public ActionResult LoadSecurity(string UserName) { ///<summary> /// Loads the Login Security Question and Answer /// Stores the Answer for the corresponding chosen Question /// </summary> LMSDBContext context = new LMSDBContext(); List <SelectListItem> ddSecurityQuestions = new List <SelectListItem>(); LMSLogin login = context.LMSLogins.SingleOrDefault(x => x.UserName == UserName); int questionId = 0; if (login != null) { LMSUserSecurityAnswer answer = context.LMSUserSecurityAnswers.SingleOrDefault(x => x.LMSLoginId == login.UserId); if (answer != null) { questionId = answer.LMSSecurityQuestionId; if (questionId > 0) { IEnumerable <LMSSecurityQuestion> securityQuestions = unitofwork.LMSSecurityQuestionRepository.Get(x => x.LMSSecurityQuestionId == questionId); securityQuestions.ToList().ForEach(x => ddSecurityQuestions.Add(new SelectListItem { Text = x.Question, Value = x.LMSSecurityQuestionId.ToString(), Selected = true })); } } } ViewBag.questionId = questionId; ViewBag.ddSecurityQuestions = ddSecurityQuestions; return(View()); }
/// <summary> /// Register a new user login /// </summary> public virtual void Register(LMSLogin model) { string strCurrentDate = DateTime.Now.ToString(); byte[] passwordSalt = Encryptor.EncryptText(strCurrentDate, model.UserName); string se = Convert.ToBase64String(passwordSalt); byte[] passwordHash = Encryptor.GenerateHash(model.Password, se.ToString()); var data = new LMSLogin { UserName = model.UserName, FirstName = model.FirstName, LastName = model.LastName, //commented on 11/14/2016 // EmployeeNo = model.EmployeeNo, PasswordHash = passwordHash, PasswordSalt = passwordSalt, PermissionLevel = model.PermissionLevel, UserType = model.UserType, IssueDate = model.IssueDate, CreatedBy = model.CreatedBy, CreatedOn = model.CreatedOn, StatusCode = model.StatusCode, }; this.context.LMSLogins.Add(data); }
public ActionResult ForgotPassword(LMSUserSecurityAnswer model) { ///<summary> /// To recover the forgotten password /// Checks the user name and the Security Answer if it matches and then stores the new password entered by the user ///</summary> bool isSuccess = false; string message = ""; LMSLogin login = null; LMSDBContext context = null; LMSUserSecurityAnswer securityanswer = null; try { context = new LMSDBContext(); login = context.LMSLogins.SingleOrDefault(x => x.UserName == model.UserName); if (login != null) { securityanswer = context.LMSUserSecurityAnswers.SingleOrDefault(x => x.LMSLoginId == login.UserId); if (securityanswer != null) { if (securityanswer.LMSSecurityQuestionId == model.LMSSecurityQuestionId && string.Equals(securityanswer.SecurityAnswer, model.SecurityAnswer, StringComparison.OrdinalIgnoreCase)) { int charaters = CommonConstants.PasswordLength; string newPassword = charaters.RandomString(); string strCurrentDate = DateTime.Now.ToString(); byte[] strSaltTemp = Encryptor.EncryptText(strCurrentDate, login.UserName); string se = Convert.ToBase64String(strSaltTemp); byte[] strPasswordHash = Encryptor.GenerateHash(newPassword, se.ToString()); login.PasswordHash = strPasswordHash; login.PasswordSalt = strSaltTemp; login.LastModifiedBy = login.UserId; login.LastModifiedOn = DateTime.Now; login.IsSecurityApplied = false; context.SaveChanges(); isSuccess = true; message = newPassword; } else { message = "Incorrect answer."; } } else { message = "Security answer does not exists."; } } else { message = "UserName does not exists."; } } catch (Exception ex) { throw ex; } return(Json(new { isSuccess = isSuccess, message = message }, JsonRequestBehavior.AllowGet)); }
public ActionResult Index(LMSLogin model) { if (ModelState.IsValid) { unitofwork.LMSLoginRepository.Register(model); unitofwork.Save(); return(RedirectToAction("Index", "Login")); } return(View(model)); }
