/// <summary>
 /// Indexes this instance.
 /// </summary>
 /// <returns>ActionResult.</returns>
 public ActionResult Index()
 {
     var model = new StartScreenViewModel();
     var dispatcher = NewsDispatcher.GetNewsDispatcher();
     model.News = dispatcher.NewsStack;
     model.LogoView = dispatcher.LoginHtml;
     return View(model);
 }
Exemplo n.º 2
0
        /// <summary>
        /// Changes the password.
        /// </summary>
        /// <param name="model">The model.</param>
        /// <returns>ActionResult.</returns>
        public ActionResult ChangePassword(StartScreenViewModel model)
        {
            if (model == null)
                return null;

            var dispatcher = NewsDispatcher.GetNewsDispatcher();
            model.News = dispatcher.NewsStack;
            model.LogoView = dispatcher.LoginHtml;

            return View(model);
        }
Exemplo n.º 3
0
        public ActionResult ChangePassword(StartScreenViewModel model, string returnUrl)
        {
            if (model == null)
                return null;

            try
            {
                if (string.IsNullOrEmpty(model.UserName))
                    model.UserName = TempData["userName"] as string;

                if (string.IsNullOrEmpty(model.UserName))
                    return Redirect(returnUrl ?? Url.Action("Index", "Default"));

                var errorInfo = MQ1Identity.ChangePassword(model.UserName, model.OldPassword, model.NewPassword, model.ConfirmPassword);

                if (errorInfo == null && ApplicationContext.User.Identity is MQ1Identity)
                {
                    var identity = (MQ1Identity)ApplicationContext.User.Identity;
                    if (identity.ErrorInfo != null && !string.IsNullOrWhiteSpace(identity.ErrorInfo.ErrorMessage))
                    {
                        ModelState.AddModelError(string.Empty, identity.ErrorInfo.ErrorMessage);
                        TempData["userName"] = model.UserName;
                        return View(model);
                    }

                   // return Redirect(returnUrl ?? Url.Action("Index", "Default"));
                    return LoginRedirect(model, returnUrl, identity);
                }

                var errorMessage = errorInfo != null && !string.IsNullOrWhiteSpace(errorInfo.ErrorMessage) ? ": " + errorInfo.ErrorMessage : string.Empty;

                ModelState.AddModelError(string.Empty, string.Format(CultureInfo.InvariantCulture, "{0}{1}", LanguageService.Translate("Error_AuthenticationFailed"), errorMessage));
                TempData["userName"] = model.UserName;
                return View(model);
            }
            catch (Exception ex)
            {
                ModelState.AddModelError(string.Empty, ex.Message);
                return View(model);
            }
        }
Exemplo n.º 4
0
        /// <summary>
        /// Logins this instance.
        /// </summary>
        /// <returns>ActionResult.</returns>
        public ActionResult Login()
        {
            if (Request.Browser.IsMobileDevice)
            {
                return RedirectToAction("Index", "Mobile");
            }

            StartScreenViewModel startScreenVM;

            if (!DbConnectionChecker.Check())
                startScreenVM = new StartScreenViewModel { Error = DbConnectionChecker.ErrorMessage };
            else
            {
                CheckMessages();

                var dispatcher = NewsDispatcher.GetNewsDispatcher();
                startScreenVM = new StartScreenViewModel
                {
                    News = dispatcher.NewsStack,
                    LogoView = dispatcher.LoginHtml,
                    InitParams = string.Empty,
                    ShowWarning = SystemOptionsEdit.GetSysOptionsInfo().ShowWarning,
                    WarningMessage = SystemOptionsEdit.GetSysOptionsInfo().WarningMessage,
                    WarningCaption = SystemOptionsEdit.GetSysOptionsInfo().WarningCaption,
                    ShowInfo = SystemOptionsEdit.GetSysOptionsInfo().ShowInfo,
                    InfoMessage = SystemOptionsEdit.GetSysOptionsInfo().InfoMessage,
                    InfoCaption = SystemOptionsEdit.GetSysOptionsInfo().InfoCaption,
                    ShowSuccess = SystemOptionsEdit.GetSysOptionsInfo().ShowSuccess,
                    SuccessMessage = SystemOptionsEdit.GetSysOptionsInfo().SuccessMessage,
                    SuccessCaption = SystemOptionsEdit.GetSysOptionsInfo().SuccessCaption,
                    Brand =  ConfigurationManager.AppSettings["Branding"] == "QMS" ? Branding.QMS : Branding.Elements,
                };
            }

            return View(startScreenVM);
        }
Exemplo n.º 5
0
        /// <summary>
        /// Sets the user context.
        /// </summary>
        /// <param name="model">The model.</param>
        /// <param name="identity">The identity.</param>
        private void SetUserContext(StartScreenViewModel model, MQ1Identity identity)
        {
            SetLocale(identity.Locale);

