// проверка кэша паролей public bool CheckPassCache(string login, string password) { string msg = null; STUser dbuser; CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); // находим юзера в БД по логину int retvalue = clUser.GetRecordByUserLogin(login, out dbuser, out msg); // находим кэш паролей в БД по логину юзера List <STPassCache> lstpc = new List <STPassCache>(); retvalue = clUser.GetPassCache(login, out lstpc, out msg); if (lstpc.Count <= 0) { return(false); } // сравниваем введенный пароль со спсиком паролей foreach (STPassCache pc in lstpc) { string PASS = CreatePasswordHash(password, pc.passwordsalt); if (pc.password == PASS) { return(true); } } return(false); }
public bool FPS(ActivateModel model) { if (string.IsNullOrEmpty(model.Key)) { return(false); } string msg; CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); STUser dbuser = new STUser(); int ret = clUser.GetRecordByUserKey(model.Key, out dbuser, out msg); if (ret != 0) { return(false); } else { string salt = CreateSalt(); string password = CreatePasswordHash(model.NewPassword, salt); if (clUser.FPS(dbuser.userid, password, salt, out msg) != 0) { return(false); } } return(true); }
public UserModels GetUserByLogin(string login) { UserModels ret = new UserModels(); STUser data = new STUser(); string msg; CCondition clCondition = new CCondition(); CPermission clPermission = new CPermission(); try { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); int retvalue = clUser.GetRecordByUserLogin(login, out data, out msg); ret = new UserModels(); ret.UserId = data.userid; ret.UserName = data.username; ret.Login = data.login; ret.Comments = data.comments; ret.Condition = clCondition.GetName(data.condition); ret.Permission = clPermission.GetName(data.permission); // ret.Password = data.password; // ret.ConfirmPassword = ret.Password; ret.Email = data.email; ret.OwnerUserId = data.owneruserid; ret.OwnerUserName = data.ownerusername; } catch (Exception ex) { msg = ex.Message; } return(ret); }
public bool SentLink(STUser stUser) { string msg = null; try { CUser clUser = new CUser(stUser.userid, LocalData.CSDbUsers(), LocalData.LogPath()); string key = GenerateKey(); int ret = clUser.SetKeyFPS(stUser.userid, key, out msg); if (ret != 0) { return(false); } CMail clMail = new CMail(stUser.userid, LocalData.CSDbUsers(), LocalData.LogPath()); STMail maildata = new STMail(); maildata.to = stUser.email; maildata.linkkey = key; maildata.tamplate = "MailToUserChangePassword.txt"; maildata.fleetpwd = null; maildata.pan = null; maildata.dtcreate = DateTime.Now.ToString("yyyyMMddHHmmss"); maildata.dtmistsent = null; clMail.Insert(maildata, out msg); SMTPNotice smtp = new SMTPNotice(LocalData.SmtpHost(), LocalData.SmtpPort(), LocalData.SmtpUseSSL(), LocalData.SmtpUserName(), LocalData.SmtpPassword(), LocalData.SmtpFrom(), LocalData.CSDbUsers(), LocalData.LogPath(), LocalData.GetTemplatePath(), LocalData.Images()); smtp.SendNotice(out msg); } catch (Exception ex) { msg = ex.Message; return(false); } return(true); }
// // GET: /Report/ public ActionResult Indexd() { if (Request.IsAuthenticated) { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); STUser stUser; string msg; clUser.GetRecordByUserId(LocalData.UserId(), out stUser, out msg); if (!stUser.oldpass) { ReportParamModels param = new ReportParamModels(); param.BeginDate = new DateTime(DateTime.Now.Year, DateTime.Now.Month, 1, 0, 0, 0, 0); DateTime end = DateTime.Now; end = end.AddMonths(1); end = new DateTime(end.Year, end.Month, 1, 0, 0, 0, 0); end = end.AddDays(-1); param.EndDate = new DateTime(end.Year, end.Month, end.Day, 23, 59, 59, 0); return(View(param)); } else { return(RedirectToAction("ChangePassword", "Account")); } } else { return(RedirectToAction("Index", "Home")); } }
