public ActionResult Login(LoginViewModel model, string returnUrl) { try { if (!ModelState.IsValid) { return(View(model)); } CEUserManager ceUserManager = new CEUserManager(); SHA1HashProvider sHA1HashProvider = new SHA1HashProvider(); User anActiveOrBlockedUser = ceUserManager.GetSigningUserByEmail(model.Email); if (anActiveOrBlockedUser != null && sHA1HashProvider.CheckHashSHA1(model.Password, anActiveOrBlockedUser.Password, 8)) { UserDTO userDTO = EntityDTOHelper.GetEntityDTO <User, UserDTO>(anActiveOrBlockedUser); AuthenticatedUserInfo authenticatedUserInfo = new AuthenticatedUserInfo(userDTO); ceUserManager.SignInUser(HttpContext, string.Format("{0}", authenticatedUserInfo.FullName), false); Session["loggeduser"] = authenticatedUserInfo; SessionManager.RegisterSessionActivity(loggedInAt: DateTime.Now); return(this.RedirectToLocal(returnUrl)); } ModelState.AddModelError(string.Empty, "Login attempt failed."); } catch (Exception e) { System.Diagnostics.Trace.WriteLine(e); } return(this.View(model)); }
protected override void Dispose(bool disposing) { if (disposing && ceUserManager != null) { ceUserManager = null; } base.Dispose(disposing); }
public ActionResult ForgotPassword(ForgotPasswordViewModel model) { SessionManager.RegisterSessionActivity(); if (ModelState.IsValid) { User anActiveOrBlockedUser = null; CEUserManager ceUserManager = new CEUserManager(); anActiveOrBlockedUser = ceUserManager.GetSigningUserByEmail(model.Email); if (anActiveOrBlockedUser == null) { // Don't reveal that the user does not exist or is not confirmed return(View("ForgotPasswordConfirmation")); } // For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=320771 // Send an email with this link string longTicks = DateTime.Now.Ticks.ToString(), code = DataSecurityTripleDES.GetEncryptedText(longTicks); using (CraveatsDbContext craveatsDbContext = new CraveatsDbContext()) { User anUser = craveatsDbContext.User.First(u => u.Id == anActiveOrBlockedUser.Id); anUser.ResetCode = longTicks; anUser.ResetCodeExpiry = DateTime.Now.AddDays(1); anUser.ResetCodeSentAt = DateTime.Now; anUser.LastUpdated = DateTime.Now; craveatsDbContext.SaveChanges(); } var callbackUrl = Url.Action("ResetPassword", "Login", new { userId = DataSecurityTripleDES.GetEncryptedText(anActiveOrBlockedUser.Id), code = code }, protocol: Request.Url.Scheme); StringBuilder sbSubject = new StringBuilder("Craveats reset password request"), sbEmailBody = new StringBuilder("<p>Dear [FullName],</p><p>We have received a request that you would like to reset your account password with us." + "Please reset your password by clicking <a href=\"" + callbackUrl + "\">here</a></p><p>Thank you.</p><p>Craveats</p>"); CommunicationServiceProvider.SendOutgoingNotification( new MailAddress( anActiveOrBlockedUser.EmailAddress, string.Format("{0}{1}{2}", anActiveOrBlockedUser?.FirstName, " ", anActiveOrBlockedUser?.Surname).Trim()), sbSubject.ToString(), sbEmailBody.Replace("[FullName]", string.Format("{0}{1}{2}", anActiveOrBlockedUser?.FirstName, " ", anActiveOrBlockedUser?.Surname).Trim()).ToString()); return(RedirectToAction("ForgotPasswordConfirmation", "Login")); } // If we got this far, something failed, redisplay form return(View(model)); }
public ActionResult ResetPassword(ResetPasswordViewModel model) { if (!ModelState.IsValid) { return(View(model)); } User anActiveOrBlockedUser = null; CEUserManager ceUserManager = new CEUserManager(); int userIDFromRequest = 0; string plainCode = null, errorInTranslation = string.Empty; try { userIDFromRequest = int.Parse(DataSecurityTripleDES.GetPlainText(model.UserId)); plainCode = DataSecurityTripleDES.GetPlainText(model.Code); DateTime minExpiry = DateTime.Now; using (CraveatsDbContext craveatsDbContext = new CraveatsDbContext()) { anActiveOrBlockedUser = craveatsDbContext.User.First(u => u.Id == userIDFromRequest && u.ResetCode == plainCode && (!u.ResetCodeExpiry.HasValue || u.ResetCodeExpiry >= minExpiry)); anActiveOrBlockedUser.ResetCodeExpiry = DateTime.Now; anActiveOrBlockedUser.ResetCode = null; anActiveOrBlockedUser.Password = new SHA1HashProvider().SecureSHA1(model.Password.Trim()); anActiveOrBlockedUser.LastUpdated = DateTime.Now; craveatsDbContext.SaveChanges(); } } catch (Exception e) { Trace.WriteLine(e); } return(RedirectToAction("ResetPasswordConfirmation", "Account")); }