            // use new Owin auth
            // FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
            ApplicationContext.User = HttpContext.User;

            var claims = new List<Claim>
            {
                new Claim(ClaimTypes.Name, model.UserName)
            };
            var id = new ClaimsIdentity(claims, DefaultAuthenticationTypes.ApplicationCookie);

            var ctx = Request.GetOwinContext();
            var authenticationManager = ctx.Authentication;
            authenticationManager.SignIn(new AuthenticationProperties { IsPersistent = model.RememberMe }, id);
        }
Exemplo n.º 6
0
 /// <summary>Shared by ActionResult Login and SamlConsumer.</summary>
 /// <param name="model">The model.</param>
 /// <param name="returnUrl">The return URL.</param>
 /// <param name="identity">The identity.</param>
 /// <returns></returns>
 private ActionResult LoginRedirect(StartScreenViewModel model, string returnUrl, MQ1Identity identity)
 {
     if (HttpContext != null)
     {
         model.RememberMe &= SystemOptionsEdit.GetSysOptionsInfo().AllowRememberMe;
         SetUserContext(model, identity);
     }
  
     return Redirect(Url.Action("Index", "Default"));
 }
Exemplo n.º 7
0
 /// <summary>
 /// Displays error using MVC build-in functionality.
 /// </summary>
 /// <param name="model">The <see cref="StartScreenViewModel"/> object.</param>
 /// <param name="errorName">Error message.</param>
 /// <param name="key"></param>
 private void ShowError(StartScreenViewModel model, string errorName, string key = "")
 {
     var dispatcher = NewsDispatcher.GetNewsDispatcher();
     model.News = dispatcher.NewsStack;
     model.LogoView = dispatcher.LoginHtml;
     ModelState.AddModelError(key, errorName);
 }
Exemplo n.º 8
0
        /// <summary>Shared by ActionResult Login and SamlConsumer.</summary>
        /// <param name="model">The model.</param>
        /// <param name="returnUrl">The return URL.</param>
        /// <param name="identity">The identity.</param>
        /// <returns></returns>
        private ActionResult LoginRedirect(StartScreenViewModel model, string returnUrl, MQ1Identity identity)
        {
            if (HttpContext != null)
            {
                model.RememberMe &= SystemOptionsEdit.GetSysOptionsInfo().AllowRememberMe;
                SetUserContext(model, identity);
            }

            int fileId;
            if (int.TryParse(model.DeepLink, out fileId))
            {
                return Redirect("~/DocHandler.ashx?FileId=" + fileId);
            }

            if (!string.IsNullOrEmpty(model.InitParams))
            {
                var queryString = HttpUtility.ParseQueryString(model.InitParams);
                if (queryString.HasKeys() && !string.IsNullOrEmpty(queryString["FileId"]))
                    return Redirect("~/DocHandler.ashx" + model.InitParams);

                if (queryString.HasKeys() && !string.IsNullOrEmpty(queryString[Constants.FileProcessFileName]))
                    return Redirect("~/DocHandler.ashx" + model.InitParams);
            }

            var url = returnUrl ?? Url.Action("Index", "Default");
            if (!string.IsNullOrWhiteSpace(model.DeepLink))
            {
                url += "#" + model.DeepLink;
            }

            GetLogger().Info("Redirect to " + url);
            return Redirect(url);
        }
Exemplo n.º 9
0
        /// <summary>Called by Identity Provider.</summary>
        /// <param name="model">The model.</param>
        /// <param name="returnUrl">The return URL.</param>
        /// <returns></returns>
        public ActionResult SamlConsumer(StartScreenViewModel model, string returnUrl)
        {
            if (model == null)
                return null;

            var response = Request.Form["SAMLResponse"];
            if (string.IsNullOrEmpty(response))
            {
                ShowError(model, "No saml response", model.SSOLoginError);
                return View("Login", model);
            }

            try
            {
                var sso = SSOOptionsInfo.GetSSOInfo();
                if (!sso.IsSSOValid)
                    return View("Login", model);

                var samlResponse = new SamlResponse();
                samlResponse.Initialize(sso.Certificate, response);

                if (!samlResponse.IsValid())
                {
                    ShowError(model, LanguageService.Translate("Error_AuthenticationFailed"), model.SSOLoginError);
                    return View("Login", model);
                }

                model.UserName = samlResponse.GetNameId(sso.SAMLVersion);

                // Giving temp access be able to check identity
                System.Web.HttpContext.Current.User = new GenericPrincipal(new FakeIdentity(), new string[] { });

                if (MQ1Principal.Load(model.UserName))
                {
                    var identity = (MQ1Identity)ApplicationContext.User.Identity;
                    if (identity.ErrorInfo != null && !string.IsNullOrWhiteSpace(identity.ErrorInfo.ErrorMessage))
                    {
                        ShowError(model, identity.ErrorInfo.ErrorMessage, model.SSOLoginError);
                        return View("Login", model);
                    }

                    if (Session != null)
                        Session["LoginTime"] = DateTime.Now;

                    return LoginRedirect(model, returnUrl, identity);
                }

            }
            catch (Exception ex)
            {
                model.UserName = string.Empty;
                System.Web.HttpContext.Current.User = new UnauthenticatedPrincipal();
                ShowError(
                    model, 
                    ex.Message.Contains(LanguageService.Translate("Error_AccountNotFound")) ? LanguageService.Translate("Error_AccountNotFound") : ex.Message, 
                    model.SSOLoginError);
            }

