Exemplo n.º 1
0
        public void Get_DoesNotReturnNullForValidUserName()
        {
            var actualUserSession = _userLoginService.GetUserSessionModel(VALID_USER_NAME);

            //test
            Assert.IsNotNull(actualUserSession);
        }
Exemplo n.º 2
0
        public MobileResponseModel Post([FromBody] UserLoginModel model)
        {
            var authenticationModel = new MobileResponseModel
            {
                IsSuccess = false
            };

            if (string.IsNullOrEmpty(model.Password) || string.IsNullOrEmpty(model.UserName) ||
                string.IsNullOrEmpty(model.DeviceKey))
            {
                authenticationModel.Message = "UserName or Password can not be empty";
                return(authenticationModel);
            }

            var isValid = _userLoginRepository.ValidateUser(model.UserName, model.Password);

            if (isValid)
            {
                try
                {
                    var userSession = _userLoginService.GetUserSessionModel(model.UserName);

                    if (userSession.CurrentOrganizationRole == null)
                    {
                        authenticationModel.Message = "Your default role has been removed. Please contact your administrator.";
                        return(authenticationModel);
                    }

                    if (!userSession.CurrentOrganizationRole.CheckRole((long)Roles.Technician) && !userSession.CurrentOrganizationRole.CheckRole((long)Roles.NursePractitioner))
                    {
                        authenticationModel.Message = "Your default role must be Technician or Nurse Practitioner. Please contact your administrator.";
                        return(authenticationModel);
                    }

                    int pinExpirationDays = 0;
                    Int32.TryParse(_configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.PinExpirationDays), out pinExpirationDays);

                    int daysBeforAlert = 0;

                    Int32.TryParse(_configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AlertBeforePinExpirationInDays), out daysBeforAlert);
                    var pinExpireInDays = _technicianRepository.GetPinExpireInDays(userSession.CurrentOrganizationRole.OrganizationRoleUserId, pinExpirationDays);

                    if (pinExpireInDays <= daysBeforAlert)
                    {
                        pinExpireInDays = pinExpireInDays <= 0 ? 0 : pinExpireInDays;
                    }

                    _sessionContext.UserSession = userSession;

                    var loggedInUser = _userRepository.GetUser(userSession.UserId);
                    _sessionContext.LastLoggedInTime = loggedInUser.UserLogin.LastLogged.ToString();
                    _userLoginRepository.UpdateLoginStatus(_sessionContext.UserSession.UserId, true);

                    var sessionId = Guid.NewGuid().ToString();

                    var userLoginLog = SaveLoginInfo(userSession.UserId, sessionId, model.DeviceKey);

                    _sessionContext.UserSession.UserLoginLogId = userLoginLog.Id;

                    var technicianProfile = new Technician();

                    if (_sessionContext.UserSession.AvailableOrganizationRoles.Any(x => x.RoleId == (long)Roles.Technician))
                    {
                        var technicianOrgRoleUserId = _sessionContext.UserSession.AvailableOrganizationRoles.First(x => x.RoleId == (long)Roles.Technician).OrganizationRoleUserId;
                        technicianProfile = _technicianRepository.GetTechnician(technicianOrgRoleUserId);
                    }

                    authenticationModel = new MobileResponseModel
                    {
                        IsSuccess  = true,
                        Message    = "Successfully Logged In",
                        StatusCode = 200,
                        Data       = new AuthenticationModel
                        {
                            UserId = userSession.UserId,//Todo: need to check if OrgRoleUserID Can be Sent
                            Token  = (sessionId + "_" + userLoginLog.UserId).Encrypt(),
                            Name   = userSession.FullName,
                            Role   = userSession.CurrentOrganizationRole.RoleDisplayName,
                            Pin    = !string.IsNullOrWhiteSpace(technicianProfile.Pin) ? technicianProfile.Pin.Encrypt() : string.Empty,
                            ShowAlertBeforePinExpirationInDays = daysBeforAlert,
                            RemainingDays = pinExpireInDays,
                        }
                    };
                }
                catch (Exception exception)
                {
                    _logger.Error("while loging user" + exception.StackTrace);
                    authenticationModel.Message = "UserName or Password is not valid";

                    return(authenticationModel);
                }
            }
            else
            {
                _logger.Warn("Tried to access with invalid cridential");

                authenticationModel.Message = "UserName or Password is not valid";
                return(authenticationModel);
            }

            return(authenticationModel);
        }
Exemplo n.º 3
0
        public ActionResult Index(UserLoginModel userLoginModel, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return(View(userLoginModel));
            }

            bool isValid = _loginRepository.ValidateUser(userLoginModel.UserName, userLoginModel.Password);

            if (isValid)
            {
                try
                {
                    var userLogin = _loginRepository.GetByUserName(userLoginModel.UserName);
                    var user      = _userRepository.GetUser(userLogin.Id);
                    var orgRoles  = _organizationRoleUserRepository.GetOrganizationRoleUserCollectionforaUser(user.Id);
                    if (orgRoles.Any(oru => oru.RoleId == (long)Roles.Customer) && user.DefaultRole == Roles.Customer)
                    {
                        var customer = _customerRepository.GetCustomerByUserId(user.Id);
                        if (!string.IsNullOrEmpty(customer.Tag))
                        {
                            var account = _corporateAccountRepository.GetByTag(customer.Tag);
                            if (account != null && !account.AllowCustomerPortalLogin)
                            {
                                userLoginModel.FeedbackMessage =
                                    FeedbackMessageModel.CreateFailureMessage("Unable to login in. Please contact " +
                                                                              _settings.SupportEmail + " OR call us at " +
                                                                              _settings.PhoneTollFree);
                                return(View(userLoginModel));
                            }
                        }
                    }

