public bool HasNewPasswordBeenUsedRecently(Int64 userId, string proposedNewPassword)
{
try
{
int numberOfRecentPasswordsToKeep = ExtentionUtility.GetIntAppSetting("NoOfPasswordCheck");
//first delete old record
_applicationUser.ExecuteStoreprocedure("spPasswordHistoryDeleteNonRecentPasswords @UserId,@numberOfRecentPasswordsToKeep", new SqlParameter("UserId", userId), new SqlParameter("numberOfRecentPasswordsToKeep", numberOfRecentPasswordsToKeep));
//Now get recent password details
var hashedPasswordDetails = _applicationUser.ExecuteStoredProdure <HashedPasswordDetails>("spPasswordHistorySelect @UserId,@numberOfRecentPasswordsToKeep", new SqlParameter("UserId", userId), new SqlParameter("numberOfRecentPasswordsToKeep", numberOfRecentPasswordsToKeep));
foreach (HashedPasswordDetails passwordDetails in hashedPasswordDetails)
{
var encodePassword = ExtentionUtility.Encrypt(proposedNewPassword);
if (ProposedNewPasswordMatchesAPreviousPassword(passwordDetails, encodePassword))
{
return(true);
}
}
return(false);
}
catch (Exception ex)
{
_log.Error(ex);
return(false);
}
}
public async Task <ActionResult> ResetPassword(ResetPasswordViewModel model)
{
try
{
if (!ModelState.IsValid)
{
return(View(model));
}
Int64 UserId = model.userCode.DecryptID();
var user = await UserManager.FindByIdAsync(UserId);
if (user == null)
{
// Don't reveal that the user does not exist
return(RedirectToAction("ResetPasswordConfirmation", "Account"));
}
//check here if password exist b4
if (HasNewPasswordBeenUsedRecently(user.Id, model.Password))
{
//return false;
ModelState.AddModelError("A previous password can't be used as your new password", "Kindly provide a new password this password ");
return(View(model));
}
else
{
var result = await UserManager.ResetPasswordAsync(user.Id, model.Code, model.Password);
if (result.Succeeded)
{
ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory();
passwordModel.UserId = user.Id;
passwordModel.DateCreated = DateTime.Now;
passwordModel.HashPassword = ExtentionUtility.Encrypt(model.Password);
_passwordCommand.Insert(passwordModel);
_passwordCommand.SaveChanges();
ApplicationUser xmodel = UserManager.FindById(user.Id);
xmodel.IsFirstLogin = false;
UserManager.Update(xmodel);
return(RedirectToAction("ResetPasswordConfirmation", "Account"));
}
AddErrors(result);
return(View());
}
}
catch (Exception ex)
{
_log.Error(ex);
return(View("Error"));
}
}
public async Task <ActionResult> SetFirstlogin(SetFirstPasswordViewModel model)
{
try
{
if (!ModelState.IsValid)
{
return(View(model));
}
long UserId = model.code.DecryptID();
if (HasNewPasswordBeenUsedRecently(UserId, model.Password))
{
//return false;
ModelState.AddModelError("A previous password can't be used as your new password", "Kindly provide a new password this password ");
return(View(model));
}
else
{
// string code = await _userManager.GeneratePasswordResetTokenAsync(UserId);
// var result = await _userManager.ResetPasswordAsync(UserId,code, model.Password);
var result = await _userManager.ChangePasswordAsync(UserId, "Password", model.Password);
if (result.Succeeded)
{
ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory();
passwordModel.UserId = UserId;
passwordModel.DateCreated = DateTime.Now;
passwordModel.HashPassword = ExtentionUtility.Encrypt(model.Password);
_passwordCommand.Insert(passwordModel);
_passwordCommand.SaveChanges();
ApplicationUser xmodel = _userManager.FindById(UserId);
xmodel.IsFirstLogin = false;
_userManager.Update(xmodel);
return(RedirectToAction("SetPasswordConfirmation", "Account"));
}
AddErrors(result);
}
return(View(model));
}
catch (Exception ex)
{
_log.Error(ex);
return(View("Error"));
}
}
public async Task <ActionResult> ChangePassword(ChangePasswordViewModel model)
{
CreateViewBagParams();
