private UserLoginLog prepareLog(HttpContext ctx, string email) { string browserAgent = Helper.GetRequestAgent(ctx); int browserAgentID = 0; try { string friendlyName = Helper.GetBrowserName(ctx); using (var _lu = new BegiumLogUnit()) { browserAgentID = _lu.BrowserAgentUnit.GetBrowserAgentID(browserAgent, friendlyName); } } catch (Exception ex) { _log.Error("Unable to prepare UserLoginLog", ex); } UserLoginLog log = new UserLoginLog() { Login = email, IsSuccess = false, DateLogin = DateTime.Now.ToUniversalTime(), RemoteIP = Helper.GetRequestIP(ctx), Domain = Helper.GetRequestDomain(ctx), BrowserAgentID = short.Parse(browserAgentID.ToString()) }; return(log); }
private bool loginNormalUser(HttpContext ctx, string email, string pwd) { UserLoginLog log = prepareLog(ctx, email); bool result = false; using (var _u = new BegiumUnit()) { User uModel = _u.UserUnit.GetByLogin(email); if (uModel == null) { return(result); } string hashedPwd = Util.Helper.GetSHA256Hash(pwd, uModel.SaltPassword); User uInfo = _u.UserUnit.GetByLogin(email, hashedPwd); using (var _lu = new BegiumLogUnit()) { if (uInfo != null) { // write log log.IsSuccess = true; log.UserID = uInfo.UserID; _lu.UserLoginLogUnit.Insert(log, true); // update last login _u.UserUnit.UpdateEach(x => x.UserID == uInfo.UserID, x => x.DateLastLogin = DateTime.Now.ToUniversalTime(), true); // get user profile pic var img = _u.ImageUnit.GetUniqueImage(uInfo.UserID, Core.ImageType.User); if (img != null) { uInfo.ProfileImgURL = img.URL; } // get agencyName and branchName string agencyName = ""; string branchName = ""; _u.UserUnit.GetBranchNameAgencyNameByUserID(uInfo.AgencyID, uInfo.UserID, ref agencyName, ref branchName); uInfo.AgencyName = agencyName; uInfo.BranchName = branchName; // set user session ctx.Session["CURRENT_USER_INFO"] = uInfo; result = true; } else { // write log log.UserID = 0; _lu.UserLoginLogUnit.Insert(log, true); } } } return(result); }
private bool loginSuperAdmin(HttpContext ctx, string email, string pwd) { UserLoginLog log = prepareLog(ctx, email); bool result = false; using (var _u = new BegiumUnit()) { SuperAdmin sModel = _u.SuperAdminUnit.GetByLogin(email.Trim()); if (sModel == null) { return(result); } string hashedPwd = Util.Helper.GetSHA256Hash(pwd, sModel.SaltPassword); SuperAdmin sInfo = _u.SuperAdminUnit.GetByLogin(email.Trim(), hashedPwd); using (var _lu = new BegiumLogUnit()) { if (sInfo != null) { // write log log.IsSuccess = true; log.UserID = sInfo.SuperAdminID; _lu.UserLoginLogUnit.Insert(log, true); // update last login _u.SuperAdminUnit.UpdateEach(x => x.SuperAdminID == sInfo.SuperAdminID, x => x.DateLastLogin = DateTime.Now.ToUniversalTime(), true); // set user session ctx.Session["CURRENT_USER_INFO"] = sInfo; result = true; } else { // write log log.UserID = 0; _lu.UserLoginLogUnit.Insert(log, true); } } } return(result); }
/// <summary> /// Impersonate user /// </summary> /// <param name="ctx"></param> /// <param name="timeToLive">Specify how many MINUTES should the key live</param> /// <returns></returns> public LoginResult impersonate(HttpContext ctx, int timeToLive = 15) { LoginResult res = new LoginResult(); // IMPORTANT!!! clear all session first ctx.Session.Clear(); using (var _u = new BegiumUnit()) { // Reset Language _u.LocalizationStringUnit.LocalizationDicEn = null; _u.LocalizationStringUnit.LocalizationDicSp = null; Helper.CombineUserSession = null; string token = ctx.Request.Params["token"]; string key = ""; try { key = LoginManager.DecryptImpersonateKey(token); } catch (Exception ex) { _log.Error("Could not DecryptImpersonateKey: " + token, ex); res.Message = "Token is invalid."; return(res); } KeyValuePair <int, DateTime> kv = new KeyValuePair <int, DateTime>(); try { kv = LoginManager.ValidateImpersonateKey(key, 15); } catch (Exception