                    var userName = userLoginModel.UserName;
                    FormsAuthentication.SetAuthCookie(userName, true);
                    _sessionContext.UserSession      = _loginService.GetUserSessionModel(userName);
                    _sessionContext.LastLoggedInTime = userLogin.LastLogged.ToString();

                    if (_sessionContext.UserSession.CurrentOrganizationRole == null)
                    {
                        userLoginModel.FeedbackMessage =
                            FeedbackMessageModel.CreateFailureMessage(
                                "Your default role has been removed. Please contact your administrator.");
                        return(View(userLoginModel));
                    }

                    Role role = null;
                    var  isTwoFactorAuthrequired = true;
                    var  useOtpSms   = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms);
                    var  useOtpEmail = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail);
                    var  useOtpByGoogleAuthenticator = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator);

                    var isPinRequired = false;


                    if (useOtpSms == "True" || useOtpEmail == "True" || useOtpByGoogleAuthenticator == "True")
                    {
                        var defaultRole = orgRoles.FirstOrDefault(oru => oru.RoleId == (long)user.DefaultRole);
                        if (defaultRole != null)
                        {
                            role          = _roleRepository.GetByRoleId(defaultRole.RoleId);
                            isPinRequired = role.IsPinRequired;
                        }

                        if (userLogin.IsTwoFactorAuthrequired == null)
                        {
                            if (defaultRole != null)
                            {
                                isTwoFactorAuthrequired = role.IsTwoFactorAuthrequired;
                            }
                        }
                        else
                        {
                            isTwoFactorAuthrequired = userLogin.IsTwoFactorAuthrequired.Value;
                        }
                    }
                    else
                    {
                        isTwoFactorAuthrequired = false;
                    }

                    if (isTwoFactorAuthrequired || isPinRequired)
                    {
                        var loginSettings = _loginSettingRepository.Get(_sessionContext.UserSession.UserId);

                        if (loginSettings == null || loginSettings.IsFirstLogin)
                        {
                            TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired;
                            return(RedirectToAction("Setup"));
                        }
                        else if (isPinRequired && loginSettings.DownloadFilePin == "")
                        {
                            TempData["IsTwoFactorAuthrequired"] = isTwoFactorAuthrequired;
                            TempData["setPinOnly"] = true;
                            return(RedirectToAction("Setup"));
                        }

                        if (isTwoFactorAuthrequired)
                        {
                            var isSafe        = false;
                            var isSafeAllowed = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.AllowSafeComputerRemember);

                            if (isSafeAllowed == "True")
                            {
                                var browserName  = Request.Browser.Browser + " " + Request.Browser.Version;
                                var requestingIp = Request.UserHostAddress;
                                var safeComputer = new SafeComputerHistory()
                                {
                                    BrowserType = browserName,
                                    ComputerIp  = requestingIp,
                                    DateCreated = DateTime.Now,
                                    IsActive    = true,
                                    UserLoginId = user.Id
                                };
                                isSafe = _safeComputerHistoryService.IsSafe(safeComputer);
                            }

                            if (!isSafe)
                            {
                                if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Sms)
                                {
                                    if (useOtpSms == "True")
                                    {
                                        return(RedirectToAction("Otp"));
                                    }
                                    TempData["IsTwoFactorAuthrequired"] = true;
                                    TempData["IsOnGlobalSettingChange"] = true;
                                    return(RedirectToAction("Setup"));
                                }
                                if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.Email)
                                {
                                    if (useOtpEmail == "True")
                                    {
                                        return(RedirectToAction("Otp"));
                                    }
                                    TempData["IsTwoFactorAuthrequired"] = true;
                                    TempData["IsOnGlobalSettingChange"] = true;
                                    return(RedirectToAction("Setup"));
                                }
                                if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.BothSmsEmail)
                                {
                                    if (useOtpSms == "True" || useOtpEmail == "True")
                                    {
                                        return(RedirectToAction("Otp"));
                                    }
                                    TempData["IsTwoFactorAuthrequired"] = true;
                                    TempData["IsOnGlobalSettingChange"] = true;
                                    return(RedirectToAction("Setup"));
                                }
                                if (loginSettings.AuthenticationModeId == (long)AuthenticationMode.AuthenticatorApp)
                                {
                                    return(RedirectToAction("Authenticator"));
                                }
                            }
                        }
                    }


                    return(GoToDashboard(_sessionContext.UserSession.UserId, returnUrl));
                }
                catch (Exception ex)
                {
                    _logger.Error("Error: Message: " + ex.Message + "\n Stack trace:" + ex.StackTrace);
                    userLoginModel.FeedbackMessage = FeedbackMessageModel.CreateFailureMessage("System Error: Unable to login in. Please contact support.");
                    return(View(userLoginModel));
                }
            }

            //not logged in.
            return(View(GetLoginFailureMessage(userLoginModel)));
        }