// // This function is responsible for authenticating the user's information. protected void AuthenticateUser(object sender, EventArgs e) { bool status = false; AdUserInfo userInfo = new AdUserInfo(); string msg = string.Empty; string user_email = string.Empty; //Get the requests from the view. string requestedAccessLevel = this.ACCESS_LEVEL_FIELD.Value ?? string.Empty; string requestedDelegeeIdentity = this.DELEGEE_IDENTITY.Value ?? string.Empty; if (HttpContext.Current.Session != null && HttpContext.Current.Session.Contents["UserData"] != null) { CurrentSession = (UserSession)HttpContext.Current.Session.Contents["UserData"]; user_email = CurrentSession.User.SipAccount.ToLower(); if (this.ACCESS_LEVEL_FIELD != null) { status = athenticator.AuthenticateUser(user_email, this.password.Text, out msg); AuthenticationMessage = msg; /** * ------- * To spoof identity for intermediate authentication * status = true; * /* -------- **/ if (status == true) { //System Admin if (requestedAccessLevel == Functions.SystemAdminRoleName) { CurrentSession.ActiveRoleName = Functions.SystemAdminRoleName; Response.Redirect(GetHomepageLink(Functions.SystemAdminRoleName)); } //Sites Admin else if (requestedAccessLevel == Functions.SiteAdminRoleName) { CurrentSession.ActiveRoleName = Functions.SiteAdminRoleName; Response.Redirect(GetHomepageLink(Functions.SiteAdminRoleName)); } //Sites Accountant else if (requestedAccessLevel == Functions.SiteAccountantRoleName) { CurrentSession.ActiveRoleName = Functions.SiteAccountantRoleName; Response.Redirect(GetHomepageLink(Functions.SiteAccountantRoleName)); } //Departments Head else if (requestedAccessLevel == Functions.DepartmentHeadRoleName) { CurrentSession.ActiveRoleName = Functions.DepartmentHeadRoleName; Response.Redirect(GetHomepageLink(Functions.DepartmentHeadRoleName)); } //Sites Delegee else if (requestedAccessLevel == Functions.SiteDelegeeRoleName) { var role = CurrentSession.SiteDelegateRoles.Find(someRole => someRole.ManagedSite != null && someRole.ManagedUserSipAccount == requestedDelegeeIdentity); if (role != null) { SwitchToDelegeeAndRedirect(role.ManagedUserSipAccount, role.ManagedSite, Global.DATABASE.Roles.SiteDelegeeRoleID); } } //Departments Delegee else if (requestedAccessLevel == Functions.DepartmentDelegeeRoleName) { var role = CurrentSession.DepartmentDelegateRoles.Find(someRole => someRole.ManagedSiteDepartment != null && someRole.ManagedUserSipAccount == requestedDelegeeIdentity); if (role != null) { SwitchToDelegeeAndRedirect(role.ManagedUserSipAccount, role.ManagedSiteDepartment, Global.DATABASE.Roles.DepartmentDelegeeRoleID); } } //Users Delegee else if (requestedAccessLevel == Functions.UserDelegeeRoleName && this.DELEGEE_IDENTITY != null) { var role = CurrentSession.UserDelegateRoles.Find(someRole => someRole.ManagedUser != null && someRole.ManagedUserSipAccount == requestedDelegeeIdentity); if (role != null) { SwitchToDelegeeAndRedirect(role.ManagedUserSipAccount, role.ManagedUser, Global.DATABASE.Roles.UserDelegeeRoleID); } } //the value of the access_level hidden field has changed - fraud value! CurrentSession.ActiveRoleName = Functions.NormalUserRoleName; Response.Redirect(GetHomepageLink(Functions.NormalUserRoleName)); } } else { //the value of the access_level hidden field has changed - fraud value! CurrentSession.ActiveRoleName = Functions.NormalUserRoleName; Response.Redirect(GetHomepageLink(Functions.NormalUserRoleName)); } //Setup the authentication message. AuthenticationMessage = (!string.IsNullOrEmpty(AuthenticationMessage)) ? ("* " + AuthenticationMessage) : ""; } else { Response.Redirect(GetHomepageLink("login")); } }