if (!ModelState.IsValid)
{
return(PartialView(model));
}
long UserId = User.Identity.GetUserId <Int64>();
if (HasNewPasswordBeenUsedRecently(UserId, model.NewPassword))
{
ModelState.AddModelError("A previous password can't be used as your new password", "Kindly provide a new password this password ");
ViewBag.ErrMsg = "A previous password can't be used as your new password, Kindly provide a new password this password ";
return(PartialView(model));
}
else
{
var result = await UserManager.ChangePasswordAsync(UserId, model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory();
passwordModel.UserId = UserId;
passwordModel.DateCreated = DateTime.Now;
passwordModel.HashPassword = ExtentionUtility.Encrypt(model.NewPassword);
_passwordCommand.Insert(passwordModel);
_passwordCommand.SaveChanges();
TempData["MESSAGE"] = "Password change successfully";
ModelState.Clear();
return(Json(new { success = true }));
}
else
{
AddErrors(result);
return(PartialView(model));
}
}
}
public async Task <ActionResult> Create(UserViewModel model)
{
string code = string.Empty;
model.Roles = _utility.GetRoles();
try
{
CreateViewBagParams();
if (ModelState.IsValid)
{
//checking if emailaddress does not exist b4
var organizerAdminEmailExist = _applicationUserQuery.GetAllList(m => m.Email.ToLower().Trim() == model.Email.ToLower().Trim()).ToList();
if (organizerAdminEmailExist.Any())
{
ModelState.AddModelError("", "email address already exist");
return(PartialView("_PartialAddEdit", model));
}
//checking if username does not exist b4
var organizerAdminUsernameExist = _applicationUserQuery.GetAllList(m => m.UserName.ToLower().Trim() == model.UserName.ToLower().Trim()).ToList();
if (organizerAdminUsernameExist.Any())
{
ModelState.AddModelError("", "username already exist");
return(PartialView("_PartialAddEdit", model));
}
ApplicationUser usermodel = UserViewModel.ModeltoEntity(model);
var result = await UserManager.CreateAsync(usermodel, "Password");
if (result.Succeeded)
{
_activityRepo.CreateActivityLog(string.Format("Assinging User Id:{0} with Name :{1} to role Id's:{2}", usermodel.Id, (usermodel.LastName + " " + usermodel.FirstName), model.SelectedRole), this.GetContollerName(), this.GetContollerName(), usermodel.Id, null);
ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory();
passwordModel.UserId = usermodel.Id;
passwordModel.DateCreated = DateTime.Now;
passwordModel.HashPassword = ExtentionUtility.Encrypt("Password");
passwordModel.CreatedBy = usermodel.Id;
_applicationUserPwdhistoryCommand.Insert(passwordModel);
_applicationUserPwdhistoryCommand.Save();
var addRoleResult = await UserManager.AddToRolesAsync(usermodel.Id, model.SelectedRole.ToArray <string>());
if (addRoleResult.Succeeded)
{
//send user reset mail
code = await UserManager.GeneratePasswordResetTokenAsync(usermodel.Id);
string portalUrl = System.Web.HttpContext.Current.Request.Url.Scheme + "://" + System.Web.HttpContext.Current.Request.Url.Authority + System.Web.HttpContext.Current.Request.ApplicationPath.TrimEnd('/') + "/";
var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = usermodel.Id, code = code });
string mPre = portalUrl + callbackUrl;
_log.Info(string.Format("Reset URL:{0}", mPre));
if (!String.IsNullOrEmpty(usermodel.Email))
{
try
{
_utility.SendWelcomeAndPasswordResetEmail(usermodel, mPre);
}
catch { }
}
TempData["MESSAGE"] = "Portal User " + (usermodel.LastName + " " + usermodel.FirstName) + " was successfully created";
ModelState.Clear();
return(Json(new { success = true }));
}
}
else
{
ModelState.AddModelError("", result.Errors.FirstOrDefault().ToString());
}
ModelState.Clear();
return(Json(new { success = true }));
}
else
{
StringBuilder errorMsg = new StringBuilder();
