public IActionResult Login([FromBody] UserLoginDTO userLoginDto)
{
try
{
User user = _eyadtakDbContext.Users.FirstOrDefault(x => x.UserEmail == userLoginDto.Email);
if (user == null || Encription.Decrypt(user?.Password, "SecretCode_hamed") != userLoginDto.Password)
{
return(Ok(new { message = "Wrong Email or Password", ErrorHappen = true }));
}
if (!user.Active)
{
return(Ok(new { message = "Your account is not active yet, please check your email", ErrorHappen = true }));
}
List <int> abilitiesIds = _eyadtakDbContext.Users_Roles.Where(x => x.UserId == user.UserId).Include(x => x.Role).SelectMany(x => x.Role.Role_Ability).Select(x => x.Ability.AbilityId).ToList();
string token = _jwt.GenerateToken(user.UserId);
return(Ok(new { Token = token, AbilitiesIds = abilitiesIds, userName = user.UserName, userEmail = user.UserEmail, ErrorHappen = false }));
}
catch (Exception e)
{
return(Ok(new { message = "Something went wrong", ErrorHappen = true }));
throw e;
}
}
public IActionResult ChangePassword([FromBody] ChangePasswordDTO changePasswordDTO)
{
try
{
int userId = (int)this.HttpContext.Items["userId"];
User userToChangeHisPassword = _eyadtakDbContext.Users.FirstOrDefault(x => x.UserId == userId);
userToChangeHisPassword.Password = Encription.Decrypt(userToChangeHisPassword.Password, "SecretCode_hamed");
if (userToChangeHisPassword.Password != changePasswordDTO.OldPassword)
{
return(Ok(new { message = "Old password is wrong", ErrorHappen = true }));
}
if (changePasswordDTO.NewPassword.Length < 5)
{
return(Ok(new { message = "New password can't be less than 5 char", ErrorHappen = true }));
}
userToChangeHisPassword.Password = Encription.Encrypt(changePasswordDTO.NewPassword, "SecretCode_hamed");
_eyadtakDbContext.Users.Update(userToChangeHisPassword);
_eyadtakDbContext.SaveChanges();
return(Ok(new { message = "Password Changed Successfully", ErrorHappen = false }));
}
catch (Exception e)
{
return(Ok(new { message = "Something went wrong", ErrorHappen = true }));
throw e;
}
}
private bool CorrectPassword(string password)
{
string OriginalPassword = Encription.Decrypt(user.Password, "SecretCode_hamed");
if (OriginalPassword != password)
{
return(false);
}
return(true);
}
/// <summary>
/// Decodes an encrypted string.
/// </summary>
/// <param name="source">The string to decode.</param>
/// <returns>The decoded string.</returns>
private static string Decode(string source)
{
var result = string.Empty;
if (!string.IsNullOrEmpty(source) && !string.IsNullOrWhiteSpace(source))
{
var encription = new Encription();
result = encription.Decrypt(source);
}
return(result);
}
public ActionResult ChangePassword([FromBody] ChangePasswordDto changePasswordDto)
{
User user = userData.GetUser(HttpContext);
user.Password = Encription.Decrypt(user.Password, "SecretCode_hamed");
if (user.Password != changePasswordDto.OldPassword)
{
return(Json(new { statusCode = ResponseStatus.ValidationError, responseMessage = ValidationMessages.IncorrectPassword }));
}
if (changePasswordDto.NewPassword.Length < 5)
{
return(Json(new { statusCode = ResponseStatus.ValidationError, responseMessage = ValidationMessages.ShortPassword }));
}
user.Password = Encription.Encrypt(changePasswordDto.NewPassword, "SecretCode_hamed");
db.Users.Update(user);
db.SaveChanges();
userData.SetUser(HttpContext, user);
return(Json(new { statusCode = ResponseStatus.Success }));
}
//public SecurityFactorys(ICBSEntities context)
//{
// this.context = context;
//}
public LogInStatus CheckLogIn(LogOnModel entity)
{
LogInStatus _LogInStatus = new LogInStatus();
Dictionary <string, string> list = new Dictionary <string, string>();
Encription encription = new Encription();
try
{
_loginStatusFactory = new LoginStatusFactory();
_userFactory = new UserFactory();
//var data = _userFactory.GetAll().ToList();
//TBLA_USER_INFORMATION tblUserInformation = _userFactory.FindBy(x => x.UserName == entity.UserName && x.IsActive == true && x.TBLB_COMPANY.Code.ToLower() == entity.Company.ToLower()).FirstOrDefault();
SEC_UserInformation tblUserInformation = _userFactory.FindBy(x => x.UserName == entity.UserName && x.CompanyID == entity.CompanyID && x.BranchID == entity.BranchID && x.IsActive == true).FirstOrDefault();
if (tblUserInformation != null)
{
SEC_LoginStatus logInStatus = _loginStatusFactory.FindBy(x => x.UserID == tblUserInformation.ID).FirstOrDefault();
if (logInStatus != null)
