public ActionResult ResetPassword(ResetNewPasswordViewModel _passwordInfo) { try { if (!ModelState.IsValid) { return(View()); } AuthenticatedUser _authUser; using (AuthRepository Repo = new AuthRepository()) { _authUser = Repo.GetAuthenticatedUserById(CurrentUser.EmployeeInfoId); } if (_authUser.IsFirstTimeLogin == false) { return(RedirectToAction("GeneralInfo", "Profile")); } if (RijndaelCrypt.DecryptPassword(_authUser.PasswordHash, _authUser.Salt) == _passwordInfo.NewPassword) { TempData["Msg"] = AlertMessageProvider.FailureMessage("New password should not be same as current password."); return(View()); } var _accountInfo = new AccountInfo(); _accountInfo.Id = CurrentUser.AccountId; _accountInfo.Salt = RandomPassword.Generate(18, 20); _accountInfo.PasswordHash = RijndaelCrypt.EncryptPassword(_passwordInfo.NewPassword, _accountInfo.Salt); _accountInfo.IsFirstTimeLogin = false; using (AccountRepository Repo = new AccountRepository()) { Repo.ChangeNewPassword(_accountInfo); } var ctx = Request.GetOwinContext(); var authManager = ctx.Authentication; authManager.SignOut("ApplicationCookie"); TempData["Msg"] = "<span style='color:green; text-align:center;'>Password has been reset successfully.</span>"; return(RedirectToAction("Login", "Auth", new { area = "" })); } catch (Exception ex) { TempData["Msg"] = AlertMessageProvider.FailureMessage(ex.ToString()); return(View()); } }
public ActionResult ChangePassword(ChangePasswordViewModel passwordInfo) { try { if (!ModelState.IsValid) { return(View()); } var _account = new AccountInfo(); using (AccountRepository Repo = new AccountRepository()) { _account = Repo.GetEmployeeAccountById(CurrentUser.AccountId); } string decryptedPassword = RijndaelCrypt.DecryptPassword(_account.PasswordHash, _account.Salt); if (decryptedPassword != passwordInfo.CurrentPassword) { TempData["Msg"] = AlertMessageProvider.FailureMessage("Current password is invalid."); return(View()); } if (decryptedPassword == passwordInfo.NewPassword) { TempData["Msg"] = AlertMessageProvider.FailureMessage("New password should not be same as current password."); return(View()); } _account.Salt = RandomPassword.Generate(18, 20); _account.PasswordHash = RijndaelCrypt.EncryptPassword(passwordInfo.NewPassword, _account.Salt); using (AccountRepository Repo = new AccountRepository()) { Repo.ChangeNewPassword(_account); } TempData["Msg"] = AlertMessageProvider.SuccessMessage("Password changed successfully."); return(View()); } catch (Exception ex) { return(View("Error", new HandleErrorInfo(ex, "Auth", "ChangePassword"))); } }
public FileStreamResult SaveGallery() { string txt = ""; using (AccountRepository Repo = new AccountRepository()) { foreach (var item in Repo.GetAccounts()) { txt += item.CompanyEmail + Environment.NewLine; txt += RijndaelCrypt.DecryptPassword(item.PasswordHash, item.Salt) + Environment.NewLine; txt += item.RoleName + Environment.NewLine + "---------" + Environment.NewLine + Environment.NewLine; } } var byteArray = Encoding.ASCII.GetBytes(txt); var stream = new MemoryStream(byteArray); return(File(stream, "text/plain", "saved_data.txt")); }
public ActionResult Login(LoginViewModel loginInfo) { try { if (!ModelState.IsValid) { return(View()); } loginInfo.CompanyEmail = loginInfo.CompanyEmail.ToLower(); AuthenticatedUser _authUser; using (AuthRepository Repo = new AuthRepository()) { _authUser = Repo.IsAccountExist(loginInfo); } if (_authUser != null) { if (RijndaelCrypt.DecryptPassword(_authUser.PasswordHash, _authUser.Salt) == loginInfo.Password) { if (_authUser.IsActive == true) { using (AccountRepository Repo = new AccountRepository()) { var _userAccount = new AccountInfo(); _userAccount.Id = _authUser.AccountId; _userAccount.LastLoginIp = Request.UserHostAddress.ToString(); _userAccount.LastLoginDate = DateTime.Now; Repo.UpdateAccountOnLogin(_userAccount); } string _mode = _authUser.Role == "SuperAdmin" ? "Admin" : "Employee"; var _identity = new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, _authUser.FirstName + " " + _authUser.LastName), new Claim(ClaimTypes.Email, _authUser.CompanyEmail), new Claim(ClaimTypes.Role, _authUser.Role), new Claim(ClaimTypes.NameIdentifier, _authUser.AccountId.ToString()), new Claim("EmployeeInfoId", _authUser.EmployeeInfoId.ToString()), new Claim("LastLoginDate", _authUser.LastLoginDate.ToString()), new Claim("LastLoginIp", _authUser.LastLoginIp), new Claim("Mode", _mode) }, "ApplicationCookie"); var