foreach (var modelError in ModelState.Values.SelectMany(modelState => modelState.Errors))
{
errorMsg.AppendLine(modelError.ErrorMessage);
ModelState.AddModelError(string.Empty, modelError.ErrorMessage);
}
ViewBag.ErrMsg = errorMsg.ToString();
return(PartialView("_PartialAddEdit", model));
}
}
catch (Exception exp)
{
_log.Error(exp);
//return View("Error");
StringBuilder errorMsg = new StringBuilder();
foreach (var modelError in ModelState.Values.SelectMany(modelState => modelState.Errors))
{
errorMsg.AppendLine(modelError.ErrorMessage);
ModelState.AddModelError(string.Empty, modelError.ErrorMessage);
}
ViewBag.ErrMsg = errorMsg.ToString();
return(PartialView("_PartialAddEdit", model));
}
}
public async Task <ActionResult> FramewokAdmin(string nextButton, string backButton)
{
string msg;
if (backButton != null)
{
return(RedirectToAction("FrameworkSetting"));
}
if (nextButton != null)
{
if (!ModelState.IsValid)
{
return(View(_setupContract));
}
if (string.Compare(_setupContract.AdminUserSetting.Password,
_setupContract.AdminUserSetting.ConfirmPassword,
StringComparison.InvariantCultureIgnoreCase) != 0)
{
ViewBag.ErrMsg = "Password and confirm password must be equal";
// ModelState.AddModelError("","Password and confirm password must be equal");
return(View(_setupContract));
}
var user = new ApplicationUser
{
FirstName = _setupContract.AdminUserSetting.FirstName,
LastName = _setupContract.AdminUserSetting.LastName,
MiddleName = _setupContract.AdminUserSetting.MiddleName,
UserName = _setupContract.AdminUserSetting.UserName,
Email = _setupContract.AdminUserSetting.Email,
MobileNumber = _setupContract.AdminUserSetting.MobileNumber,
PhoneNumber = _setupContract.AdminUserSetting.PhoneNumber,
EmailConfirmed = true,
PhoneNumberConfirmed = true,
TwoFactorEnabled = false,
LockoutEnabled = false,
AccessFailedCount = 0,
DateCreated = DateTime.Now,
IsFirstLogin = false
};
var result = await UserManager.CreateAsync(user, _setupContract.AdminUserSetting.Password);
if (result.Succeeded)
{
ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory();
passwordModel.UserId = user.Id;
passwordModel.DateCreated = DateTime.Now;
passwordModel.HashPassword = ExtentionUtility.Encrypt(_setupContract.AdminUserSetting.Password);
passwordModel.CreatedBy = user.Id;
_applicationUserPwdhistoryCommand.Insert(passwordModel);
_applicationUserPwdhistoryCommand.Save();
var addRoleResult = await UserManager.AddToRoleAsync(user.Id, "PortalAdmin");
if (addRoleResult.Succeeded)
{
Application applicationmodel = _applicationQuery.GetAll().FirstOrDefault();
applicationmodel.HasAdminUserConfigured = true;
_applicationCommand.Update(applicationmodel);
_applicationCommand.SaveChanges();
_activityRepo.CreateActivityLog("creating Framework admin user details", this.GetContollerName(), this.GetContollerName(), _setupContract.AdminUserSetting.Id, _setupContract.AdminUserSetting);
return(RedirectToAction("Login", "Account", new { area = "" }));
}
}
else
{
ModelState.AddModelError("", result.Errors.FirstOrDefault().ToString());
}
return(View(_setupContract));
}
var userInfo = UserManager.Users.ToList().Select(AdminUserSettingViewModel.EntityToModels).FirstOrDefault();
if (userInfo == null)
{
//ModelState.AddModelError("", "Unable to initialize admin user information due to internal error! Please try again later");
return(View(_setupContract));
}
_setupContract.AdminUserSetting = userInfo;
return(View(_setupContract));
}
public async Task <ActionResult> Create(ArtistViewModel model, HttpPostedFileBase profileImage)
{
string code = string.Empty;
string profilePath = string.Empty;
try
{
CreateViewBagParams();
if (ModelState.IsValid)
{
if (profileImage != null && profileImage.ContentLength > 0)
{
var ext = Path.GetExtension(profileImage.FileName).Trim().ToLower();