public List <ReportModels> GetReport(ReportParamModels param) { List <ReportModels> ret = new List <ReportModels>(); ReportModels item; List <STAction> data = new List <STAction>(); try { CAction clAction = new CAction(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); data = clAction.GetReport(param.BeginDate, param.EndDate); foreach (STAction row in data) { item = new ReportModels(); item.ActionName = row.actionname; item.Comment = row.value; item.DT = row.dt; item.User = row.username; ret.Add(item); } } catch (Exception ex) { } return(ret); }
// проверка текущего пароля public bool ValidateChangePassword(string login, string password, out string msg) { msg = null; bool ret = true; try { STUser dbuser; CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); // находим юзера в БД по логину int retvalue = clUser.GetRecordByUserLogin(login, out dbuser, out msg); // сравниваем пароль if (dbuser.password == CreatePasswordHash(password, dbuser.passwordsalt) && dbuser.isactivated == true) { return(true); } else { msg = "The current password is incorrect."; return(false); } } catch (Exception ex) { msg = ex.Message; ret = false; } return(ret); }
public ActionResult List(int pageNum = 0) { if (Request.IsAuthenticated) { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); STUser stUser; string msg; clUser.GetRecordByUserId(LocalData.UserId(), out stUser, out msg); if (!stUser.oldpass) { STTransactVP param; if (Session["TRANSACTPARAM"] != null) { param = (STTransactVP)Session["TRANSACTPARAM"]; } else { param = new STTransactVP(); } if (!SharedModel.IsConnect(LocalData.CSDbTransacts1(), out msg) && !SharedModel.IsConnect(LocalData.CSDbTransacts2(), out msg)) { ViewData["ERROR"] = "No connection to DB"; ViewData["MSG"] = msg; //return RedirectToAction("Index", "Error"); return(View("Index")); } else { string[] arr = new[] { "'", "\"", "--" }; if (CheckerField.CheckField(arr, param.maskedpan, param.maskedpos)) { ViewData["MSG"] = "One or more fields contain invalid characters."; return(View("Errors")); } else { List <TransactModels> lst = TransactModelsRepository.Instance.GetListTransact(param); ViewData["PageNum"] = pageNum; ViewData["ItemsCount"] = lst.Count; ViewData["PageSize"] = pageSize; ViewData["STRPARAM"] = param.strdata; return(View(TransactModelsRepository.Instance.GetListTransact(pageSize, pageNum, param))); } } } else { return(RedirectToAction("ChangePassword", "Account")); } } else { return(RedirectToAction("Index", "Home")); } }
/* [HttpPost] * public ActionResult LogOn(LogOnModel model, string returnUrl) * { * string msg = null; * * if (ModelState.IsValid) * { * // if (!MembershipService.ValidateUser(model.UserName, model.Password, out msg)) * // { * // ModelState.AddModelError("", msg); * // return View(model); * // } * * if (!MembershipService.ValidatePass(model.Login, model.Password, out msg)) * { * Thread.Sleep(2000); * ModelState.AddModelError("", msg); * return View(model); * } * * UserModels UM = UserModelsRepository.Instance.GetUserByLogin(model.Login); * if (UM.Condition == "Blocked") msg = "The user has been blocked"; * if (UM.Condition == "Deleted") msg = "The user has been removed"; * if (UM.Condition == "Active") * { * CUser clUser = new CUser(null, LocalData.CSDbUsers(), LocalData.LogPath()); * STUser stUser; * clUser.GetRecordByUserLogin(model.Login, out stUser, out msg); * * FormsService.SignIn(model.Login, model.RememberMe); * * if (stUser.passvaliddate <= DateTime.Now) return RedirectToAction("ChangePassword"); * * CAction clAction = new CAction(stUser.userid, LocalData.CSDbUsers(), LocalData.LogPath()); * clAction.AddAction(ActionType.LogON, null, out msg); * if (Url.IsLocalUrl(returnUrl)) * { * * return