public async Task <IActionResult> Login(LoginViewModel model)
{
if (ModelState.IsValid == true)
{
var accountDb = _context.Accounts.FirstOrDefault(x => x.Username == model.Username);
if (accountDb != null)
{
if (HashPwdTool.CheckPassword(model.Password, accountDb.Password))
{
await this.SignInUser(accountDb, false);
return(this.RedirectToAction("Index", "Home").WithSuccess("Thông báo", "Success! Welcome back " + accountDb.Username.ToUpper() + "!"));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid Username or password");
return(View("Index"));
}
}
else
{
ModelState.AddModelError(string.Empty, "Invalid Username or password");
return(View("Index"));
}
}
else
{
ModelState.AddModelError(string.Empty, "Invalid Username or password");
return(View("Index"));
}
}
public IActionResult ChangePassword(string password = "", string repassword = "******")
{
if (password != repassword)
{
TempData["Notice"] = "Lỗi: Mật khẩu nhập không khớp";
return(RedirectToAction("ChangePassword"));
}
string username = HttpContext.Session.GetString("AdminSession");
if (username == null)
{
return(LocalRedirect("~/Identity/Account/Login"));
}
RES.Data.DBModels.Admin admin = _context.Admin.Where(n => n.UserName == username).SingleOrDefault();
if (admin == null)
{
return(NotFound());
}
admin.PasswordHash = HashPwdTool.GeneratePassword(password);
_context.SaveChangesAsync();
TempData["Notice"] = "Đổi mật khẩu thành công";
return(RedirectToAction("ChangePassword"));
}
public ActionResult Login(string username, string password)
{
Customer cus = db.Customers.SingleOrDefault(n => n.Account.UserName == username && n.Account.Role_Account.FirstOrDefault().Role.Role_Name == "Customer");
if (cus == null)
{
ViewBag.Error = "Username or password is incorrect";
}
else
{
if (!HashPwdTool.CheckPassword(password, cus.Account.PasswordHash))
{
ViewBag.Error = "Username or password is incorrect";
}
else
{
if (cus.Blocks != null && (cus.Blocks.LastOrDefault().UnBlockDate == null || cus.Blocks.LastOrDefault().UnBlockDate > DateTime.Now))
{
ViewBag.Error = "Username is blocking";
}
else
{
Session["Account"] = cus.Account;
AccountLog accLog = new AccountLog();
accLog.Account = cus.Account;
db.AccountLogs.Add(accLog);
db.SaveChanges();
return(RedirectToAction("Index", "Home"));
}
}
}
return(View("Login"));
}
public ActionResult ResetPass(int iDEmp, string password1)
{
Account acc = db.Accounts.Where(p => p.Account_ID == iDEmp).SingleOrDefault();
acc.PasswordHash = HashPwdTool.GeneratePassword(password1);
db.Entry(acc).State = System.Data.Entity.EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("ViewAccount", "Adminstrator"));
}
public ActionResult AddCustomer(Customer customer, string phoneNumber, string password)
{
using (var trans = db.Database.BeginTransaction())
{
try
{
if (Request.Files.Count > 0)
{
var file = Request.Files[Request.Files.Count - 1];
if (file != null)
{
string pic = Path.GetFileName(file.FileName);
string extensionFileName = CommonFunction.getExtensionFileName(pic);
pic = CommonFunction.hashSHA256(pic) + extensionFileName;
string path = Path.Combine(Server.MapPath(Constants.CUS_IMG_URL_ADD), pic);
customer.Avatar_URL = pic;
file.SaveAs(path);
}
}
else
{
customer.Avatar_URL = Constants.CUS_IMG_NOAVATAR;
}
customer.Account.PasswordHash = HashPwdTool.GeneratePassword(password);
PhoneNumber phNum = new PhoneNumber();
phNum.PhoneNumber1 = phoneNumber;
customer.PhoneNumbers.Add(phNum);
Role_Account ra = new Role_Account();
