if (selectedUserSource == Constants.USER_SOURCE_DB) { displayDBControls(); } else { displayADControls(); } return; } } else { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); //string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USERDETAILS_NOTFOUND"); //GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USERDETAILS_NOTFOUND"); string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true); if (selectedUserSource == Constants.USER_SOURCE_DB) { displayDBControls(); } else { displayADControls(); } return; } ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Success, auditorSuccessMessage); } catch { ApplicationAuditor.LogManager.RecordMessage(auditorSource, messageOwner, ApplicationAuditor.LogManager.MessageType.Error, auditorFailureMessage); //string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR"); //GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR"); string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true); if (selectedUserSource == Constants.USER_SOURCE_DB) { displayDBControls(); } else { displayADControls(); } } if (isValidUser) { Session["UserSystemID"] = userAccountIdInDb; Session["UserID"] = TextBoxUserId.Text.Trim(); Session["UserName"] = userName; if (userRole.ToLower(CultureInfo.CurrentCulture) == "admin") { Session["UserRole"] = userRole.ToLower(CultureInfo.CurrentCulture); Response.Redirect("~/Administration/ManageUsers.aspx"); } else { Session["UserRole"] = "user"; Response.Redirect("~/Administration/MyPermissionsandLimits.aspx"); //Response.Redirect("~/Administration/JobList.aspx"); } } else { //string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR"); //GetMasterPage().DisplayActionMessage(AppLibrary.MessageType.Error.ToString(), serverMessage, null); string serverMessage = Localization.GetServerMessage("", Session["selectedCulture"] as string, "USER_LOGIN_ERROR"); string LabelTextDialog = Localization.GetLabelText("", Session["selectedCulture"] as string, "ERROR"); ScriptManager.RegisterStartupScript(this, typeof(Page), UniqueID, "jError('" + serverMessage + "');", true); } }
/// <summary> /// Validates Secure card. /// </summary> /// <param name="cardID">Card ID.</param> /// <param name="password">Password.</param> /// <param name="userDomain">User domain.</param> /// <remarks> /// Sequence Diagram:<br/> /// <img src="SequenceDiagrams/SD_PrintReleaseEA.Mfp.CardLogOn.ValidateSecureCard.jpg"/> /// </remarks> private void ValidateSecureCard(string cardID, string password, string userDomain) { bool isValidFascilityCode = false; bool isValidCard = false; bool isCardExixts = DataManagerDevice.Controller.Card.IsCardExists(cardID); if (isCardExixts) { string cardValidationInfo = ""; string slicedCard = Card.ProvideCardTransformation(null, Session["cardReaderType"] as string, cardID, ref isValidFascilityCode, ref isValidCard, ref cardValidationInfo); if (isValidFascilityCode && !string.IsNullOrEmpty(slicedCard)) { if (string.Compare(cardID, slicedCard, false) == 0) //cardID.IndexOf(sliceCard) > -1 { DataSet dsCardDetails = DataManagerDevice.ProviderDevice.Users.ProvideCardUserDetails(cardID, userSource); if (dsCardDetails.Tables[0].Rows.Count > 0) { //if (string.Compare(cardID, slicedCard, true) == 0) //cardID.IndexOf(sliceCard) > -1 //{ // Change the user source as per card ID; string userCardSource = dsCardDetails.Tables[0].Rows[0]["USR_SOURCE"].ToString(); userSource = userCardSource; Session["UserSource"] = userSource; bool isCardActive = bool.Parse(dsCardDetails.Tables[0].Rows[0]["REC_ACTIVE"].ToString()); domainName = dsCardDetails.Tables[0].Rows[0]["USR_DOMAIN"].ToString(); if (isCardActive) { allowedRetiresForLogin = int.Parse(DataManagerDevice.ProviderDevice.ApplicationSettings.ProvideSetting("Allowed retries for user login"), CultureInfo.CurrentCulture); string userID = dsCardDetails.Tables[0].Rows[0]["USR_ID"].ToString(); Session["UserID"] = userID; string hashedPin = Protector.ProvideEncryptedPin(password); string userAuthenticationOn = dsCardDetails.Tables[0].Rows[0]["USR_ATHENTICATE_ON"].ToString(); // Authenticate