public ActionResult Login(LoginViewModel model, string returnUrl)
{
try
{
if (!ModelState.IsValid)
{
return(View(model));
}
CEUserManager ceUserManager = new CEUserManager();
SHA1HashProvider sHA1HashProvider = new SHA1HashProvider();
User anActiveOrBlockedUser = ceUserManager.GetSigningUserByEmail(model.Email);
if (anActiveOrBlockedUser != null && sHA1HashProvider.CheckHashSHA1(model.Password, anActiveOrBlockedUser.Password, 8))
{
UserDTO userDTO = EntityDTOHelper.GetEntityDTO <User, UserDTO>(anActiveOrBlockedUser);
AuthenticatedUserInfo authenticatedUserInfo = new AuthenticatedUserInfo(userDTO);
ceUserManager.SignInUser(HttpContext, string.Format("{0}", authenticatedUserInfo.FullName), false);
Session["loggeduser"] = authenticatedUserInfo;
SessionManager.RegisterSessionActivity(loggedInAt: DateTime.Now);
return(this.RedirectToLocal(returnUrl));
}
ModelState.AddModelError(string.Empty, "Login attempt failed.");
}
catch (Exception e)
{
System.Diagnostics.Trace.WriteLine(e);
}
return(this.View(model));
}
protected override void Dispose(bool disposing)
{
if (disposing && ceUserManager != null)
{
ceUserManager = null;
}
base.Dispose(disposing);
}
public ActionResult ForgotPassword(ForgotPasswordViewModel model)
{
SessionManager.RegisterSessionActivity();
if (ModelState.IsValid)
{
User anActiveOrBlockedUser = null;
CEUserManager ceUserManager = new CEUserManager();
anActiveOrBlockedUser = ceUserManager.GetSigningUserByEmail(model.Email);
if (anActiveOrBlockedUser == null)
{
// Don't reveal that the user does not exist or is not confirmed
return(View("ForgotPasswordConfirmation"));
}
// For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
string longTicks = DateTime.Now.Ticks.ToString(),
code = DataSecurityTripleDES.GetEncryptedText(longTicks);
using (CraveatsDbContext craveatsDbContext = new CraveatsDbContext())
{
User anUser = craveatsDbContext.User.First(u => u.Id == anActiveOrBlockedUser.Id);
anUser.ResetCode = longTicks;
anUser.ResetCodeExpiry = DateTime.Now.AddDays(1);
anUser.ResetCodeSentAt = DateTime.Now;
anUser.LastUpdated = DateTime.Now;
craveatsDbContext.SaveChanges();
}
var callbackUrl = Url.Action("ResetPassword", "Login", new { userId = DataSecurityTripleDES.GetEncryptedText(anActiveOrBlockedUser.Id), code = code }, protocol: Request.Url.Scheme);
StringBuilder sbSubject = new StringBuilder("Craveats reset password request"),
sbEmailBody = new StringBuilder("<p>Dear [FullName],</p><p>We have received a request that you would like to reset your account password with us." +
"Please reset your password by clicking <a href=\"" + callbackUrl + "\">here</a></p><p>Thank you.</p><p>Craveats</p>");
CommunicationServiceProvider.SendOutgoingNotification(
new MailAddress(
anActiveOrBlockedUser.EmailAddress,
string.Format("{0}{1}{2}", anActiveOrBlockedUser?.FirstName, " ", anActiveOrBlockedUser?.Surname).Trim()),
sbSubject.ToString(),
sbEmailBody.Replace("[FullName]",
string.Format("{0}{1}{2}", anActiveOrBlockedUser?.FirstName, " ", anActiveOrBlockedUser?.Surname).Trim()).ToString());
return(RedirectToAction("ForgotPasswordConfirmation", "Login"));
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public ActionResult ResetPassword(ResetPasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
User anActiveOrBlockedUser = null;
CEUserManager ceUserManager = new CEUserManager();
int userIDFromRequest = 0;
string plainCode = null, errorInTranslation = string.Empty;
try
{
userIDFromRequest = int.Parse(DataSecurityTripleDES.GetPlainText(model.UserId));
plainCode = DataSecurityTripleDES.GetPlainText(model.Code);
DateTime minExpiry = DateTime.Now;
using (CraveatsDbContext craveatsDbContext = new CraveatsDbContext())
{
anActiveOrBlockedUser = craveatsDbContext.User.First(u => u.Id == userIDFromRequest && u.ResetCode == plainCode && (!u.ResetCodeExpiry.HasValue || u.ResetCodeExpiry >= minExpiry));
anActiveOrBlockedUser.ResetCodeExpiry = DateTime.Now;
anActiveOrBlockedUser.ResetCode = null;
anActiveOrBlockedUser.Password = new SHA1HashProvider().SecureSHA1(model.Password.Trim());
anActiveOrBlockedUser.LastUpdated = DateTime.Now;
craveatsDbContext.SaveChanges();
}
}
catch (Exception e)
{
