public static void AddToUserLog(string str, long usrID = 0) { long u = (long)val(GetCurrentUserDetails("ID")); if (u > 0) { usrID = u; } if (usrID > 0) { UserLog usrlg = new UserLog { AccessDate = DateTime.Now, AccessIP = HttpContext.Current.Request.UserHostAddress, AccessType = str, UserID = usrID }; using (DBAuthContext db = new DBAuthContext()) { db.UserLogs.Add(usrlg); db.SaveChanges(); } } }
public static string getConfigValue(string appKey) { string retVal = ""; DBAuthContext dba = new DBAuthContext(); var v = (from s in dba.AppConfigurations where s.AppKey == appKey select new { s.AppConfigValue }).SingleOrDefault(); if (v != null) { retVal = v.AppConfigValue; } return(retVal); }
public ActionResult ForgotPassword(ForgotPasswordViewModel model, string returnUrl) { // Lets first check if the Model is valid or not if (ModelState.IsValid) { using (DBAuthContext entities = new DBAuthContext()) { string username = model.EmailAddress; string email = model.EmailAddress; // Now if our password was enctypted or hashed we would have done the // same operation on the user entered password here, But for now // since the password is in plain text lets just authenticate directly var userPassword = entities.Users.Where(user => user.LoginName == username && user.EmailAddress == email).Select(user => user.Password).SingleOrDefault(); // User found in the database if (userPassword != null) { string Link = System.Web.HttpContext.Current.Request.Url.Scheme + "://" + System.Web.HttpContext.Current.Request.Url.Host + (System.Web.HttpContext.Current.Request.Url.Port == 80 ? string.Empty : ":" + System.Web.HttpContext.Current.Request.Url.Port) + Url.Action("ActivateLine", "Account", new { EmailId = username }); string Check = GenFx.EmailToUserifComplaintAdded(username, userPassword, ""); if (Check == "1") { Session["siteMsgTyp"] = "success"; Session["siteMsg"] = "You are Password send your Email Address.Check it"; return(RedirectToAction("Login", "Account")); } else { Session["siteMsgTyp"] = "error"; Session["siteMsg"] = "You are Password cant not send your Email Address.Please try Again..."; } //ModelState.AddModelError("", "Your Password is " + userPassword + "."); } else { ModelState.AddModelError("", "The user name or email address provided is incorrect."); } } } // If we got this far, something failed, redisplay form return(View(model)); }
public static string GetCurrentUserDetails(string columnName) { String retVal = ""; string username = HttpContext.Current.User.Identity.Name.ToString(); using (DBAuthContext db = new DBAuthContext()) { //GetType().GetProperty(columnName).GetValue(x) if (columnName == "ID") { retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.ID.ToString()).SingleOrDefault(); } else if (columnName == "FullName") { retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.FirstName.ToString() + " " + x.LastName.ToString()).SingleOrDefault(); } else if (columnName == "EmailAddress") { retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.EmailAddress.ToString()).SingleOrDefault(); } else if (columnName == "UserImage") { retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.UserImage.ToString()).SingleOrDefault(); } else if (columnName == "Role") { retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.Role.RoleName.ToString()).SingleOrDefault(); } else if (columnName == "RoleID") { retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.Role.ID.ToString()).SingleOrDefault(); } //else if (columnName == "AttachedCustomerID") //{ // retVal = db.Users.Where(user => user.LoginName == username).Select(x => x.CustomerID.ToString()).SingleOrDefault(); //} else { retVal = columnName; } } return(retVal); }
public static void PopulatePermission() { Assembly asm = Assembly.GetAssembly(typeof(Cremcircle.MvcApplication)); var controlleractionlist = asm.GetTypes() .Where(type => typeof(System.Web.Mvc.Controller).IsAssignableFrom(type)) .SelectMany(type => type.GetMethods(BindingFlags.Instance | BindingFlags.DeclaredOnly | BindingFlags.Public)) .Where(m => !m.GetCustomAttributes(typeof(System.Runtime.CompilerServices.CompilerGeneratedAttribute), true).Any()) .Select(x => new { Controller = x.DeclaringType.Name, Action = x.Name, ReturnType = x.ReturnType.Name, Attributes = String.Join(",", x.GetCustomAttributes().Select(a => a.GetType().Name.Replace("Attribute", ""))) }) .OrderBy(x => x.Controller).ThenBy(x => x.Action).ToList(); //HttpContext.Current.Response.Write("<table width='100%' cellspacing='5' cellpadding='5' border='1'><tr><td>Ctr</td><td>Controller</td><td>Action</td><td>Attributes</td><td>ReturnType</td></tr>"); //int ctr = 1; foreach (var item in controlleractionlist) { if (item.Attributes.Contains("AuthorizeUserRoles")) { //HttpContext.Current.Response.Write("<tr><td>" + ctr + "</td><td>" + item.Controller + "</td><td>" + item.Action + "</td><td>" + item.Attributes + "</td><td>" + item.ReturnType + "</td></tr>"); //ctr++; // Add to the permissions table using (DBAuthContext db = new DBAuthContext()) { //check if exixting var existingPermissionCount = db.Permissions.Count(pe => pe.GroupName == "Object Level" && pe.ControllerName == item.Controller && pe.ActionName == item.Action); if (existingPermissionCount == 0) { Permission pe = new Permission { GroupName = "Object Level", ControllerName = item.Controller, ActionName = item.Action, OnlyAdminHidden = false }; db.Permissions.Add(pe); db.SaveChanges(); } } } } //HttpContext.Current.Response.Write("</table>"); //HttpContext.Current.Response.End(); }
