public static void AddToUserLog(string str, long usrID = 0)
{
long u = (long)val(GetCurrentUserDetails("ID"));
if (u > 0)
{
usrID = u;
}
if (usrID > 0)
{
UserLog usrlg = new UserLog
{
AccessDate = DateTime.Now,
AccessIP = HttpContext.Current.Request.UserHostAddress,
AccessType = str,
UserID = usrID
};
using (DBAuthContext db = new DBAuthContext())
{
db.UserLogs.Add(usrlg);
db.SaveChanges();
}
}
}
public static string getConfigValue(string appKey)
{
string retVal = "";
DBAuthContext dba = new DBAuthContext();
var v = (from s in dba.AppConfigurations
where s.AppKey == appKey
select new { s.AppConfigValue }).SingleOrDefault();
if (v != null)
{
retVal = v.AppConfigValue;
}
return(retVal);
}
public ActionResult ForgotPassword(ForgotPasswordViewModel model, string returnUrl)
{
// Lets first check if the Model is valid or not
if (ModelState.IsValid)
{
using (DBAuthContext entities = new DBAuthContext())
{
string username = model.EmailAddress;
string email = model.EmailAddress;
// Now if our password was enctypted or hashed we would have done the
// same operation on the user entered password here, But for now
// since the password is in plain text lets just authenticate directly
var userPassword = entities.Users.Where(user => user.LoginName == username && user.EmailAddress == email).Select(user => user.Password).SingleOrDefault();
// User found in the database
if (userPassword != null)
{
string Link = System.Web.HttpContext.Current.Request.Url.Scheme + "://" + System.Web.HttpContext.Current.Request.Url.Host + (System.Web.HttpContext.Current.Request.Url.Port == 80 ? string.Empty : ":" + System.Web.HttpContext.Current.Request.Url.Port) + Url.Action("ActivateLine", "Account", new { EmailId = username });
string Check = GenFx.EmailToUserifComplaintAdded(username, userPassword, "");
if (Check == "1")
{
Session["siteMsgTyp"] = "success";
Session["siteMsg"] = "You are Password send your Email Address.Check it";
return(RedirectToAction("Login", "Account"));
}
else
{
Session["siteMsgTyp"] = "error";
Session["siteMsg"] = "You are Password cant not send your Email Address.Please try Again...";
}
//ModelState.AddModelError("", "Your Password is " + userPassword + ".");
}
else
{
ModelState.AddModelError("", "The user name or email address provided is incorrect.");
}
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public static string GetCurrentUserDetails(string columnName)
{
String retVal = "";
string username = HttpContext.Current.User.Identity.Name.ToString();
using (DBAuthContext db = new DBAuthContext())
{
//GetType().GetProperty(columnName).GetValue(x)
if (columnName == "ID")
{
retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.ID.ToString()).SingleOrDefault();
}
else if (columnName == "FullName")
{
retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.FirstName.ToString() + " " + x.LastName.ToString()).SingleOrDefault();
}
else if (columnName == "EmailAddress")
{
retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.EmailAddress.ToString()).SingleOrDefault();
}
else if (columnName == "UserImage")
{
retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.UserImage.ToString()).SingleOrDefault();
}
else if (columnName == "Role")
{
retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.Role.RoleName.ToString()).SingleOrDefault();
}
else if (columnName == "RoleID")
{
retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.Role.ID.ToString()).SingleOrDefault();
}
//else if (columnName == "AttachedCustomerID")
//{
// retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.CustomerID.ToString()).SingleOrDefault();
//}
else
{
retVal = columnName;
}
}
return(retVal);
}
public static void PopulatePermission()
{
Assembly asm = Assembly.GetAssembly(typeof(Cremcircle.MvcApplication));
var controlleractionlist = asm.GetTypes()
.Where(type => typeof(System.Web.Mvc.Controller).IsAssignableFrom(type))
.SelectMany(type => type.GetMethods(BindingFlags.Instance | BindingFlags.DeclaredOnly | BindingFlags.Public))
.Where(m => !m.GetCustomAttributes(typeof(System.Runtime.CompilerServices.CompilerGeneratedAttribute), true).Any())
.Select(x => new { Controller = x.DeclaringType.Name, Action = x.Name, ReturnType = x.ReturnType.Name, Attributes = String.Join(",", x.GetCustomAttributes().Select(a => a.GetType().Name.Replace("Attribute", ""))) })
.OrderBy(x => x.Controller).ThenBy(x => x.Action).ToList();
//HttpContext.Current.Response.Write("<table width='100%' cellspacing='5' cellpadding='5' border='1'><tr><td>Ctr</td><td>Controller</td><td>Action</td><td>Attributes</td><td>ReturnType</td></tr>");
//int ctr = 1;
foreach (var item in controlleractionlist)
{
if (item.Attributes.Contains("AuthorizeUserRoles"))
{
//HttpContext.Current.Response.Write("<tr><td>" + ctr + "</td><td>" + item.Controller + "</td><td>" + item.Action + "</td><td>" + item.Attributes + "</td><td>" + item.ReturnType + "</td></tr>");