ra.Role_ID = 3;
customer.Account.Role_Account.Add(ra);
db.Customers.Add(customer);
db.SaveChanges();
trans.Commit();
TempData["AddCustomerOK"] = "OK";
return(RedirectToAction("AddCustomer"));
}
catch (Exception ex)
{
Console.WriteLine(ex.ToString());
trans.Rollback();
return(View());
}
}
}
public ActionResult CreateCustomer(Customer customer, string TypeAcc, string phoneNumber, string password)
{
var TypeList = db.Types.Select(p => p.Type_Name).ToList();
ViewBag.roleList = TypeList;
if (ModelState.IsValid)
{
if (Request.Files.Count > 0)
{
var file = Request.Files[Request.Files.Count - 1];
if (file != null)
{
string pic = Path.GetFileName(file.FileName);
string extensionFileName = CommonFunction.getExtensionFileName(pic);
pic = CommonFunction.hashSHA256(pic) + extensionFileName;
string path = Path.Combine(Server.MapPath(Constants.CUS_IMG_URL_ADD), pic);
customer.Avatar_URL = pic;
file.SaveAs(path);
}
}
else
{
customer.Avatar_URL = Constants.CUS_IMG_NOAVATAR;
}
customer.Account.PasswordHash = HashPwdTool.GeneratePassword(password);
PhoneNumber phNum = new PhoneNumber();
phNum.PhoneNumber1 = phoneNumber;
customer.PhoneNumbers.Add(phNum);
Role_Account ra = new Role_Account();
ra.Role_ID = 3;
customer.Account.Role_Account.Add(ra);
int type = db.Types.Where(p => p.Type_Name == TypeAcc).Select(r => r.Type_ID).SingleOrDefault();
RealEstateWebsite.Models.Type t = db.Types.Find(type);
customer.Type = db.Types.Find(t.Type_ID);
db.Customers.Add(customer);
db.SaveChanges();
return(RedirectToAction("Viewcustomer", "Customer"));
}
return(View());
}
public async Task <IActionResult> Create([Bind("Id,Username,Password,CreatedDate,UpdatedDate")] Account account)
{
if (ModelState.IsValid)
{
string temp = HashPwdTool.GeneratePassword(account.Password);
account.Password = temp;
_context.Add(account);
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Index)).WithSuccess("Thông báo", "Tạo tài khoản thành công!"));
}
return(View(account));
}
public ActionResult SignUp(SignUpModel cst, HttpPostedFileBase fileUpload)
{
if (ModelState.IsValid)
{
//db.Customers.Add(cst);
//db.SaveChanges();
if (CheckUserName(cst.UserName))
{
ModelState.AddModelError("", "Username already exists");
}
else
{
//string a = HashPwdTool.GeneratePassword("1");
var account = new Account();/* { UserName = "******",PasswordHash=a};*/
account.UserName = cst.UserName;
account.PasswordHash = HashPwdTool.GeneratePassword(cst.PassWord);
var phonenumber = new PhoneNumber();
phonenumber.PhoneNumber1 = cst.PhoneNumber;
var customer = new Customer();
customer.Address = cst.Address;
customer.Email = cst.Email;
customer.Firstname = cst.FirstName;
customer.LastName = cst.LastName;
var fileName2 = Path.GetFileName(fileUpload.FileName);
//Lưu đường dẫn của file
var path2 = Path.Combine(Server.MapPath("~/Images/Customer"), fileName2);
if (System.IO.File.Exists(path2))
{
ViewBag.ThongBao = "Images already exists";
}
else
{
fileUpload.SaveAs(path2);
}
customer.Avatar_URL = fileUpload.FileName;
customer.Account = account;
Role_Account r_acc = new Role_Account();
r_acc.Account = account;
r_acc.Role_ID = 3;
customer.PhoneNumbers.Add(phonenumber);
db.Customers.Add(customer);
db.Role_Account.Add(r_acc);
db.SaveChanges();
ViewBag.ThongBao = "Signup succcessful";
}
}
return(View("SignUp"));
}
public PartialViewResult UpdatePassPartial(string passwordM, string passwordC, string passwordL)
{
RealEstateWebsiteEntities dbs = new RealEstateWebsiteEntities();