Redirect(returnUrl); * } * else * { * * return RedirectToAction("Index", "Home"); * } * } * else * ModelState.AddModelError("", msg); * * } * * // If we got this far, something failed, redisplay form * return View(model); * }*/ // ************************************** // URL: /Account/LogOff // ************************************** public ActionResult LogOff() { string msg; CAction clAction = new CAction(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); clAction.AddAction(ActionType.LogOFF, null, out msg); FormsService.SignOut(); Session.Abandon(); return(RedirectToAction("Index", "Home")); }
public int OpenSession() { int ret = 0; string msg; STSession st = new STSession(); CSession clSession = new CSession(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); int retvalue = clSession.OpenSession(out st, out msg); return(ret); }
public STUser GetLocalUser() { STUser ret = new STUser(); string msg; CCondition clCondition = new CCondition(); CPermission clPermission = new CPermission(); try { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); int retvalue = clUser.GetRecordByUserId(LocalData.UserId(), out ret, out msg); } catch (Exception ex) { msg = ex.Message; } return(ret); }
// ************************************** // URL: /Account/LogOn // ************************************** public ActionResult LogOn() { string msg; if (!SharedModel.IsConnect(LocalData.CSDbUsers(), out msg)) { ViewData["ERROR"] = "No connection to DB"; ViewData["MSG"] = msg; //return RedirectToAction("Index", "Error"); return(View("Index")); } return(View()); }
public int LogON(string login, string password, out string msg) { int ret = 0; msg = null; CUser clUser = new CUser(null, LocalData.CSDbUsers(), LocalData.LogPath()); STUser stUser; int retvalue = clUser.GetRecordByUserLogin(login, out stUser, out msg); if (retvalue != 0) { return(-1); } else { if (stUser.userid == null) { string smsg = string.Format("Invalid user ({0})", login); CUdpSender clUDp = new CUdpSender(LocalData.Host(), LocalData.Port(), LocalData.LogPath()); clUDp.Send(LocalData.Facility(), LocalData.TagId(), "UWA101", smsg); return(2); } if (stUser.islock) { msg = string.Format("The user \"{0}\" has temporarily blocked for 30 minutes", login); return(3); } if (!UserModelsRepository.Instance.ValidateLogOnPassword(stUser, password, out msg)) { string smsg = string.Format("Invalid password for user ({0})", login); CUdpSender clUDp = new CUdpSender(LocalData.Host(), LocalData.Port(), LocalData.LogPath()); clUDp.Send(LocalData.Facility(), LocalData.TagId(), "UWA102", smsg); // msg = smsg; return(4); } if (stUser.passvaliddate <= DateTime.Now) { return(1); } } return(ret); }
public void DeleteUser(string id) { string msg; try { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); int retvalue = clUser.Delete(id, out msg); if (retvalue == 0) { CAction clAction = new CAction(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); clAction.AddAction(ActionType.DeleteUser, string.Format("Delete user {0}", id), out msg); } } catch (Exception ex) { msg = ex.Message; } }
public List <UserModels> GetListUser(STUserVP param) { List <UserModels> ret = new List <UserModels>(); UserModels item; List <STUser> data = new List <STUser>(); string msg; CCondition clCondition = new CCondition(); CPermission clPermission = new CPermission(); CUser clUser; try { clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); int retvalue = clUser.GetData(param, out data, out msg); foreach (STUser row in data) { item = new UserModels(); item.UserId = row.userid; item.UserName = row.username; item.Login = row.login; item.Comments = row.comments; item.Condition = clCondition.GetName(row.condition); item.Permission = clPermission.GetName(row.permission); // item.Password = row.password; item.Email = row.email; item.OwnerUserId = row.owneruserid; item.OwnerUserName = row.ownerusername; if (!row.isactivated) { item.AccountState = "Not activated"; } else { item.AccountState = null; } ret.Add(item); } } catch (Exception ex) { msg = ex.Message; } return(ret); }
