Пример #1
0
        public ActionResult Login(LoginViewModel model)
        {
            if (ModelState.IsValid)
            {
                var user = usersDAL.GetUser(model.Username);

                if (user == null)
                {
                    ModelState.AddModelError("Username", "The username or password is invalid.");
                    return(View("Login", model));
                }

                var hashProvider = new HashProvider();
                if (!hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt))
                {
                    ModelState.AddModelError("Username", "The username or password is invalid.");
                    return(View("Login", model));
                }

                LogUserIn(user.Username);

                return(RedirectToAction("Index", "Home"));
            }
            return(View("Login", model));
        }
Пример #2
0
        public ActionResult Login(LoginViewModel model)
        {
            if (!ModelState.IsValid)
            {
                return(View("Login", model));
            }

            User user = userDal.GetUser(model.EmailAddress);

            if (user != null)
            {
                HashProvider hashProvider      = new HashProvider();
                bool         doesPasswordMatch = hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt); //user.Salt)

                if (!doesPasswordMatch)
                {
                    ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
                    return(View("Login", model));
                }
            }
            else
            {
                ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
                return(View("Login", model));
            }
            FormsAuthentication.SetAuthCookie(user.Email, true);
            Session[SessionKeys.Username]     = user.Username;
            Session[SessionKeys.EmailAddress] = user.Email;
            Session[SessionKeys.UserId]       = user.User_Id;
            return(RedirectToAction("Index", "Home"));
        }
Пример #3
0
        public ActionResult LoginPost(User model)
        {
            if (!ModelState.IsValid)
            {
                return(View("Index", model));
            }
            if (model.EmailAddress != null && model.EmailAddress != "")
            {
                HashProvider hashProvider = new HashProvider();

                User u = new User()
                {
                    EmailAddress = model.EmailAddress
                };
                User validatedUser = userDAL.GetUser(u);

                if (validatedUser != null && validatedUser.Password != null && validatedUser.Salt != null)
                {
                    bool passwordMatches = hashProvider.VerifyPasswordMatch(validatedUser.Password, model.Password, validatedUser.Salt);

                    if (validatedUser.EmailAddress != null && passwordMatches)
                    {
                        Session["Login"] = validatedUser;
                        return(RedirectToAction("Index", "Home"));
                    }
                    else
                    {
                        return(RedirectToAction("Index"));
                    }
                }
            }

            return(RedirectToAction("Index"));
        }
Пример #4
0
        public User GetUser(LoginViewModel loginInfo)
        {
            User         output       = null;
            string       userName     = loginInfo.Email;
            HashProvider hashProvider = new HashProvider();

            string SQL_LoginString = @"Select TOP 1 * from users WHERE username = @username AND isActive = 'true'";
            Dictionary <string, object> dynamicParameterArgs = new Dictionary <string, object>();

            dynamicParameterArgs.Add("@username", userName);
            //dynamicParameterArgs.Add("@password", hashedPassword.Password);
            using (SqlConnection myConnection = new SqlConnection(connectionString))
            {
                myConnection.Open();
                output = myConnection.Query <User>(SQL_LoginString, new DynamicParameters(dynamicParameterArgs)).ToList().FirstOrDefault();
                //SqlCommand myCommand = new SqlCommand(SQL_LoginString, myConnection);
            }
            if (output != null && hashProvider.VerifyPasswordMatch(output.Password, loginInfo.Password, output.Salt))
            {
                return(output);
            }
            else
            {
                return(null);
            }
        }
Пример #5
0
        public ActionResult Login(UserModel user)
        {
            UserSqlDal dal          = new UserSqlDal();
            UserModel  existingUser = dal.Login(user.Username);

            if (existingUser == null)
            {
                user.LoginFail = true;
                return(View("Login", user));
            }

            HashProvider provider = new HashProvider();

            if (user.LoginPassword != null && provider.VerifyPasswordMatch(existingUser.Password, user.LoginPassword, existingUser.Salt))
            {
                user.LoginFail      = false;
                user.IsOnline       = true;
                Session["user"]     = user;
                Session["username"] = user.Username;
                return(RedirectToAction("LoggedInLanding", "Home"));
            }

            user.LoginFail = true;
            return(View("Login", user));
        }
        /// <summary>
        /// Signs the user in and saves their username in session.
        /// </summary>
        /// <param name="username"></param>
        /// <param name="password"></param>
        /// <returns></returns>
        public bool SignIn(string emailaddress, string password)
        {
            var user         = userDAL.GetUser(emailaddress);
            var hashProvider = new HashProvider();