Account cst = Session["Account"] as Account;
if (HashPwdTool.CheckPassword(passwordC, cst.PasswordHash) && passwordM == passwordL)
{
dbs.spUpdateAccount(cst.Account_ID, HashPwdTool.GeneratePassword(passwordM));
ViewBag.ThongBao = "Change password successful";
}
else
{
ViewBag.ThongBao = "Current pass incorrect";
}
return(PartialView("UpdatePassPartial"));
}
public ActionResult CreateEmp(Employee emp, string RoleAcc, string manager_id, string password1)
{
var roleList = db.Roles.Select(p => p.Role_Name).Where(p => p != "Admin" && p != "SuperAdmin").ToList();
ViewBag.roleList = roleList;
if (ModelState.IsValid)
{
if (Request.Files.Count > 0)
{
var file = Request.Files[Request.Files.Count - 1];
if (file != null)
{
string pic = Path.GetFileName(file.FileName);
string extensionFileName = CommonFunction.getExtensionFileName(pic);
pic = CommonFunction.hashSHA256(pic) + extensionFileName;
string path = Path.Combine(Server.MapPath(Constants.EMP_IMG_URL_ADD), pic);
emp.Avatar_URL = pic;
file.SaveAs(path);
}
}
else
{
emp.Avatar_URL = Constants.EMP_IMG_NOAVATAR;
}
emp.Account.PasswordHash = HashPwdTool.GeneratePassword(password1);
int role = db.Roles.Where(p => p.Role_Name == RoleAcc).Select(r => r.Role_ID).SingleOrDefault();
Role_Account ra = new Role_Account();
ra.Role_ID = role;
emp.Account.Role_Account.Add(ra);
db.Employees.Add(emp);
db.SaveChanges();
int id = db.Employees.Where(p => p.Account.UserName == emp.Account.UserName).SingleOrDefault().Employee_ID;
db.USP_AddManager_id(id, Convert.ToInt32(manager_id));
return(RedirectToAction("ViewEmp", "Adminstrator"));
}
return(View());
}
public async Task <IActionResult> Create([Bind("AdminId,UserName,PasswordHash")] RES.Data.DBModels.Admin admin)
{
if (ModelState.IsValid)
{
var adminDB = _context.Admin.Where(n => n.UserName == admin.UserName).SingleOrDefault();
if (adminDB != null)
{
TempData["Notice"] = "Lỗi: Tên tài khoản " + admin.UserName + " đã tồn tại.";
return(RedirectToAction("Create"));
}
admin.PasswordHash = HashPwdTool.GeneratePassword(admin.PasswordHash);
_context.Add(admin);
await _context.SaveChangesAsync();
TempData["Notice"] = "Tạo admin " + admin.UserName + " thành công.";
return(RedirectToAction(nameof(Index)));
}
return(View(admin));
}
public ActionResult ChangePassAccount(int idAcc, string password1, string pass)
{
Account acc = db.Accounts.Where(p => p.Account_ID == idAcc).SingleOrDefault();
bool c = HashPwdTool.CheckPassword(pass, acc.PasswordHash);
if (c)
{
try
{
acc.PasswordHash = HashPwdTool.GeneratePassword(password1);
db.Entry(acc).State = System.Data.Entity.EntityState.Modified;
db.SaveChanges();
ViewBag.changeAccSucc = "successful!";
} catch { ViewBag.changeAccFail = "Fail!"; }
}
else
{
ModelState.AddModelError("", "Edit Failed! Password is wrong");
}
return(View());
}
public ActionResult Login(string username, string password)
{
Employee emp = db.Employees.SingleOrDefault(n => n.Account.UserName == username && n.Account.Role_Account.FirstOrDefault().Role.Role_Name == "Censor");
if (emp == null)
{
ViewBag.Error = "Username or password is incorrect";
return(View("Login"));
}
if (emp.Block1.LastOrDefault() != null && (emp.Block1.LastOrDefault().UnBlockDate == null || emp.Block1.LastOrDefault().UnBlockDate > DateTime.Now))
{
ViewBag.Error = "Account was blocked";
return(View("Login"));
}
if (emp.Quits.LastOrDefault() != null)
{
ViewBag.Error = "Account was quited";
return(View("Login"));
}
if (emp != null && HashPwdTool.CheckPassword(password, emp.Account.PasswordHash))