string[] allowedExtension = new string[] { ".jpeg", ".jpg", ".png" };
if (allowedExtension.Contains(ext))
{
profilePath = _utility.Upload(profileImage, _utility.GetAppSetting("AppUploadFolder"));
}
else
{
ModelState.AddModelError("", string.Format("Invalid image extension,allowed extension are: .jpeg,.jpg,.png ", allowedExtension));
//return PartialView("_PartialAddEdit", staffVm);
return(View("_PartialAddEdit", model));
}
}
//checking if emailaddress does not exist b4
var organizerAdminEmailExist = _applicationUserQuery.GetAllList(m => m.Email.ToLower().Trim() == model.Email.ToLower().Trim()).ToList();
if (organizerAdminEmailExist.Any())
{
ModelState.AddModelError("", "email address already exist");
return(PartialView("_PartialAddEdit", model));
}
//checking if username does not exist b4
var organizerAdminUsernameExist = _applicationUserQuery.GetAllList(m => m.UserName.ToLower().Trim() == model.UserName.ToLower().Trim()).ToList();
if (organizerAdminUsernameExist.Any())
{
ModelState.AddModelError("", "username already exist");
return(PartialView("_PartialAddEdit", model));
}
ApplicationUser usermodel = ArtistViewModel.ModeltoEntity(model);
usermodel.PicturePath = Path.GetFileName(profilePath);
usermodel.FacebookURL = model.FacebookURL;
var result = await UserManager.CreateAsync(usermodel, "Password");
if (result.Succeeded)
{
_activityRepo.CreateActivityLog(string.Format("Assinging User Id:{0} with Name :{1} to role Id's:{2}", usermodel.Id, (usermodel.LastName + " " + usermodel.FirstName), ""), this.GetContollerName(), this.GetContollerName(), usermodel.Id, null);
ApplicationUserPasswordHistory passwordModel = new ApplicationUserPasswordHistory();
passwordModel.UserId = usermodel.Id;
passwordModel.DateCreated = DateTime.Now;
passwordModel.HashPassword = ExtentionUtility.Encrypt("Password");
passwordModel.CreatedBy = usermodel.Id;
_applicationUserPwdhistoryCommand.Insert(passwordModel);
_applicationUserPwdhistoryCommand.Save();
var addRoleResult = await UserManager.AddToRoleAsync(usermodel.Id, "Artist");
if (addRoleResult.Succeeded)
{
//send user reset mail
code = await UserManager.GeneratePasswordResetTokenAsync(usermodel.Id);
string portalUrl = System.Web.HttpContext.Current.Request.Url.Scheme + "://" + System.Web.HttpContext.Current.Request.Url.Authority + System.Web.HttpContext.Current.Request.ApplicationPath.TrimEnd('/') + "/";
var callbackUrl = Url.Action("ResetPassword", "Account", new { userCode = usermodel.Id.EncryptID(), code = code });
string mPre = portalUrl + callbackUrl;
_log.Info(string.Format("Reset URL:{0}", mPre));
if (!String.IsNullOrEmpty(usermodel.Email))
{
_utility.SendWelcomeAndPasswordResetEmail(usermodel, mPre);
}
TempData["MESSAGE"] = "Artist " + (usermodel.LastName + " " + usermodel.FirstName) + " was successfully created";
ModelState.Clear();
return(Json(new { success = true }));
}
}
else
{
ModelState.AddModelError("", result.Errors.FirstOrDefault().ToString());
}
ModelState.Clear();
return(Json(new { success = true }));
}
else
{
StringBuilder errorMsg = new StringBuilder();
foreach (var modelError in ModelState.Values.SelectMany(modelState => modelState.Errors))
{
errorMsg.AppendLine(modelError.ErrorMessage);
ModelState.AddModelError(string.Empty, modelError.ErrorMessage);
}
ViewBag.ErrMsg = errorMsg.ToString();
return(PartialView("_PartialAddEdit", model));
}
}
catch (Exception exp)
{
_log.Error(exp);
//return View("Error");
StringBuilder errorMsg = new StringBuilder();
foreach (var modelError in ModelState.Values.SelectMany(modelState => modelState.Errors))
{
errorMsg.AppendLine(modelError.ErrorMessage);
ModelState.AddModelError(string.Empty, modelError.ErrorMessage);
}
ViewBag.ErrMsg = errorMsg.ToString();
return(PartialView("_PartialAddEdit", model));
}
}
