protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//let us take out the username now
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
string roles = string.Empty;
using (FirstCargoDbEntities entities = new FirstCargoDbEntities())
{
USER user = entities.USER.SingleOrDefault(u => u.userName == username);
if (user.isAdmin)
{
roles = "Admin";
}
}
//let us extract the roles from our own custom cookie
//Let us set the Pricipal with our user specific details
HttpContext.User = new System.Security.Principal.GenericPrincipal(
new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
}
catch (Exception)
{
//somehting went wrong
}
}
}
}
public async Task <ActionResult> ManageUser(USER user)
{
ViewBag.ReturnUrl = Url.Action("ManageUser");
// Remove the useles data column because we dont#t need them to Change the password
ModelState.Remove("password");
ModelState.Remove("userName");
ModelState.Remove("userID");
ModelState.Remove("email");
int userId = user.userID;
// var errors3 = ModelState
//.Where(x => x.Value.Errors.Count > 0)
//.Select(x => new { x.Key, x.Value.Errors })
//.ToArray();
if (ModelState.IsValid)
{
// Set obligated User Property before updated the changes
user.password = user.newPassword;
user.userName = User.Identity.GetUserName().Split('|')[0].ToString();
user.userID = Int32.Parse(User.Identity.GetUserName().Split('|')[1]);
using (FirstCargoDbEntities entities = new FirstCargoDbEntities())
{
USER userToUpdate = entities.USER.SingleOrDefault(u => u.userName == user.userName);
var hashCode = userToUpdate.vCode;
//Password Hasing Process Call Helper Class Method
var encodingPasswordString = RegistrationLoginHelper.EncodePassword(user.oldPassword, hashCode);
if (encodingPasswordString.Equals(userToUpdate.password))
{
//Check Login Detail User Name Or Password
var query = (from s in entities.USER where (s.userName == user.userName || s.email == user.userName) && s.password.Equals(encodingPasswordString) select s).FirstOrDefault();
if (query != null)
{
var password = RegistrationLoginHelper.EncodePassword(user.newPassword, hashCode);
userToUpdate.oldPassword = userToUpdate.password;
userToUpdate.password = userToUpdate.newPassword = userToUpdate.confirmPassword = password;
userToUpdate.passwordChangedDates = DateTime.Now;
db.Entry(userToUpdate).State = EntityState.Modified;
try
{
await db.SaveChangesAsync();
}
catch (System.Data.Entity.Validation.DbEntityValidationException dbEx)
{
// Todo Log the error
}
}
}
}
return(RedirectToAction("ManageUser", new { Message = NotificationMessage.ManageMessageId.ChangePasswordSuccess }));
}
// how form again if there is a failure
return(View(user));
}
public ActionResult Login([Bind(Exclude = "oldPassword,confirmPassword")] USER model)
{
ModelState.Remove("oldPassword");
ModelState.Remove("confirmPassword");
ModelState.Remove("newPassword");
ModelState.Remove("email");
// Lets first check if the Model is valid or not
if (ModelState.IsValid)
{
using (FirstCargoDbEntities entities = new FirstCargoDbEntities())
{
string username = model.userName;
string password = model.password;
USER user = entities.USER.SingleOrDefault(u => u.userName == username);
var hashCode = user.vCode;
//Password Hasing Process Call Helper Class Method
var encodingPasswordString = RegistrationLoginHelper.EncodePassword(password, hashCode);
//Check Login Detail User Name Or Password
var query = (from s in entities.USER where (s.userName == model.userName || s.email == model.userName) && s.password.Equals(encodingPasswordString) select s).FirstOrDefault();
// User found in the database
if (query != null)
{
FormsAuthentication.SetAuthCookie(username + "|" + user.userID.ToString() + "|" + user.isAdmin, false);
int test = CurrentUserId;
string test2 = User.Identity.GetUserName().Split('|')[0];
string test3 = User.Identity.GetUserName();
return(RedirectToAction("Index", "Vehicule"));
}
else
{
ModelState.AddModelError("", @ViewResources.Resource.LoginError);
}
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