            return View("Login", model);
        }
Exemplo n.º 10
0
        /// <summary>Redirects to sso login.</summary>
        /// <param name="model">The model.</param>
        /// <param name="returnUrl">The return URL.</param>
        /// <returns></returns>
        public ActionResult LoginSSO(StartScreenViewModel model, string returnUrl)
        {
            // we should use new Owin cookie.
            // var cookie = FormsAuthentication.GetAuthCookie(HttpContext.User.Identity.Name, false);
            var cookie = Request.Cookies.Get(Constants.OwinAuthCookieName);

            var forceAuthn = cookie == null || cookie.Expires.CompareTo(DateTime.Now) <= 0;

            var sso = SSOOptionsInfo.GetSSOInfo();

            Response.Redirect(sso.IdPTargetUrl + "?SAMLRequest=" + Server.UrlEncode(SamlRequest.GetSAMLRequest(sso, forceAuthn)));

            return null;
        }
Exemplo n.º 11
0
        public ActionResult Login(StartScreenViewModel model, string returnUrl)
        {
            if (model == null)
                return null;

            if (!ModelState.IsValid)
                return View(model);

            if (MQ1Principal.Login(model.UserName, model.Password))
            {
                var identity = (MQ1Identity)ApplicationContext.User.Identity;
                if (identity.ErrorInfo != null && !string.IsNullOrWhiteSpace(identity.ErrorInfo.ErrorMessage))
                {
                    if (identity.ErrorInfo.State == LoginFailedException.LoginFailureState.UseSSO)
                    {
                        LoginSSO(model, returnUrl);
                        return null;
                    }

                    if (identity.MustChangePassword)
                    {
                        //not to use url param
                        TempData["userName"] = model.UserName;
                        TempData["MustChangePassword"] = identity.MustChangePassword;

                        return RedirectToAction("ChangePassword", new RouteValueDictionary(new { controller = "ChangePassword", action = "ChangePassword", returnUrl = returnUrl }));
                    }

                    ShowError(model, identity.ErrorInfo.ErrorMessage);
                    return View(model);
                }

                if (Session != null)
                    Session["LoginTime"] = DateTime.Now;

                return LoginRedirect(model, returnUrl, identity);
            }

            ShowError(model, "Incorrect username or password");
            return View(model);
        }
Exemplo n.º 12
0
        public ActionResult Index(StartScreenViewModel model)
        {
            var systemOptions = SystemOptionsEdit.GetSysOptionsInfo();
            if (systemOptions.IsUnderMaintenance)
            {
                MQ1Principal.Load(HttpContext.User.Identity.Name);
                var identity = (MQ1Identity)ApplicationContext.User.Identity;
                if (identity.AccountId > 0 && !identity.IsAdmin)
                {
                    return RedirectToAction("Login", "Account");
                }
            }

            if (!systemOptions.AllowRememberMe)
            {
                var ctx = Request.GetOwinContext();
                var authenticationManager = ctx.Authentication;

                if (Session != null)
                {
                    var loginTime = (DateTime?) Session["LoginTime"];
                    if (!loginTime.HasValue || DateTime.Now.Subtract(loginTime.Value).TotalSeconds > 30)
                    {
                        authenticationManager.SignOut();

                        // user new Owin auth
                        // FormsAuthentication.SignOut();
                        return RedirectToAction("Login", "Account");
                    }
                }

                // Owin supports sliding cookie expiration by default
                // If I missunderstood the meaning of this code - please, uncomment and adjust for Owin
                //if (Request.Cookies.Count > 0)
                //{
                //    var cookie = Request.Cookies.Get(Constants.OwinAuthCookieName); // Request.Cookies[".ASPXAUTH"];
                //    if (cookie != null && cookie.Value != null)
                //    {
                //        var existingTicket = FormsAuthentication.Decrypt(cookie.Value);
                //        if (existingTicket != null && 
                //            existingTicket.Name == HttpContext.User.Identity.Name && existingTicket.IsPersistent)
                //        {
                //            FormsAuthentication.SetAuthCookie(HttpContext.User.Identity.Name, false);
                //        }
                //    }
                //}
            }
           
            //var dispatcher = NewsDispatcher.GetNewsDispatcher();
            var startScreenVM = new StartScreenViewModel
                                    {
                                        //News = dispatcher.NewsStack,
                                        News = new List<NewsItem>(),
                                        //LogoView = dispatcher.LoginHtml,
                                        InitParams = InitParams(),
                                        Version = Assembly.GetExecutingAssembly().GetName().Version,
                                        HasElevatedPermissions = MQ1Principal.HasElevatedPermissions(HttpContext.User.Identity.Name),
                                        ShowWarning = SystemOptionsEdit.GetSysOptionsInfo().IsUnderMaintenance,
                                        Brand = ConfigurationManager.AppSettings["Branding"] == "QMS" ? Branding.QMS : Branding.Elements,
                                    };

            return View(startScreenVM);
        }