public ActionResult Indexd(ReportParamModels model) { if (Request.IsAuthenticated) { List <ReportModels> lst = ReportRepository.Instance.GetReport(model); CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); STUser stUser; string msg; clUser.GetRecordByUserId(LocalData.UserId(), out stUser, out msg); ViewData["USERNAME"] = stUser.username; return(View("List", lst)); } else { return(RedirectToAction("Index", "Home")); } }
public int UpdateUser(UserModels model, out string msg) { int ret = 0; msg = null; STUser data = new STUser(); CCondition clCondition = new CCondition(); CPermission clPermission = new CPermission(); try { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); data.comments = model.Comments; data.condition = clCondition.GetId(model.Condition); data.email = model.Email; data.login = model.Login; data.modifieddate = DateTime.Now; data.passwordsalt = CreateSalt(); // data.password = CreatePasswordHash(model.Password, data.passwordsalt); data.permission = clPermission.GetId(model.Permission); data.username = model.UserName; string[] arr = new[] { "'", "\"", "--" }; if (CheckerField.CheckField(arr, data.comments, data.email, data.login, data.username)) { msg = "One or more fields contain invalid characters."; return(2); } ret = clUser.Update(model.UserId, data, out msg); if (ret == 0) { CAction clAction = new CAction(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); clAction.AddAction(ActionType.EditUser, string.Format("Edit user {0}, {1}", data.username, data.login), out msg); } } catch (Exception ex) { msg = ex.Message; ret = -1; } return(ret); }
/*public bool ValidateUser(string login, string password) * { * string msg; * CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); * STUser dbuser = new STUser(); * * int ret = clUser.GetRecordByUserLogin(login, out dbuser, out msg); * * if (ret != 0) return false; * else * { * if (dbuser.password == CreatePasswordHash(password, dbuser.passwordsalt) && dbuser.isactivated == true) * { * clUser.Lock(dbuser.userid, 0, null, null, out msg); * // скинем количество неверных попыток и доту временной блокировки и дату ввода не верной попытки * return true; * } * else * { * * // необходимо проверить дату последней ошибочной попытки * // если она+30 минут меньше текущей количество попыток устанавливаем 1 и записываем дату * // если нет считаем попытку * // если это не 3 пишем дату последней попытки и увеличиваем попытку * // иначе скидываем дату и попытку и вносим дату блокировки * if (dbuser.lastmisstime != null && dbuser.lastmisstime <= DateTime.Now.AddMinutes(-30)) * { * clUser.Lock(dbuser.userid, 1, DateTime.Now, null, out msg); * } * else * { * if (dbuser.cntmisstry < 2) * clUser.Lock(dbuser.userid, dbuser.cntmisstry + 1, DateTime.Now, null, out msg); * else clUser.Lock(dbuser.userid, 0, null, DateTime.Now.AddMinutes(30), out msg); * } * return false; * } * } * }*/ public bool ValidateLogOnPassword(STUser dbuser, string password, out string msg) { msg = null; bool ret = true; try { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); if (dbuser.password == CreatePasswordHash(password, dbuser.passwordsalt) && dbuser.isactivated == true) { clUser.Lock(dbuser.userid, 0, null, null, out msg); // скинем количество неверных попыток и доту временной блокировки и дату ввода не верной попытки return(true); } else { // необходимо проверить дату последней ошибочной попытки // если она+30 минут меньше текущей количество попыток устанавливаем 1 и записываем дату // если нет считаем попытку // если это не 3 пишем дату последней попытки и увеличиваем попытку // иначе скидываем дату и попытку и вносим дату блокировки if (dbuser.lastmisstime != null && dbuser.lastmisstime <= DateTime.Now.AddMinutes(-30)) { clUser.Lock(dbuser.userid, 1, DateTime.Now, null, out msg); } else { if (dbuser.cntmisstry < 2) { clUser.Lock(dbuser.userid, dbuser.cntmisstry + 1, DateTime.Now, null, out msg); } else { clUser.Lock(dbuser.userid, 0, null, DateTime.Now.AddMinutes(30), out msg); } } return(false); } } catch (Exception ex) { msg = ex.Message; ret = false; } return(ret); }
public ActionResult Filter() { if (Request.IsAuthenticated) { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); STUser stUser; string msg; clUser.GetRecordByUserId(LocalData.UserId(), out stUser, out msg); if (!stUser.oldpass) { //STCardVP param = LocaParam.cardparam; STTransactVP param; if (Session["TRANSACTPARAM"] != null) { param = (STTransactVP)Session["TRANSACTPARAM"]; } else { param = new STTransactVP(); // param.dtbegin = new DateTime(DateTime.Now.Year, DateTime.Now.Month, 1, 0, 0, 0, 0); // DateTime end = DateTime.Now; // end = end.AddMonths(1); // end = new DateTime(end.Year, end.Month, 1, 0, 0, 0, 0); // end = end.AddDays(-1); // param.dtend = new DateTime(end.Year, end.Month, end.Day, 23, 59, 59, 0); param.dtbegin = new DateTime(DateTime.Now.Year, DateTime.Now.Month, DateTime.Now.Day, 0, 0, 0, 0); param.dtend = DateTime.Now; } TransactModelsViewParam prm = TransactModelsRepository.Instance.SetParam(param); return(View("Filter", prm)); } else { return(RedirectToAction("ChangePassword", "Account")); } } else { return(RedirectToAction("Index", "Home")); } }
// ************************************** // URL: /Account/Update/FPS/key // ************************************** public ActionResult FPS(string key) { string msg; CUser clUser = new CUser(null, LocalData.CSDbUsers(), LocalData.LogPath()); STUser stUser; int ret = clUser.GetRecordByUserKey(key, out stUser, out msg); if (ret != 0) { return(RedirectToAction("Index", "Home")); } if (stUser.newemailkey != key) { return(RedirectToAction("Index", "Home")); } ActivateModel model = new ActivateModel(); model.Key = key; ViewBag.PasswordLength = MembershipService.MinPasswordLength; return(View("Activate", model)); }
public ActionResult EnterLoginFPS(LogOnModel model) { string msg; CUser clUser = new CUser(null, LocalData.CSDbUsers(), LocalData.LogPath()); STUser stUser; int ret = clUser.GetRecordByUserLogin(model.Login, out stUser, out msg); if (ret == 0 && stUser.login != null) { if (stUser.islock) { ViewData["Information"] = string.Format("The user \"{0}\" has temporarily blocked for 30 minutes", stUser.login); return(View("Information")); } else { UserModelsRepository.Instance.SentLink(stUser); } } ViewData["Information"] = "We sent a link to change the password to your email."; return(View("Information")); }
// смена пароля в БД public bool ChangePassword(string login, string oldPassword, string newPassword) { STUser data = new STUser(); string msg; CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); // находим юзера в БД по логину int ret = clUser.GetRecordByUserLogin(login, out data, out msg); if (ret != 0) { return(false); } // соль string passwordsalt = CreateSalt(); // кодируем пароль string password = CreatePasswordHash(newPassword, passwordsalt); // дата действия пароля 6 месяцев DateTime passvaliddate = DateTime.Now.AddMonths(6);; // делаем изменения в БД int retvalue = clUser.UpdatePassword(data.userid, password, passwordsalt, passvaliddate, out msg); if (retvalue != 0) { return(false); } // добавляем пароль в кэш паорелей в БД STPassCache pc = new STPassCache(); pc.password = password; pc.passwordsalt = passwordsalt; clUser.AddPassToPassCache(login, pc, out msg); return(true); }