{
Session["Account_Censor"] = emp;
AccountLog accLog = new AccountLog();
accLog.Account = emp.Account;
db.AccountLogs.Add(accLog);
db.SaveChanges();
return(RedirectToAction("Index", "Home"));
}
ViewBag.Error = "Cannot connect to server. Please try again!";
return(View("Login"));
}
public ActionResult Login(FormCollection frm)
{
string UserName = frm["username"].ToString();
Account acc = db.Accounts.Where(p => p.UserName == UserName && p.Role_Account.FirstOrDefault().Role_ID == 1).SingleOrDefault();
if (acc != null)
{
bool Pass = HashPwdTool.CheckPassword(frm["password"].ToString(), acc.PasswordHash);
if (Pass)
{
Employee emp = db.Employees.Where(p => p.Account.Account_ID == acc.Account_ID).SingleOrDefault();
if (emp.Quits == null && (emp.Block1.LastOrDefault() == null || (emp.Block1.LastOrDefault() != null && (emp.Block1.LastOrDefault().UnBlockDate == null || emp.Block1.LastOrDefault().UnBlockDate <= DateTime.Now))))
{
db.USP_InsertAccountLog(acc.Account_ID);
Session["AccountUser"] = UserName;
Session["ID_User"] = emp.Employee_ID;
Session["ID_Acc"] = acc.Account_ID;
Session["Avatar"] = "/Images/Employee/" + emp.Avatar_URL;
return(RedirectToAction("Index", "Home"));
}
else
{
Block1 bl = db.Block1.Where(p => p.Employee.Employee_ID == emp.Employee_ID).OrderByDescending(p => p.ModifiedDate).FirstOrDefault();
if (bl != null)
{
if (bl.UnBlockDate <= DateTime.Now)
{
BlockEmployee.UnBlockEmp(emp.Employee_ID);
db.USP_InsertAccountLog(acc.Account_ID);
Session["AccountUser"] = UserName;
Session["ID_User"] = emp.Employee_ID; Session["Avatar"] = "/Images/Employee/" + emp.Avatar_URL;
Session["ID_Acc"] = acc.Account_ID;
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("", "Login Failed! Account is lock");
}
}
else
{
db.USP_InsertAccountLog(acc.Account_ID);
Session["AccountUser"] = UserName;
Session["ID_User"] = emp.Employee_ID; Session["Avatar"] = "/Images/Employee/" + emp.Avatar_URL;
Session["ID_Acc"] = acc.Account_ID;
return(RedirectToAction("Index", "Home"));
}
}
}
else
{
ModelState.AddModelError("", "Login Failed! Username or Password is wrong");
}
}
else
{
ModelState.AddModelError("", "Login Failed! Account is not Admin");
}
return(View());
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
// Start check Is Admin
RealEstateSystemContext _context = new RealEstateSystemContext();
RES.Data.DBModels.Admin ad = _context.Admin.Where(n => n.UserName == Input.Email && HashPwdTool.CheckPassword(Input.Password, n.PasswordHash)).SingleOrDefault();
if (ad != null)
{
HttpContext.Session.SetString("AdminSession", ad.UserName);
return(RedirectToAction("Index", "Home", new { Area = "Admin" }));
}
// End check Is Admin
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure : true);
if (result.Succeeded)
{
try
{
using (RealEstateSystemContext db = new RealEstateSystemContext())
{
Customer customer = db.Customer.Where(n => n.Account.UserName == Input.Email).Single();
HttpContext.Session.SetString("User_Name_Session", customer.LastName + " " + customer.Firstname);
}
}
catch (Exception) { }
_logger.LogInformation("User logged in.");
return(LocalRedirect(returnUrl));
}
if (result.RequiresTwoFactor)
{
return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }));
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return(RedirectToPage("./Lockout"));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(Page());
}
}
// If we got this far, something failed, redisplay form
return(Page());
}