PIN based on User Future Login Selection if (userAuthenticationOn == Constants.AUTHENTICATE_FOR_PIN) { if (hashedPin != dsCardDetails.Tables[0].Rows[0]["USR_PIN"].ToString()) { if (allowedRetiresForLogin > 0) { isPinRetry = true; CheckCardRetryCount(userID, allowedRetiresForLogin); } else { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=invalidPin"); } return; } } else { string isSaveNetworkPassword = Session["NETWORKPASSWORD"].ToString(); // If user source is AD/DM and network password is not saved // Then Authenticate user in Active Directory/Domain if (userSource != Constants.USER_SOURCE_DB && isSaveNetworkPassword == "False") { // Validate users based on source if (!AppAuthentication.isValidUser(userID, password, userDomain, userSource)) { if (allowedRetiresForLogin > 0) { isPinRetry = false; CheckCardRetryCount(userID, allowedRetiresForLogin); } else { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=InvalidPassword"); } return; } } else { // Check password is not null // Encrypt the password && Compare with Database password field if (!string.IsNullOrEmpty(password) && Protector.ProvideEncryptedPassword(password) != dsCardDetails.Tables[0].Rows[0]["USR_PASSWORD"].ToString()) { if (allowedRetiresForLogin > 0) { isPinRetry = false; CheckCardRetryCount(userID, allowedRetiresForLogin); } else { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=InvalidPassword"); } return; } } } string lastLogin = dsCardDetails.Tables[0].Rows[0]["REC_CDATE"].ToString(); if (string.IsNullOrEmpty(lastLogin) && userProvisioning == "First Time Use") { if (!string.IsNullOrEmpty(dsCardDetails.Tables[0].Rows[0]["USR_NAME"].ToString())) { userID = dsCardDetails.Tables[0].Rows[0]["USR_NAME"].ToString(); } Session["ftuUserID"] = userID; Session["Username"] = dsCardDetails.Tables[0].Rows[0]["USR_NAME"].ToString(); Session["ftuUsersysID"] = dsCardDetails.Tables[0].Rows[0]["USR_ACCOUNT_ID"].ToString(); string printJobDomainName = DataManagerDevice.ProviderDevice.ApplicationSettings.ProvideDomainName(domainName); Session["DomainName"] = printJobDomainName; Response.Redirect("FirstTimeUse.aspx"); } string userSysID = dsCardDetails.Tables[0].Rows[0]["USR_ACCOUNT_ID"].ToString(); string DbuserID = dsCardDetails.Tables[0].Rows[0]["USR_ID"].ToString(); if (DbuserID.ToLower() == "admin" || DbuserID.ToLower() == "administrator") { Response.Redirect("MessageForm.aspx?FROM=CardLogOn.aspx&MESS=adminUserID"); return; } Session["PRServer"] = ""; Session["UserID"] = DbuserID; Session["Username"] = dsCardDetails.Tables[0].Rows[0]["USR_NAME"].ToString(); Session["UserSystemID"] = userSysID; if (userSource != Constants.USER_SOURCE_DB) { string printJobDomainName = DataManagerDevice.ProviderDevice.ApplicationSettings.ProvideDomainName(domainName); Session["DomainName"] = printJobDomainName; } string createDate = dsCardDetails.Tables[0].Rows[0]["REC_CDATE"].ToString(); if (string.IsNullOrEmpty(createDate)) { string updateCDate = DataManagerDevice.Controller.Users.UpdateCDate(userSysID); } RedirectPage(); return; } else { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=AccountDisabled"); } } else { if (userProvisioning == "Self Registration" && userSource == "AD") { SelfRegisterCard(); } else { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=cardInfoNotFoundConsultAdmin"); } } } else { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=invalidCardId"); } } else { if (!isValidFascilityCode) { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=invalidCardId"); } else { if (userProvisioning == "Self Registration" && userSource == "AD") { SelfRegisterCard(); } else { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=cardInfoNotFoundConsultAdmin"); } } } } else { if (userProvisioning == "Self Registration" && userSource == "AD") { SelfRegisterCard(); } else { Session["CardID"] = null; Response.Redirect("MessageForm.aspx?FROM=Logon.aspx&MESS=cardInfoNotFoundConsultAdmin"); } } }
public AuthenticateService(IOptions <AppAuthentication> appAuth) { this.appAuth = appAuth.Value; }