            if (user != null && hashProvider.VerifyPasswordMatch(user.Password, password, user.Salt))
            {
                HttpContext.Session.SetString(SessionKey, user.EmailAddress);
                return(true);
            }

            return(false);
        }
        public ActionResult Login(LoginViewModel model)
        {
            if (ModelState.IsValid)
            {
                var user = userDal.GetUser(model.Username);


                if (user != null)
                {
                    HashProvider hashProvider      = new HashProvider();
                    bool         doesPasswordMatch = hashProvider.VerifyPasswordMatch(user.Password, model.Password, ""); //user.Salt)

                    if (!doesPasswordMatch)
                    {
                        ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
                        return(View("Login", model));
                    }
                }
                else
                {
                    ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
                    return(View("Login", model));
                }

                // Happy Path
                base.LogUserIn(user.Username);


                //If they are supposed to be redirected then redirect them else send them to the dashboard
                var queryString = this.Request.UrlReferrer.Query;
                var urlParams   = HttpUtility.ParseQueryString(queryString);
                if (urlParams["landingPage"] != null && Url.IsLocalUrl(urlParams["landingPage"]))
                {
                    // then redirect them
                    return(new RedirectResult(urlParams["landingPage"]));
                }
                else if (urlParams["landingPage"] != null && !Url.IsLocalUrl(urlParams["landingPage"]))
                {
                    return(RedirectToAction("LeavingSite", "Users", new { destinationUrl = urlParams["landingPage"] }));
                }
                else
                {
                    return(RedirectToAction("Dashboard", "Messages", new { username = user.Username }));
                }
            }
            else
            {
                return(View("Login", model));
            }
        }
Пример #8
0
        public ActionResult Login(LoginViewModel model)
        {
            if (!ModelState.IsValid)
            {
                return(View("Login", model));
            }

            var user = userDAL.GetUser(model.Username);

            // Verify username
            if (user == null)
            {
                ModelState.AddModelError("invalid-login", "The username & password combination is invalid.");
                return(View("Login", model));
            }

            // Verify hashed password
            HashProvider hashProvider = new HashProvider();

            if (!hashProvider.VerifyPasswordMatch(user.Password, model.Password, user.Salt))
            {
                ModelState.AddModelError("invalid-login", "The username & password combination is invalid.");
                return(View("Login", model));
            }

            // If username and password combination found in database, log user in
            base.LogUserIn(user.Username);

            //If they are supposed to be redirected then redirect them; otherwise, send them to the home page
            var queryString = this.Request.UrlReferrer.Query;
            var urlParams   = HttpUtility.ParseQueryString(queryString);

            if (urlParams["landingPage"] != null)
            {
                //If it is one of CityTours' web pages
                if (Url.IsLocalUrl(urlParams["landingPage"]))
                {
                    return(new RedirectResult(urlParams["landingPage"]));
                }
                else
                {
                    return(RedirectToAction("Index", "Home", new { destination = urlParams["landingPage"] }));
                }
            }
            else
            {
                return(RedirectToAction("Index", "Home"));
            }
        }
Пример #9
0
        public ActionResult Login(LoginModel model)
        {
            if (!ModelState.IsValid)
            {
                return(View());
            }
            //HashProvider hash = new HashProvider();
            //string password = hash.HashPassword(model.Password);
            //model.Password = model.Password;
            UserModel m = userDal.GetUser(model.UserName);

            if (ModelState.IsValid && m.Salt != null)
            {
                UserModel userLogin = userDal.GetUser(model.UserName);

                if (userLogin != null)
                {
                    HashProvider hashProvider      = new HashProvider();
                    bool         doesPasswordMatch = hashProvider.VerifyPasswordMatch(userLogin.Password, model.Password, userLogin.Salt);
                    if (!doesPasswordMatch)
                    {
                        ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
                        return(View("Login", model));
                    }
                    else
                    {
                        FormsAuthentication.SetAuthCookie(userLogin.UserName, true);
                        Session["authorizationlevel"] = userLogin.AuthorizationLevel;
                        Session["username"]           = userLogin.UserName;
                        Session["user"] = userLogin;

                        return(RedirectToAction("Index", "Home"));
                    }
                }
                else
                {
                    ModelState.AddModelError("invalid-login", "The username or password combination is not valid");
                    return(View("Login", model));
                }
                //return View("Login", model);
            }