/// <summary> /// Checks if the password matches the stored encrypted password /// </summary> /// <param name="model"></param> /// <returns></returns> public LMSLogin CheckPassword(LMSLogin model) { LMSLogin lMSLogin = null; if (model != null && !string.IsNullOrEmpty(model.UserName) && !string.IsNullOrEmpty(model.Password)) { var dbUser = this.context.LMSLogins.SingleOrDefault(x => x.UserName == model.UserName); byte[] strSalt = dbUser.PasswordSalt; string salt = Convert.ToBase64String(strSalt); byte[] dbPasswordHash = dbUser.PasswordHash; byte[] userPasswordHash = Encryptor.GenerateHash(model.Password, salt); bool chkPassword = Encryptor.CompareByteArray(dbPasswordHash, userPasswordHash); if (chkPassword) { lMSLogin = dbUser; } } return(lMSLogin); }
//comment here /// <summary> /// Store the changed passwrod in encrypted format /// </summary> /// <param name="model"></param> public virtual void ChangePassword(LMSLogin model) { string strCurrentDate = DateTime.Now.ToString(); byte[] passwordSalt = Encryptor.EncryptText(strCurrentDate, model.UserName); string se = Convert.ToBase64String(passwordSalt); byte[] passwordHash = Encryptor.GenerateHash(model.Password, se.ToString()); var login = context.LMSLogins.SingleOrDefault(x => x.UserId == model.UserId); if (login != null) { login.IsSecurityApplied = true; login.PasswordHash = passwordHash; login.PasswordSalt = passwordSalt; login.LastModifiedBy = model.UserId; login.LastModifiedOn = DateTime.Now; } }
public ActionResult Index() { // comment here ///<summary> /// ///</summary> LMSLogin login = new LMSLogin(); if (Request.Cookies["LMSLogin"] != null) { var loginCookie = Request.Cookies["LMSLogin"]; if (loginCookie != null && loginCookie.Values.Count > 0) { login.UserName = loginCookie.Values["UserName"]; login.Password = loginCookie.Values["Password"]; } } return(View(login)); }
// comment here /// <summary> /// // Setting initial admin login /// </summary> /// <param name="context"></param> protected override void Seed(LMSDBContext context) { //IList<Standard> defaultStandards = new List<Standard>(); //defaultStandards.Add(new Standard() { StandardName = "Standard 1", Description = "First Standard" }); //defaultStandards.Add(new Standard() { StandardName = "Standard 2", Description = "Second Standard" }); //defaultStandards.Add(new Standard() { StandardName = "Standard 3", Description = "Third Standard" }); //foreach (Standard std in defaultStandards) // context.Standards.Add(std); List <LMSStatusCodeDetail> lstSttausCode = new List <LMSStatusCodeDetail> { new LMSStatusCodeDetail { StatusCodeId = StatusCodeConstants.Active, StatusCodeName = "Active", StatusCode = StatusCodeConstants.Active, CreatedOn = DateTime.Now }, new LMSStatusCodeDetail { StatusCodeId = StatusCodeConstants.InActive, StatusCodeName = "InActive", StatusCode = StatusCodeConstants.Active, CreatedOn = DateTime.Now }, new LMSStatusCodeDetail { StatusCodeId = StatusCodeConstants.OnLeave, StatusCodeName = "OnLeave", StatusCode = StatusCodeConstants.Active, CreatedOn = DateTime.Now }, new LMSStatusCodeDetail { StatusCodeId = StatusCodeConstants.Terminated, StatusCodeName = "Terminated", StatusCode = StatusCodeConstants.Active, CreatedOn = DateTime.Now }, // Removed Retired 11/21/2016 // new LMSStatusCodeDetail { StatusCodeId=StatusCodeConstants.Retired,StatusCodeName="Retired",StatusCode=StatusCodeConstants.Active,CreatedOn=DateTime.Now }, }; context.StatusCodeDetails.AddRange(lstSttausCode); //test //List<TestModel1> lstTestModel = new List<TestModel1>(); //for (int i = 0; i < 300; i++) //{ // lstTestModel.Add(new TestModel1 // { MyProperty1 = "MyProperty" + i.ToString(), MyProperty2 = "MyProperty" + i.ToString(), MyProperty3 = "MyProperty3" }); //} //context.TestModel1.AddRange(lstTestModel); string userName = "******"; string password = "******"; string strCurrentDate = DateTime.Now.ToString(); byte[] passwordSalt = Encryptor.EncryptText(strCurrentDate, userName); string se = Convert.ToBase64String(passwordSalt); byte[] passwordHash = Encryptor.GenerateHash(password, se.ToString()); LMSLogin lmsLogin = new LMSLogin { UserName = userName, PasswordHash = passwordHash, PasswordSalt = passwordSalt, FirstName = "admin", LastName = "admin", CreatedOn = DateTime.Now, IsSecurityApplied = true, StatusCode = StatusCodeConstants.Active, IssueDate = DateTime.Now, //PermissionLevel = PermissionConstants.All, PermissionLevel = PermissionConstants.SuperAdmin, UserType = UserTypeConstants.SuperAdmin }; context.LMSLogins.Add(lmsLogin); context.SaveChanges(); // Storing Security question in LMSSecurityQuestion table var lstSecuritQuestions = new List <LMSSecurityQuestion> { new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "In what city did you meet your spouse/significant other?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What was your childhood nickname?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What is the name of your favorite childhood friend?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What street did you live on in third grade?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What is your oldest sibling’s birthday month and year? (e.g., January 1900)" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What is the middle name of your oldest child?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What is your oldest sibling’s middle name?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What school did you attend for sixth grade?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What was your childhood phone number including area code? (e.g., 000-000-0000)" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What was the name of your first stuffed animal?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "What is your maternal grandmother’s maiden name?" }, new LMSSecurityQuestion { CreatedBy = lmsLogin.UserId, CreatedOn = DateTime.Now, StatusCode = StatusCodeConstants.Active, Question = "In what town was your first job?" }, }; context.LMSSecurityQuestions.AddRange(lstSecuritQuestions); context.SaveChanges(); base.Seed(context); }
public ActionResult Index(LMSLogin model) { ///<summary> ///Perform Login checks ///</summary> LMSLogin dbUser = new LMSLogin(); if (ModelState.IsValid) { // Checks the Current user login and password matches and check the Permission level bool userExists = unitofwork.LMSLoginRepository.CheckIfUserExists(model.UserName); if (userExists) { dbUser = unitofwork.LMSLoginRepository.CheckPassword(model); if (dbUser != null) { CurrentUser currentUser = new CurrentUser { UserId = dbUser.UserId, UserName = dbUser.UserName, FullName = dbUser.FirstName + " " + dbUser.LastName, PermissionLevel = dbUser.PermissionLevel, IsSecurityApplied = dbUser.IsSecurityApplied, }; this.HttpContext.Session["CurrentUser"] = currentUser; // add a record of User logging In. LMSAudit lmsAudit = new LMSAudit(); lmsAudit.TransactionDate = DateTime.Now; lmsAudit.UserName = currentUser.UserName; lmsAudit.FullName = currentUser.FullName; lmsAudit.Section = "Login"; lmsAudit.Action = "Logging In"; lmsAudit.Description = String.Format(" User Name : {0}, Name: {1} Logged In. Permission = {2}", currentUser.UserName, currentUser.FullName, currentUser.PermissionLevel); unitofwork.LMSAuditRepository.Insert(lmsAudit); unitofwork.Save(); //saves the user login name in cookies - for Remember Me option - for 15 days if (model.IsRememberMe) { HttpCookie cookie = new HttpCookie("LMSLogin"); cookie.Values.Add("UserName", currentUser.UserName); //cookie.Values.Add("Password", model.Password); cookie.Expires = DateTime.Now.AddDays(15); Response.Cookies.Add(cookie); } else { Response.Cookies["LMSLogin"].Expires = DateTime.Now.AddDays(-1); //HttpCookie cookie = new HttpCookie("LMSLogin"); //cookie.Values.Add("UserName", currentUser.UserName); //cookie.Expires = DateTime.Now.AddDays(15); //Response.Cookies.Add(cookie); } return(RedirectToAction("EmployeeList", "Employee")); } else { dbUser = new LMSLogin { UserName = model.UserName, Message = "Wrong Password." }; } } else { dbUser.Message = "User does not exists."; } } return(View(dbUser)); }