ex) { _log.Error("Could not ValidateImpersonateKey: " + token, ex); res.Message = ex.Message; return(res); } var uInfo = _u.UserUnit.GetByID(kv.Key); if (uInfo == null) { res.Message = "User not found."; return(res); } else if (!uInfo.IsActive) { res.Message = "User is inactive."; return(res); } // everything looks fine now ... try { // write log UserLoginLog log = prepareLog(ctx, uInfo.Email); // append SSO info log.SSOToken = token; log.SSOTimestamp = kv.Value; log.IsSuccess = true; log.UserID = uInfo.UserID; using (var _lu = new BegiumLogUnit()) { _lu.UserLoginLogUnit.Insert(log, true); } // update last login _u.UserUnit.UpdateEach(x => x.UserID == uInfo.UserID, x => x.DateLastLogin = DateTime.Now.ToUniversalTime(), true); // get user profile pic var img = _u.ImageUnit.GetUniqueImage(uInfo.UserID, Core.ImageType.User); if (img != null) { uInfo.ProfileImgURL = img.URL; } // get agencyName and branchName string agencyName = ""; string branchName = ""; _u.UserUnit.GetBranchNameAgencyNameByUserID(uInfo.AgencyID, uInfo.UserID, ref agencyName, ref branchName); uInfo.AgencyName = agencyName; uInfo.BranchName = branchName; // set user session ctx.Session["CURRENT_USER_INFO"] = uInfo; // set cookie FormsAuthentication.SetAuthCookie(uInfo.Email, false); // make response successful res.IsSuccess = true; res.Url = ServerRoot + "/Agency/Index.aspx"; } catch (Exception ex) { _log.Error("Could not finish impersonate process.", ex); res.Message = "Unable to process request. Please try again later."; } } return(res); }
public LoginResult impersonateSetPWForSA(HttpContext ctx) { LoginResult res = new LoginResult(); // IMPORTANT!!! clear all session first ctx.Session.Clear(); using (var _u = new BegiumUnit()) { using (var _ul = new BegiumLogUnit()) { // Reset Language _u.LocalizationStringUnit.LocalizationDicEn = null; _u.LocalizationStringUnit.LocalizationDicSp = null; Helper.CombineUserSession = null; string token = ctx.Request.Params["token"]; string key = ""; try { key = LoginManager.DecryptImpersonateKey(token); } catch (Exception ex) { _log.Error("Could not DecryptImpersonateKey: " + token, ex); res.Message = "Token is invalid."; return(res); } KeyValuePair <int, Guid> kv = new KeyValuePair <int, Guid>(); try { kv = LoginManager.ValidateImpersonateKeySetPW(key); } catch (Exception ex) { _log.Error("Could not ValidateImpersonateKey: " + token, ex); res.Message = ex.Message; return(res); } //valid OTP var otp = _ul.OneTimePWUnit.GetOTPByOTPKey(kv.Key, kv.Value); if (otp == null) { res.Message = "not valid"; return(res); } else if (otp.DateFirstLogin.Year > 1900) { res.Message = "Este enlace ya no es válido"; return(res); } SuperAdmin uInfo = _u.SuperAdminUnit.GetByID(kv.Key); if (uInfo == null) { res.Message = "User not found."; return(res); } else if (!uInfo.IsActive) { res.Message = "User is inactive."; return(res); } // everything looks fine now ... otp.DateFirstLogin = DateTime.UtcNow; _ul.OneTimePWUnit.Update(otp, true); try { // write log UserLoginLog log = prepareLog(ctx, uInfo.Email); // append SSO info log.SSOToken = token; log.SSOTimestamp = DateTime.UtcNow; log.IsSuccess = true; log.UserID = uInfo.SuperAdminID; using (var _lu = new BegiumLogUnit()) { _lu.UserLoginLogUnit.Insert(log, true); } // update last login _u.UserUnit.UpdateEach(x => x.UserID == uInfo.SuperAdminID, x => x.DateLastLogin = DateTime.Now.ToUniversalTime(), true); // set user session ctx.Session["CURRENT_USER_INFO"] = uInfo; // set cookie FormsAuthentication.SetAuthCookie(uInfo.Email, false); // make response successful res.IsSuccess = true; res.Url = "~/SuperAdmin/Agency/AgenciesManager.aspx"; } catch (Exception ex) { _log.Error("Could not finish impersonate process.", ex); res.Message = "Unable to process request. Please try again later."; } } } return(res); }