public ActionResult Edit(long id, Roles roleId) { var currentSession = _sessionContext.UserSession.CurrentOrganizationRole; if (currentSession.UserId == id && currentSession.RoleId == (long)roleId) { var profileEditModel = _userProfileService.GetProfileEditModel(id); if (string.IsNullOrEmpty(profileEditModel.Secret)) { string secret = "", enc = ""; secret = TimeBasedOneTimePassword.GenerateSecret(out enc); TempData["EncodedSecret"] = secret; profileEditModel.EncodedSecret = enc; } else { TempData["EncodedSecret"] = profileEditModel.Secret; profileEditModel.EncodedSecret = TimeBasedOneTimePassword.EncodeSecret(profileEditModel.Secret); } if (roleId == Roles.Technician) { var technicianProfile = _technicianRepository.GetTechnician(currentSession.OrganizationRoleUserId); profileEditModel.TechnicianPin = technicianProfile != null ? technicianProfile.Pin : "0000"; } return(View(profileEditModel)); } Response.RedirectUser("/Home/UnauthorizeAccess"); return(null); }
public ActionResult Setup() { //to do : if user pastes the url then move him to dashboard based on condition if the entry is present in the database if (_sessionContext.UserSession == null) { return(RedirectToAction("Index")); } var IsOnGlobalSettingChange = false; var loginSettings = _loginSettingRepository.Get(_sessionContext.UserSession.UserId); if (TempData["IsOnGlobalSettingChange"] != null) { IsOnGlobalSettingChange = (bool)TempData["IsOnGlobalSettingChange"]; } var setPinOnly = TempData["setPinOnly"]; if (loginSettings != null && loginSettings.IsFirstLogin == false && IsOnGlobalSettingChange == false && (setPinOnly == null || (bool)setPinOnly == false)) { Response.RedirectUser("/Users/Role/Switch?roleId=" + _sessionContext.UserSession.CurrentOrganizationRole.RoleId + "&organizationId=" + _sessionContext.UserSession.CurrentOrganizationRole.OrganizationId); return(null); } var isTwoFactorAuthrequired = (bool)TempData["IsTwoFactorAuthrequired"]; string secret = "", enc = ""; secret = TimeBasedOneTimePassword.GenerateSecret(out enc); TempData["EncodedSecret"] = secret; var role = _roleRepository.GetByRoleId(_sessionContext.UserSession.CurrentOrganizationRole.RoleId); var model = new SetupViewModel() { EncodedSecret = enc, IsPinRequired = role.IsPinRequired, UserLoginId = _sessionContext.UserSession.CurrentOrganizationRole.UserId }; if (isTwoFactorAuthrequired) { model.IsOtpBySmsEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumSms) == "True"; model.IsOtpByEmailEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpNotificationMediumEmail) == "True"; model.IsOtpByAppEnabled = _configurationSettingRepository.GetConfigurationValue(ConfigurationSettingName.OtpByGoogleAuthenticator) == "True"; } if (setPinOnly != null && (bool)setPinOnly) { model.IsOtpBySmsEnabled = false; model.IsOtpByEmailEnabled = false; model.IsOtpByAppEnabled = false; } TempData.Keep("setPinOnly"); TempData.Keep("IsTwoFactorAuthrequired"); TempData.Keep("IsOnGlobalSettingChange"); return(View(model)); }
public ActionResult GetQrCode(long userId) { var loginSettings = _loginSettingRepository.Get(userId); if (loginSettings != null) { var secret = loginSettings.GoogleAuthenticatorSecretKey; Session["EncodedSecret"] = secret; if (string.IsNullOrEmpty(secret)) { string enc = ""; secret = TimeBasedOneTimePassword.GenerateSecret(out enc); Session["EncodedSecret"] = secret; ViewBag.EncodedSecret = enc; } else { Session["EncodedSecret"] = secret; ViewBag.EncodedSecret = TimeBasedOneTimePassword.EncodeSecret(secret); } } return(View()); }