Trace.WriteLine(e);
}
return(RedirectToAction("ResetPasswordConfirmation", "Account"));
}
public ActionResult EditDinerProfile(CraveatsDinerViewModel model, string returnUrl)
{
try
{
if (!ModelState.IsValid)
{
return(View(model));
}
CEUserManager ceUserManager = new CEUserManager();
if (model.Id?.Length > 0)
{
UserDTO userDTO = new UserDTO()
{
Id = model.Id,
FirstName = model.FirstName,
Surname = model.Surname,
ContactNumber = model.ContactNumber,
LastUpdated = DateTime.Now
};
ceUserManager.SaveUserDetail(userDTO);
return(RedirectToAction("CraveatsDiner", "Profile"));
}
ModelState.AddModelError(string.Empty, "Save attempt failed.");
//ModelState.AddModelError(string.Empty, "Login attempt failed.");
}
catch (Exception e)
{
System.Diagnostics.Trace.WriteLine(e);
}
return(this.View(model));
}
public ActionResult AddAddress(AddressViewModel model, string returnUrl)
{
SessionManager.RegisterSessionActivity();
IEnumerable <string> regionAliases = GetAllRegionAliases();
model.RegionAliases = GenUtil.GetSelectListItems(regionAliases);
if (ModelState.IsValid)
{
AuthenticatedUserInfo authenticatedUserInfo = Session["loggeduser"] as AuthenticatedUserInfo;
if (authenticatedUserInfo != null)
{
int ownerType = model.OwnerType?.Length > 0
? int.Parse(DataSecurityTripleDES.GetPlainText(model.OwnerType))
: -1;
int ownerId = model.OwnerId?.Length > 0
? int.Parse(DataSecurityTripleDES.GetPlainText(model.OwnerType))
: -1;
DAL.User addressOwner = null;
if (!(ownerType > -1 && ownerId > 0))
{
addressOwner = new CEUserManager().FindById(
int.Parse(DataSecurityTripleDES.GetPlainText(authenticatedUserInfo.UserId)));
}
DataProvider dataProvider = new DataProvider();
AddressDTO addressDTO = new AddressDTO()
{
City = model.City,
Line1 = model.Line1,
Line2 = model.Line2,
Postcode = model.Postcode,
RegionAlias = model.RegionAlias
};
if (addressOwner != null && !addressOwner.AddressId.HasValue)
{
addressDTO.OwnerType = (int)Common.OwnerTypeEnum.User;
addressDTO.OwnerId = authenticatedUserInfo.UserId;
using (DAL.CraveatsDbContext c = new DAL.CraveatsDbContext())
{
addressDTO.RegionId = DataSecurityTripleDES.GetEncryptedText(
c.Region.FirstOrDefault(r => r.CountryISO2 == "CA" &&
r.RegionAlias == addressDTO.RegionAlias).Id);
addressDTO.CountryId = DataSecurityTripleDES.GetEncryptedText(
c.Country.FirstOrDefault(s => s.ISO2 == "CA").Id);
DAL.Address newAddress = EntityDTOHelper.MapToEntity <AddressDTO, DAL.Address>(
addressDTO, null, true);
newAddress.AddressStatus = (int?)Common.AddressStatusEnum.Active;
c.Entry(newAddress).State = System.Data.Entity.EntityState.Added;
c.SaveChanges();
addressOwner = c.User.FirstOrDefault(u => u.Id == newAddress.OwnerId.Value);
addressOwner.AddressId = newAddress.Id;
addressOwner.LastUpdated = DateTime.Now;
c.SaveChanges();
return(RedirectToAction("ProfileView", "Profile"));
}
}
else if (ownerType > -1 && ownerId > 0)
{
addressDTO.OwnerType = ownerType;
addressDTO.OwnerId = model.OwnerId;
using (DAL.CraveatsDbContext c = new DAL.CraveatsDbContext())
{
addressDTO.RegionId = DataSecurityTripleDES.GetEncryptedText(
c.Region.FirstOrDefault(r => r.CountryISO2 == "CA" &&
r.RegionAlias == addressDTO.RegionAlias).Id);
addressDTO.CountryId = DataSecurityTripleDES.GetEncryptedText(
c.Country.FirstOrDefault(s => s.ISO2 == "CA").Id);
DAL.Address newAddress = EntityDTOHelper.MapToEntity <AddressDTO, DAL.Address>(
addressDTO, null, true);
newAddress.AddressStatus = (int?)Common.AddressStatusEnum.Active;
c.Entry(newAddress).State = System.Data.Entity.EntityState.Added;
c.SaveChanges();
DAL.Restaurant restaurant = c.Restaurant.FirstOrDefault(u => u.Id == newAddress.OwnerId.Value);
restaurant.AddressId = newAddress.Id;
restaurant.LastUpdated = DateTime.Now;
c.SaveChanges();
return(RedirectToAction("Index", "RestaurantMenu", new
{
ownerType = DataSecurityTripleDES.GetEncryptedText((int)Common.OwnerTypeEnum.ServiceProvider),
ownerId = DataSecurityTripleDES.GetEncryptedText(restaurant.Id)
}));
}
}
ModelState.AddModelError("", "An address exists for this owner.");
}
}
// Something is not right - so render the registration page again,
// keeping the data user has entered by supplying the model.
return(View(model));
}