            UserModel user = userDal.GetUser(model.UserName);

            return(View("Login"));
        }
Пример #10
0
        public ActionResult ChangePassword(ChangePasswordModel model)
        {
            if (!ModelState.IsValid)
            {
                return(View());
            }
            UserModel    user = Session["user"] as UserModel;
            HashProvider hash = new HashProvider();
            string       s    = model.TempPassword;

            s = hash.HashPassword(s);


            //if (!ModelState.IsValid)
            //{
            //    return View("ChangePassword");
            //}



            if (hash.VerifyPasswordMatch(user.Password, model.TempPassword, user.Salt) == false)
            {
                return(View("ChangePassword"));
            }

            else
            {
                string password = hash.HashPassword(model.Password);
                user.Salt               = hash.SaltValue;
                model.Password          = password;
                user.AuthorizationLevel = 2;
                userDal.ChangePassword(model.Password, user.Salt, user.UserName);

                //FormsAuthentication.SetAuthCookie(user.Email, true);
                // Session[SessionKeys.Username] = model.EmailAddress;
                //Session[SessionKeys.UserId] = user.Id;  ??? whats session keys
            }

            return(RedirectToAction("ChangeSuccess"));
        }
        public ActionResult Login(ParentLoginModel model)
        {
            // validation redirect
            if (!ModelState.IsValid)
            {
                return(View("Login", model));
            }

            ParentModel parent = parentDAL.GetParent(model.Email);

            HashProvider hash = new HashProvider();

            // check if parent exists and passwords match
            if (parent == null || !hash.VerifyPasswordMatch(parent.Password, model.Password, parent.Salt))
            {
                ModelState.AddModelError("invalid-credentials", "Invalid email password combination");
                return(View("Login", model));
            }

            Session["parent"] = parent;
            return(RedirectToAction("Dashboard"));
        }
        public ActionResult Login(ChildLoginModel model)
        {
            // validation redirect
            if (!ModelState.IsValid)
            {
                return(View("Login", model));
            }

            ChildModel child = childDAL.GetChild(model.UserName);

            HashProvider hash = new HashProvider();

            // check if child exists and passwords match
            if (child == null || !hash.VerifyPasswordMatch(child.Password, model.Password, child.Salt))
            {
                ModelState.AddModelError("invalid-credentials", "Invalid email password combination");
                return(View("Login", model));
            }

            // check if child has time remaining
            if (child.Seconds <= 0)
            {
                ModelState.AddModelError("no-time-remaining", "You do not have any time remaining. You need more steps to earn more time.");
                return(View("Login", model));
            }

            child.Mascot = mascotDAL.GetMascot(child);

            Session["child"] = child;

            // check if child needs to create mascot
            if (child.Mascot == null)
            {
                return(RedirectToAction("ChooseMascot"));
            }

            return(RedirectToAction("Dashboard"));
        }
Пример #13
0
        public ActionResult Login(UserLogin userLogin, int selectedButton)
        {
            try
            {
                UserProfile userProfile     = userSqlDAL.GetUser(userLogin.UserEmail);
                bool        passwordMatches = hashProvider.VerifyPasswordMatch(userProfile.UserPassword, userLogin.UserPassword, userProfile.Salt);
                //
                //    // TODO : Add a variable to the parameters to represent whether the user
                //    // is logging in from the TakeSurvey page or from the general login in button.
                //    // RedirectToAction will change depending on the starting point.

                // Jarrod: Right now I've set it so that  once you've loggin in the program checksto see if you have a survey result in th DB
                // If you do, the you are taken to your custom franchise list
                // If you haven't take a survey yet, you are taken to the survey page

                if (passwordMatches)
                {
                    SaveUserSession(userLogin.UserEmail);
                    SurveyAnswers existingSurvey = surveyAnswerDAL.GetSurveyResult(userProfile.UserEmail);

                    if (existingSurvey.business != null)
                    {
                        return(RedirectToAction("ViewProfile"));
                    }
                    else
                    {
                        return(RedirectToAction("Survey", "Home"));
                    }
                }
            }
            catch
            {
                return(RedirectToAction("IncorrectLogin"));
            }
            return(RedirectToAction("IncorrectLogin"));
        }
Пример #14
0
        public void HashProvider_ReturnsPasswordMatch(string password, string salt, string hashedPassword)
        {
            HashProvider hashProvider = new HashProvider();

            Assert.IsTrue(hashProvider.VerifyPasswordMatch(hashedPassword, password, salt));
        }