{
if (logInStatus.ForcedLogOutStatus == true)
{
_LogInStatus.IsAllowed = false;
_LogInStatus.Message = "The Page is Under maintenance";
}
else
{
_userPasswordFactory = new UserPasswordFactory();
SEC_Password tblPassword = _userPasswordFactory.FindBy(x => x.ID == tblUserInformation.PasswordID).FirstOrDefault();
if (tblPassword != null && encription.Decrypt(tblPassword.NewPassword).Trim() == (entity.Password.Trim()))
{
{
list.Add("UserId", tblUserInformation.ID.ToString());
list.Add("UserName", tblUserInformation.UserName);
list.Add("Name", tblUserInformation.UserFullName);
list.Add("UserEmployee", tblUserInformation.EmployeeID.ToString());
list.Add("UserCompany", tblUserInformation.CompanyID.ToString());
list.Add("UserBranch", tblUserInformation.BranchID.ToString());
_LogInStatus.IsAllowed = true;
_LogInStatus.Status = list;
_LogInStatus.Message = "Login Successfully";
}
}
else
{
_LogInStatus.IsAllowed = false;
_LogInStatus.Message = "Password or User Name does not match";
}
}
}
else
{
_userPasswordFactory = new UserPasswordFactory();
SEC_Password tblPassword = _userPasswordFactory.FindBy(x => x.ID == tblUserInformation.PasswordID).FirstOrDefault();
if (tblPassword != null && encription.Decrypt(tblPassword.NewPassword).Trim() == (entity.Password.Trim()))
{
{
list.Add("UserId", tblUserInformation.ID.ToString());
list.Add("UserName", tblUserInformation.UserName);
list.Add("Name", tblUserInformation.UserFullName);
list.Add("UserEmployee", tblUserInformation.EmployeeID.ToString());
list.Add("UserCompany", tblUserInformation.CompanyID.ToString());
list.Add("UserBranch", tblUserInformation.BranchID.ToString());
_LogInStatus.IsAllowed = true;
_LogInStatus.Status = list;
_LogInStatus.Message = "Login Successfully";
}
}
else
{
_LogInStatus.IsAllowed = false;
_LogInStatus.Message = "Password or User Name not matching";
}
}
}
else
{
_LogInStatus.IsAllowed = false;
_LogInStatus.Message = "User are not exist";
}
return(_LogInStatus);
}
catch (Exception ex)
{
throw ex;
}
}
private static void Main()
{
Application.EnableVisualStyles();
Application.SetCompatibleTextRenderingDefault(false);
try
{
// System.IO.Path.GetDirectoryName(AppDomain.CurrentDomain.SetupInformation.ConfigurationFile)
// load config file using xmldocument
XmlDocument xmlDoc = new XmlDocument();
// load from iScada.config situated where app.config should be
xmlDoc.Load(System.IO.Path.GetDirectoryName(AppDomain.CurrentDomain.SetupInformation.ConfigurationFile) + "\\iScada.config");
// traverse to the path
XmlNode node = xmlDoc.SelectSingleNode("configuration/userSettings/iScada.Properties.Settings/setting[@name='cnStr']/value");
if (node != null)
{
string str = node.InnerText;
if (str != String.Empty)
{
// connection string exist, store it in global variable and load main form
//string will be of following format
//server= localhost;port= 3306;userid= root;password= root;persistsecurityinfo=True;database=iscada;allowuservariables=True
//break all individual part and decrypt password and recreate the string
string[] conn = str.Split(';');
string server = conn[0].Substring(7, conn[0].Length - 7).Trim();
string port = conn[1].Substring(5, conn[1].Length - 5).Trim();
string userId = conn[2].Substring(7, conn[2].Length - 7).Trim();
string password = conn[3].Substring(9, conn[3].Length - 9).Trim();
password = Encription.Decrypt(password);
str = "server= " + server + ";" +
"port= " + port + ";" +
"userid= " + userId + ";" +
"password= "******";" +
"persistsecurityinfo=True;database=iscada;allowuservariables=True";
//store to global variable
Globals.ConnectionString = str;
Application.Run(new frmMain());
}
else
{
// connection string does not exist, load config form
frmConnStr f = new frmConnStr();
Application.Run(f);
if (f.Result)
{
Application.Run(new frmMain());
}
else
{
Application.Exit();
}
}
}
else
{
MessageBox.Show("Critical error: Configuration file missing.", "Error", MessageBoxButtons.OK,
MessageBoxIcon.Error);
Application.Exit();
}
}
catch (System.IO.FileNotFoundException e)
{
int line = (new StackTrace(e, true)).GetFrame(0).GetFileLineNumber();
MessageBox.Show("Critical error: Configuration file missing. " + line.ToString(), "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
Application.Exit();
}
catch (Exception ex)
{
MessageBox.Show("Error:" + ex.ToString(), "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
Application.Exit();
}
}