//ctr++;
// Add to the permissions table
using (DBAuthContext db = new DBAuthContext())
{
//check if exixting
var existingPermissionCount = db.Permissions.Count(pe => pe.GroupName == "Object Level" && pe.ControllerName == item.Controller && pe.ActionName == item.Action);
if (existingPermissionCount == 0)
{
Permission pe = new Permission
{
GroupName = "Object Level",
ControllerName = item.Controller,
ActionName = item.Action,
OnlyAdminHidden = false
};
db.Permissions.Add(pe);
db.SaveChanges();
}
}
}
}
//HttpContext.Current.Response.Write("</table>");
//HttpContext.Current.Response.End();
}
public static Boolean IsUserAuthorized(string actionName, string controllerName, string loginName = "")
{
string username = "";
DBAuthContext db = new DBAuthContext();
if (loginName == "")
{
username = HttpContext.Current.User.Identity.Name.ToString();
}
//split controller names
string[] cntrlers = controllerName.Split(',');
//check if the logged in user has access to this page
var SecurityTemplate_ID = (from u in db.Users
where u.LoginName == username
select u.SecurityTemplateID).FirstOrDefault();
//If Administrator == ID(1), then allow
if (SecurityTemplate_ID == 1)
{
//Authorized => let him in
return(true);
}
//
var v = (from a in db.SecurityTemplatePermissions
select new { a.SecurityTemplateID, a.Permission.ControllerName, a.Permission.ActionName });
v = v.Where(a => cntrlers.Contains(a.ControllerName.Replace("Controller", "")));
v = v.Where(a => a.SecurityTemplateID == SecurityTemplate_ID);
//new code
string FindAtionNamebaseonControllerName = "";
foreach (var p in v)
{
FindAtionNamebaseonControllerName += p.ActionName + ",";
}
if (!string.IsNullOrEmpty(FindAtionNamebaseonControllerName))
{
FindAtionNamebaseonControllerName = FindAtionNamebaseonControllerName.Remove(FindAtionNamebaseonControllerName.Length - 1, 1);
}
string[] actionlers = FindAtionNamebaseonControllerName.Split(',');
//SEARCHING...
if (!string.IsNullOrEmpty(actionName))
{
v = v.Where(a => a.ActionName == actionName);
}
else
{
v = v.Where(a => actionlers.Contains(a.ActionName));
}
//end new code
//SEARCHING...
//old code
//if (!string.IsNullOrEmpty(actionName))
//{
// v = v.Where(a => a.ActionName == actionName);
//}
//else
//{
// v = v.Where(a => a.ActionName == "Index");
//}
//end old code
int count = v.Count();
if (count > 0)
{
//Authorized => let him in
return(true);
}
return(false);
}
public ActionResult Login(LoginViewModel model, string returnUrl)
{
// Lets first check if the Model is valid or not
if (ModelState.IsValid)
{
using (DBAuthContext entities = new DBAuthContext())
{
string username = model.LoginName;
string password = model.Password;
bool CheckUserActiveornot = entities.Users.Any(user => user.LoginName == username && user.IsActive == false);
if (CheckUserActiveornot)
{
Session["siteMsgTyp"] = "error";
//Congrats on signing up for Zoom!In order to activate your account please click the button below to verify your email address:
Session["siteMsg"] = "Please Activate Your Account using link send your Email Address";
return(RedirectToAction("Login", "Account"));
}
// Now if our password was enctypted or hashed we would have done the
// same operation on the user entered password here, But for now
// since the password is in plain text lets just authenticate directly
bool userValid = entities.Users.Any(user => user.LoginName == username && user.Password == password);
// User found in the database
if (userValid)
{
//var userData = "";
//var identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username), }, DefaultAuthenticationTypes.ApplicationCookie);
//var ticket = new FormsAuthenticationTicket(1, username, DateTime.UtcNow, DateTime.UtcNow.AddMinutes(30), false, userData, FormsAuthentication.FormsCookiePath);
//var encryptedTicket = FormsAuthentication.Encrypt(ticket);
//var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { HttpOnly = true };
//Response.Cookies.Add(authCookie);
//AuthenticationManager.SignIn(identity);
FormsAuthentication.SetAuthCookie(username, false);
//Update User Log
long userid = entities.Users.Where(user => user.LoginName == username && user.Password == password).Select(user => user.ID).Single();
GenFx.AddToUserLog("Login", userid);
if (model.ChkRememberMe.Equals(true))
{
Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(30);
Response.Cookies["Password"].Expires = DateTime.Now.AddDays(30);
}
else
{
Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(-1);
Response.Cookies["Password"].Expires = DateTime.Now.AddDays(-1);
}
Response.Cookies["UserName"].Value = model.LoginName;
Response.Cookies["Password"].Value = model.Password;
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") &&
!returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return(Redirect(returnUrl));
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