public static Boolean IsUserAuthorized(string actionName, string controllerName, string loginName = "") { string username = ""; DBAuthContext db = new DBAuthContext(); if (loginName == "") { username = HttpContext.Current.User.Identity.Name.ToString(); } //split controller names string[] cntrlers = controllerName.Split(','); //check if the logged in user has access to this page var SecurityTemplate_ID = (from u in db.Users where u.LoginName == username select u.SecurityTemplateID).FirstOrDefault(); //If Administrator == ID(1), then allow if (SecurityTemplate_ID == 1) { //Authorized => let him in return(true); } // var v = (from a in db.SecurityTemplatePermissions select new { a.SecurityTemplateID, a.Permission.ControllerName, a.Permission.ActionName }); v = v.Where(a => cntrlers.Contains(a.ControllerName.Replace("Controller", ""))); v = v.Where(a => a.SecurityTemplateID == SecurityTemplate_ID); //new code string FindAtionNamebaseonControllerName = ""; foreach (var p in v) { FindAtionNamebaseonControllerName += p.ActionName + ","; } if (!string.IsNullOrEmpty(FindAtionNamebaseonControllerName)) { FindAtionNamebaseonControllerName = FindAtionNamebaseonControllerName.Remove(FindAtionNamebaseonControllerName.Length - 1, 1); } string[] actionlers = FindAtionNamebaseonControllerName.Split(','); //SEARCHING... if (!string.IsNullOrEmpty(actionName)) { v = v.Where(a => a.ActionName == actionName); } else { v = v.Where(a => actionlers.Contains(a.ActionName)); } //end new code //SEARCHING... //old code //if (!string.IsNullOrEmpty(actionName)) //{ // v = v.Where(a => a.ActionName == actionName); //} //else //{ // v = v.Where(a => a.ActionName == "Index"); //} //end old code int count = v.Count(); if (count > 0) { //Authorized => let him in return(true); } return(false); }
public ActionResult Login(LoginViewModel model, string returnUrl) { // Lets first check if the Model is valid or not if (ModelState.IsValid) { using (DBAuthContext entities = new DBAuthContext()) { string username = model.LoginName; string password = model.Password; bool CheckUserActiveornot = entities.Users.Any(user => user.LoginName == username && user.IsActive == false); if (CheckUserActiveornot) { Session["siteMsgTyp"] = "error"; //Congrats on signing up for Zoom!In order to activate your account please click the button below to verify your email address: Session["siteMsg"] = "Please Activate Your Account using link send your Email Address"; return(RedirectToAction("Login", "Account")); } // Now if our password was enctypted or hashed we would have done the // same operation on the user entered password here, But for now // since the password is in plain text lets just authenticate directly bool userValid = entities.Users.Any(user => user.LoginName == username && user.Password == password); // User found in the database if (userValid) { //var userData = ""; //var identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, username), }, DefaultAuthenticationTypes.ApplicationCookie); //var ticket = new FormsAuthenticationTicket(1, username, DateTime.UtcNow, DateTime.UtcNow.AddMinutes(30), false, userData, FormsAuthentication.FormsCookiePath); //var encryptedTicket = FormsAuthentication.Encrypt(ticket); //var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { HttpOnly = true }; //Response.Cookies.Add(authCookie); //AuthenticationManager.SignIn(identity); FormsAuthentication.SetAuthCookie(username, false); //Update User Log long userid = entities.Users.Where(user => user.LoginName == username && user.Password == password).Select(user => user.ID).Single(); GenFx.AddToUserLog("Login", userid); if (model.ChkRememberMe.Equals(true)) { Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(30); Response.Cookies["Password"].Expires = DateTime.Now.AddDays(30); } else { Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(-1); Response.Cookies["Password"].Expires = DateTime.Now.AddDays(-1); } Response.Cookies["UserName"].Value = model.LoginName; Response.Cookies["Password"].Value = model.Password; if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\")) { return(Redirect(returnUrl)); } else { return(RedirectToAction("Index", "Home")); } } else { ModelState.AddModelError("", "The user name or password provided is incorrect."); } } } // If we got this far, something failed, redisplay form return(View(model)); }