public static void UpdateSession()
{
var userDetail =
new UserManagement().FindUserByUserId(Convert.ToInt32(HttpContext.Current.User.Identity.Name));
HttpContext.Current.Session["displayname"] = userDetail.DisplayName;
HttpContext.Current.Session["firstname"] = userDetail.FirstName;
HttpContext.Current.Session["lastname"] = userDetail.LastName;
HttpContext.Current.Session["IsAdmin"] = GlobalAppSettings.IsAdmin(userDetail.UserId);
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.HttpContext.User.Identity.IsAuthenticated == false)
{
filterContext.Result = new RedirectResult("/login", true);
}
else
{
var isAdmin = GlobalAppSettings.IsAdmin(Convert.ToInt32(filterContext.HttpContext.User.Identity.Name));
if (isAdmin == false)
{
filterContext.Result = new ViewResult
{
ViewName = "../Home/PermissionDenied"
};
}
}
base.OnActionExecuting(filterContext);
}
public ActionResult Login(string username, string password, string remember, string returnUrl)
{
var tokenCryptography = new TokenCryptography();
if (username != null && password != null)
{
var ipAddress = Request.UserHostAddress;
var encryptedUsername = tokenCryptography.Encrypt(username, ipAddress);
var encryptedPassword = tokenCryptography.Encrypt(password, ipAddress);
LogExtension.LogInfo("Login Encryption done", MethodBase.GetCurrentMethod(), " UserName - " + username + " Password - " + password + " Remember - " + remember + " ReturnUrl - " + returnUrl);
var headers = new Dictionary <string, object>
{
{
"Authorization",
Convert.ToBase64String(Encoding.UTF8.GetBytes(encryptedUsername + ":" + encryptedPassword))
}
};
LogExtension.LogInfo("Login API requested", MethodBase.GetCurrentMethod());
var apiResponse = _javaScriptSerializer.Deserialize <ApiResponse>(_apiHandler.ApiProcessor("/api/accounts/login", headers,
new Dictionary <string, object>()));
var apiData = DictionaryHelper.GetObject(apiResponse.Data as Dictionary <string, object>, typeof(ApiData)) as ApiData;
LogExtension.LogInfo("Login API Data received", MethodBase.GetCurrentMethod(), " UserName - " + username + " Password - " + password + " Remember - " + remember + " ReturnUrl - " + returnUrl);
LogExtension.LogInfo("Login result is " + apiData.StatusText, MethodBase.GetCurrentMethod(), " UserName - " + username + " Password - " + password + " Remember - " + remember + " ReturnUrl - " + returnUrl);
var isValid = apiData.StatusText;
switch (isValid.ToLower())
{
case "validuser":
var userDetail = _userManagement.FindUserByUserName(username);
FormsAuthentication.SetAuthCookie(userDetail.UserId.ToString(), remember != null && remember.ToLower().Trim() == "on");
GlobalAppSettings.SetTimeZone(userDetail.UserId);
HttpContext.Session["displayname"] = userDetail.DisplayName;
HttpContext.Session["firstname"] = userDetail.FirstName;
HttpContext.Session["lastname"] = userDetail.LastName;
HttpContext.Session["IsAdmin"] = GlobalAppSettings.IsAdmin(userDetail.UserId);
_userManagement.UpdateLoginTime(userDetail.UserId, DateTime.UtcNow);
if (String.IsNullOrWhiteSpace(returnUrl))
{
return(RedirectToAction("reports", "reports"));
}
return(Redirect(returnUrl));
case "invalidpassword":
TempData["currentValue"] = username;
TempData["errorUserName"] = "";
TempData["errorPassword"] = apiData.Message;
TempData["errorUserStatus"] = "";
TempData["errorPasswordStatus"] = "inline-block";
return(View());
case "throttleduser":
TempData["errorUserName"] = "";
TempData["errorPassword"] = "";
TempData["User"] = apiData.Message;
return(View());
case "invalidusername":
TempData["currentValue"] = username;
TempData["errorUserName"] = apiData.Message;
TempData["errorPassword"] = "";
TempData["errorUserStatus"] = "inline-block";
TempData["errorPasswordStatus"] = "";
return(View());
case "deactivateduser":
TempData["errorUserName"] = "";
TempData["errorPassword"] = "";
TempData["errorUserStatus"] = "inline-block";
TempData["User"] = apiData.Message;
return(View());
default:
TempData["errorUserName"] = "";
TempData["errorPassword"] = "";
TempData["errorUserStatus"] = "inline-block";
TempData["User"] = apiData.Message;
return(View());
}
}
return(View());
}
public JsonResult CheckMailSettingsExist()
{
var isAdmin = GlobalAppSettings.IsAdmin(Convert.ToInt32(HttpContext.User.Identity.Name));
return(Json(new { result = SystemSettingsModel.MailSettingsExist(), isAdmin }));
}