public ActionResult EditDinerProfile(CraveatsDinerViewModel model, string returnUrl) { try { if (!ModelState.IsValid) { return(View(model)); } CEUserManager ceUserManager = new CEUserManager(); if (model.Id?.Length > 0) { UserDTO userDTO = new UserDTO() { Id = model.Id, FirstName = model.FirstName, Surname = model.Surname, ContactNumber = model.ContactNumber, LastUpdated = DateTime.Now }; ceUserManager.SaveUserDetail(userDTO); return(RedirectToAction("CraveatsDiner", "Profile")); } ModelState.AddModelError(string.Empty, "Save attempt failed."); //ModelState.AddModelError(string.Empty, "Login attempt failed."); } catch (Exception e) { System.Diagnostics.Trace.WriteLine(e); } return(this.View(model)); }
public ActionResult AddAddress(AddressViewModel model, string returnUrl) { SessionManager.RegisterSessionActivity(); IEnumerable <string> regionAliases = GetAllRegionAliases(); model.RegionAliases = GenUtil.GetSelectListItems(regionAliases); if (ModelState.IsValid) { AuthenticatedUserInfo authenticatedUserInfo = Session["loggeduser"] as AuthenticatedUserInfo; if (authenticatedUserInfo != null) { int ownerType = model.OwnerType?.Length > 0 ? int.Parse(DataSecurityTripleDES.GetPlainText(model.OwnerType)) : -1; int ownerId = model.OwnerId?.Length > 0 ? int.Parse(DataSecurityTripleDES.GetPlainText(model.OwnerType)) : -1; DAL.User addressOwner = null; if (!(ownerType > -1 && ownerId > 0)) { addressOwner = new CEUserManager().FindById( int.Parse(DataSecurityTripleDES.GetPlainText(authenticatedUserInfo.UserId))); } DataProvider dataProvider = new DataProvider(); AddressDTO addressDTO = new AddressDTO() { City = model.City, Line1 = model.Line1, Line2 = model.Line2, Postcode = model.Postcode, RegionAlias = model.RegionAlias }; if (addressOwner != null && !addressOwner.AddressId.HasValue) { addressDTO.OwnerType = (int)Common.OwnerTypeEnum.User; addressDTO.OwnerId = authenticatedUserInfo.UserId; using (DAL.CraveatsDbContext c = new DAL.CraveatsDbContext()) { addressDTO.RegionId = DataSecurityTripleDES.GetEncryptedText( c.Region.FirstOrDefault(r => r.CountryISO2 == "CA" && r.RegionAlias == addressDTO.RegionAlias).Id); addressDTO.CountryId = DataSecurityTripleDES.GetEncryptedText( c.Country.FirstOrDefault(s => s.ISO2 == "CA").Id); DAL.Address newAddress = EntityDTOHelper.MapToEntity <AddressDTO, DAL.Address>( addressDTO, null, true); newAddress.AddressStatus = (int?)Common.AddressStatusEnum.Active; c.Entry(newAddress).State = System.Data.Entity.EntityState.Added; c.SaveChanges(); addressOwner = c.User.FirstOrDefault(u => u.Id == newAddress.OwnerId.Value); addressOwner.AddressId = newAddress.Id; addressOwner.LastUpdated = DateTime.Now; c.SaveChanges(); return(RedirectToAction("ProfileView", "Profile")); } } else if (ownerType > -1 && ownerId > 0) { addressDTO.OwnerType = ownerType; addressDTO.OwnerId = model.OwnerId; using (DAL.CraveatsDbContext c = new DAL.CraveatsDbContext()) { addressDTO.RegionId = DataSecurityTripleDES.GetEncryptedText( c.Region.FirstOrDefault(r => r.CountryISO2 == "CA" && r.RegionAlias == addressDTO.RegionAlias).Id); addressDTO.CountryId = DataSecurityTripleDES.GetEncryptedText( c.Country.FirstOrDefault(s => s.ISO2 == "CA").Id); DAL.Address newAddress = EntityDTOHelper.MapToEntity <AddressDTO, DAL.Address>( addressDTO, null, true); newAddress.AddressStatus = (int?)Common.AddressStatusEnum.Active; c.Entry(newAddress).State = System.Data.Entity.EntityState.Added; c.SaveChanges(); DAL.Restaurant restaurant = c.Restaurant.FirstOrDefault(u => u.Id == newAddress.OwnerId.Value); restaurant.AddressId = newAddress.Id; restaurant.LastUpdated = DateTime.Now; c.SaveChanges(); return(RedirectToAction("Index", "RestaurantMenu", new { ownerType = DataSecurityTripleDES.GetEncryptedText((int)Common.OwnerTypeEnum.ServiceProvider), ownerId = DataSecurityTripleDES.GetEncryptedText(restaurant.Id) })); } } ModelState.AddModelError("", "An address exists for this owner."); } } // Something is not right - so render the registration page again, // keeping the data user has entered by supplying the model. return(View(model)); }