protected void LogIn(object sender, EventArgs e) { UserSession session = new UserSession(); AdUserInfo userInfo = new AdUserInfo(); List <SystemRole> userSystemRoles = new List <SystemRole>(); LyncBillingBase.DataModels.User existingiBillUser; LyncBillingBase.DataModels.User iBillUser = new LyncBillingBase.DataModels.User(); //START bool status = false; string msg = string.Empty; if (IsValid) { status = ADConnector.AuthenticateUser(Email.Text, Password.Text, out msg); AuthenticationMessage = msg; // Impersonation example // email.Text = "*****@*****.**"; // status = true; if (status == true) { userInfo = ADConnector.GetUserAttributes(Email.Text); // Users Information was found in active directory if (userInfo != null && !string.IsNullOrEmpty(userInfo.SipAccount)) { //Try to get user from the database existingiBillUser = Global.DATABASE.Users.GetBySipAccount(userInfo.SipAccount.Replace("sip:", "")); //Update the user, if exists and if his/her info has changed... Insert te Users if s/he doesn't exist if (existingiBillUser != null) { //Make sure the user record was updated by ActiveDirectory and not by the System Admin //If the system admin has updated this user then you cannot update his record from Active Directory if (existingiBillUser.UpdatedByAd == Convert.ToByte(true)) { //If user information from Active directory doesnt match the one in Users Table : update user table if (existingiBillUser.EmployeeId.ToString() != userInfo.EmployeeId || existingiBillUser.FullName != String.Format("{0} {1}", userInfo.FirstName, userInfo.LastName) || existingiBillUser.SiteName != userInfo.PhysicalDeliveryOfficeName || existingiBillUser.DepartmentName != userInfo.department || existingiBillUser.TelephoneNumber != HelperFunctions.FormatUserTelephoneNumber(userInfo.Telephone)) { int employeeID = 0; // Validate employeeID if it could be parsed as integer or not bool result = Int32.TryParse(userInfo.EmployeeId, out employeeID); if (result) { iBillUser.EmployeeId = employeeID; } else { iBillUser.EmployeeId = 0; } iBillUser.SipAccount = userInfo.SipAccount.Replace("sip:", ""); iBillUser.FullName = String.Format("{0} {1}", userInfo.FirstName, userInfo.LastName); iBillUser.TelephoneNumber = HelperFunctions.FormatUserTelephoneNumber(userInfo.Telephone); iBillUser.DepartmentName = userInfo.department; iBillUser.SiteName = userInfo.PhysicalDeliveryOfficeName; iBillUser.UpdatedByAd = Convert.ToByte(true); Global.DATABASE.Users.Update(iBillUser); } } } else { // If user not found in Users tables that means this is his first login : insert his information into Users table int employeeID = 0; bool result = Int32.TryParse(userInfo.EmployeeId, out employeeID); if (result) { iBillUser.EmployeeId = employeeID; } else { iBillUser.EmployeeId = 0; } iBillUser.SipAccount = userInfo.SipAccount.Replace("sip:", ""); iBillUser.FullName = String.Format("{0} {1}", userInfo.FirstName, userInfo.LastName); iBillUser.TelephoneNumber = HelperFunctions.FormatUserTelephoneNumber(userInfo.Telephone); iBillUser.DepartmentName = userInfo.department; iBillUser.SiteName = userInfo.PhysicalDeliveryOfficeName; iBillUser.UpdatedByAd = Convert.ToByte(true); Global.DATABASE.Users.Insert(iBillUser); } // //Assign the current userInfo to the UserSession fields. SetUserSessionFields(ref session, userInfo); // // Encrypt the password and assign it to the session session.EncryptedPassword = Global.ENCRYPTION.EncryptRijndael(Password.Text); Session.Add("UserData", session); if (this.RedirectToUrl != null && !string.IsNullOrEmpty(this.RedirectToUrl.Value)) { Response.Redirect(this.RedirectToUrl.Value); } else { Response.Redirect(String.Format(@"{0}/User/Dashboard", Global.APPLICATION_URL)); } }//end-if-userInfo-noteq-null else { AuthenticationMessage = "Invalid ActiveDirectory Account."; } }//end-if-status-is-true if (AuthenticationMessage.ToString() != string.Empty) { AuthenticationMessage = "* " + AuthenticationMessage; } } //end-if-valid } //end-function