/* public string GetUserNameByEmail(string email) * { * string ret = null; * * STUser stUser = new STUser(); * string msg = null; * CUser clUser = * new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); * int retvalue = clUser.GetRecordByUserEmail(email, out stUser, out msg); * * return stUser.userid; * }*/ public MembershipUser GetUser(string username) { STUser data = new STUser(); string msg; CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); int retvalue = clUser.GetRecordByUserLogin(username, out data, out msg); string _username = data.login; int _providerUserKey = 0; string _email = data.email; string _passwordQuestion = ""; string _comment = data.comments; bool _isApproved = data.isactivated; bool _isLockedOut = false; DateTime _creationDate = data.creationdate; DateTime _lastLoginDate = data.modifieddate; DateTime _lastActivityDate = DateTime.Now; DateTime _lastPasswordChangedDate = DateTime.Now; DateTime _lastLockedOutDate = DateTime.Now; MembershipUser user = new MembershipUser("LocalMembershipProvider", _username, _providerUserKey, _email, _passwordQuestion, _comment, _isApproved, _isLockedOut, _creationDate, _lastLoginDate, _lastActivityDate, _lastPasswordChangedDate, _lastLockedOutDate); return(user); }
public int AddUser(UserModels model, out string msg) { int ret = 0; STUser data = new STUser(); msg = null; CCondition clCondition = new CCondition(); CPermission clPermission = new CPermission(); try { CUser clUser = new CUser(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); ret = clUser.GetRecordByUserLogin(model.Login, out data, out msg); if (ret != 0) { return(ret); } else { if (data.login != null) { msg = "The login already exists in the database for the application."; return(1); } } data.comments = model.Comments; data.activateddate = null; data.condition = 0; data.creationdate = DateTime.Now; data.email = model.Email; data.isactivated = false; data.login = model.Login; data.modifieddate = data.creationdate; data.owneruserid = LocalData.UserId(); // data.passwordsalt = CreateSalt(); // data.password = CreatePasswordHash(model.Password, data.passwordsalt); data.permission = clPermission.GetId(model.Permission); data.username = model.UserName; data.passvaliddate = DateTime.Now.AddDays(-1); data.newemailkey = GenerateKey(); string[] arr = new[] { "'", "\"", "--" }; if (CheckerField.CheckField(arr, data.comments, data.email, data.login, data.username)) { msg = "One or more fields contain invalid characters."; return(2); } ret = clUser.Insert(data, out msg); if (ret == 0) { CAction clAction = new CAction(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); clAction.AddAction(ActionType.AddUser, string.Format("Add user {0}, {1}", data.username, data.login), out msg); CMail clMail = new CMail(LocalData.UserId(), LocalData.CSDbUsers(), LocalData.LogPath()); STMail maildata = new STMail(); maildata.to = data.email; maildata.tamplate = "MailToUserActivateAccount.txt"; maildata.linkkey = data.newemailkey; maildata.fleetpwd = null; maildata.pan = null; maildata.dtcreate = DateTime.Now.ToString("yyyyMMddHHmmss"); maildata.dtmistsent = null; maildata.login = data.login; clMail.Insert(maildata, out msg); SMTPNotice smtp = new SMTPNotice(LocalData.SmtpHost(), LocalData.SmtpPort(), LocalData.SmtpUseSSL(), LocalData.SmtpUserName(), LocalData.SmtpPassword(), LocalData.SmtpFrom(), LocalData.CSDbUsers(), LocalData.LogPath(), LocalData.GetTemplatePath(), LocalData.Images()); smtp.SendNotice(out msg); } } catch (Exception ex) { msg = ex.Message; ret = -1; } return(ret); }