public ActionResult ChangeTemporaryPassword(ChangePassword changePassword, string returnUrl) { ChangePassword aChangePassword = Session["UserLoginId"] as ChangePassword; if (aChangePassword != null) { if (aDoctorManager.IsValid(aChangePassword.DoctorLoginId, aChangePassword.OldPassword)) { changePassword.DoctorLoginId = aChangePassword.DoctorLoginId; changePassword.NewPassword = Crypto.Hash(changePassword.NewPassword); changePassword.PasswordVerified = true; string message = aDoctorManager.ChangeTemporaryPassword(changePassword); if (message == "Success") { bool rememberMe = false; int timeout = rememberMe ? 525600 : 60; // 525600 min = 1year var ticket = new FormsAuthenticationTicket(aChangePassword.DoctorLoginId, rememberMe, timeout); string encrypted = FormsAuthentication.Encrypt(ticket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted); cookie.Expires = DateTime.Now.AddMinutes(timeout); cookie.HttpOnly = true; Response.Cookies.Add(cookie); if (Url.IsLocalUrl(returnUrl)) { return(Redirect(returnUrl)); } else { Session["UserLoginId"] = null; TempData["ChangeTempPassMsg"] = "Your temporary password changed successfully."; return(RedirectToAction("Index", "Doctor")); } } else { ViewBag.ErrorMessage = message; return(View()); } } else { return(RedirectToAction("Login", "Register")); } } else { return(RedirectToAction("Login", "Register")); } }
public ActionResult Login(Login aLogin, string returnUrl = "") { if (ModelState.IsValid) { aLogin.Password = Crypto.Hash(aLogin.Password); //Check User Login if (aUserManager.IsValid(aLogin.LoginId, aLogin.Password)) { int timeout = aLogin.RememberMe ? 525600 : 60; // 525600 min = 1year var ticket = new FormsAuthenticationTicket(aLogin.LoginId, aLogin.RememberMe, timeout); string encrypted = FormsAuthentication.Encrypt(ticket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted); cookie.Expires = DateTime.Now.AddMinutes(timeout); cookie.HttpOnly = true; Response.Cookies.Add(cookie); if (Url.IsLocalUrl(returnUrl)) { return(Redirect(returnUrl)); } else { return(RedirectToAction("Index", "User")); } } //Check Doctor Login else if (aDoctorManager.IsValid(aLogin.LoginId, aLogin.Password)) { Doctors doctor = aDoctorManager.IsLoginVerified(aLogin.LoginId); if (doctor.PasswordVerified) { if (doctor.Status == "Active") { int timeout = aLogin.RememberMe ? 525600 : 60; // 525600 min = 1year var ticket = new FormsAuthenticationTicket(aLogin.LoginId, aLogin.RememberMe, timeout); string encrypted = FormsAuthentication.Encrypt(ticket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted); cookie.Expires = DateTime.Now.AddMinutes(timeout); cookie.HttpOnly = true; Response.Cookies.Add(cookie); if (Url.IsLocalUrl(returnUrl)) { return(Redirect(returnUrl)); } else { return(RedirectToAction("Index", "Doctor")); } } else { ViewBag.AccountWarningMessage = "Your account has been suspended. Please contact us to activate your account."; } } else { TempData["WarningMessage"] = "Please change your temporary password"; ChangePassword aChangePassword = new ChangePassword(); aChangePassword.DoctorLoginId = aLogin.LoginId; aChangePassword.OldPassword = aLogin.Password; Session["UserLoginId"] = aChangePassword; return(RedirectToAction("ChangeTemporaryPassword", "Register")); } } //Check Medical Login else if (aMedicalManager.IsValid(aLogin.LoginId, aLogin.Password)) { MedicalAccount medicalAccount = aMedicalManager.IsMedicalLoginVerified(aLogin.LoginId); if (medicalAccount.IsEmailVerified) { if (medicalAccount.Status == "Active") { int timeout = aLogin.RememberMe ? 525600 : 60; // 525600 min = 1year var ticket = new FormsAuthenticationTicket(aLogin.LoginId, aLogin.RememberMe, timeout); string encrypted = FormsAuthentication.Encrypt(ticket); var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted); cookie.Expires = DateTime.Now.AddMinutes(timeout); cookie.HttpOnly = true; Response.Cookies.Add(cookie); if (Url.IsLocalUrl(returnUrl)) { return(Redirect(returnUrl)); } else { return(RedirectToAction("Index", "Medical")); } } else if (medicalAccount.Status == "Pending") { ViewBag.AccountWarningMessage = "This account request is pending. Please contact us if you want to activate."; } else { ViewBag.AccountWarningMessage = "This account has been suspended. Please contact us to activate the account."; } } else { ViewBag.ErrorMessage = "Your email has not verified yet. Please check your email and verified your account"; } } else { ViewBag.ErrorMessage = "Your Email or Password is incorrect!"; } } return(View()); }