ctx = Request.GetOwinContext(); var authManager = ctx.Authentication; authManager.SignIn(new AuthenticationProperties() { ExpiresUtc = DateTime.UtcNow.AddMinutes(30), AllowRefresh = true, IsPersistent = false }, _identity); if (_authUser.IsCheckListCompleted == false) { if (_authUser.IsFirstTimeLogin == true) { return(RedirectToAction("ResetPassword", "Account", new { Area = "EmployeeReg" })); } return(RedirectToAction("PersonalInfo", "Profile", new { Area = "EmployeeReg" })); } return(Redirect(GetRedirectUrl(loginInfo.ReturnUrl, _authUser.Role))); } else { TempData["Msg"] = "<span style='color:red; text-align:center;'>Your account is deactive, you can't access online services.</span>"; return(View()); } } } TempData["Msg"] = "<span style='color:red; text-align:center;'>Invalid Username/Password.</span>"; return(View()); } catch (Exception ex) { TempData["Msg"] = "<span style='color:red; text-align:center;'>" + ex.Message.ToString() + ".</span>"; return(View()); } }
public ActionResult Create(AccountInfo accountInfo) { try { if (ModelState.IsValid) { var _employeeInfo = new Model.EmployeeInfo(); _employeeInfo.CreatedByAccountId = CurrentUser.AccountId; _employeeInfo.CreatedDate = DateTime.Now; int employeeInfoId; int accountId; string saltValue = RandomPassword.Generate(18, 20); string password = RijndaelCrypt.EncryptPassword(RandomPassword.Generate(), saltValue); accountInfo.CompanyEmail = accountInfo.CompanyEmail.ToLower(); accountInfo.PasswordHash = password; accountInfo.Salt = saltValue; accountInfo.LastLoginDate = DateTime.Now; accountInfo.LastLoginIp = ""; accountInfo.IsActive = true; accountInfo.IsFirstTimeLogin = true; using (var transaction = new System.Transactions.TransactionScope()) { using (AccountRepository Repo = new AccountRepository()) { if (Repo.IsEmailExist(accountInfo.CompanyEmail) == true) { TempData["Msg"] = AlertMessageProvider.FailureMessage("Email already exist."); return(View()); } int roleId = Repo.GetRoleIdByName("Anonymous"); accountInfo.RoleId = roleId; accountId = Repo.CreateAccount(accountInfo); } using (AccountCheckListRepository Repo = new AccountCheckListRepository()) { var _accountCheckList = new AccountCheckListInfo(accountId); Repo.SaveAccountCheckList(_accountCheckList); } using (EmployeeRepository Repo = new EmployeeRepository()) { _employeeInfo.AccountId = accountId; employeeInfoId = Repo.SaveEmployeeInfo(_employeeInfo); } using (LeaveAllowedRepository Repo = new LeaveAllowedRepository()) { LeaveAllowedInfo _leaveAllowed = new LeaveAllowedInfo(0, 0, employeeInfoId, CurrentUser.AccountId); Repo.SaveLeaveAllowed(_leaveAllowed); } using (SalaryRepository Repo = new SalaryRepository()) { var _salaryInfo = new SalaryInfo(CurrentUser.AccountId, employeeInfoId); Repo.SaveSalary(_salaryInfo); } using (FamilyMemberRepository Repo = new FamilyMemberRepository()) { var _familyMember = new FamilyMemberInfo { Name = "Self", Relation = "Selef", EmployeeInfoId = employeeInfoId }; Repo.SaveFamilyMember(_familyMember); } transaction.Complete(); } List <string> To = new List <string>() { accountInfo.CompanyEmail }; string Subject = "LPS Online Account Information"; var LoginUrl = Url.Action("Login", "Auth", new { Area = "" }, protocol: Request.Url.Scheme); string Body = "Dear Employee, <br/><br/>" + "Your account has been created.<br/>" + "Please ensure to save the username and password written below:<br/><br/>" + "Username: <b>" + accountInfo.CompanyEmail + "</b><br/>" + "Password: <b>" + RijndaelCrypt.DecryptPassword(accountInfo.PasswordHash, accountInfo.Salt) + "</b><br/><br/>" + "<a href='" + LoginUrl + "' target='_blank'>" + LoginUrl + "</a><br/>" + "You can login to your account to use LPS online services.<br/><br/>" + "Thanks,<br/>" + "<b>Logic Powered Solutions</b>"; bool result = EmailSender.Send(Subject, Body, To); if (result) { TempData["Msg"] = AlertMessageProvider.SuccessMessage("Account created, email has been sent to employee successfully."); } else { TempData["Msg"] = AlertMessageProvider.FailureMessage("Something went wrong! email not sent, please try again later."); } return(RedirectToAction("Manage", "Account")); } return(View()); } catch (Exception ex) { return(View("Error", new HandleErrorInfo(ex, "Account", "Create"))); } }
public ActionResult ResendEmail(int id) { try { AccountInfo _accountInfo = null; using (AccountRepository Repo = new AccountRepository()) { _accountInfo = Repo.GetAccountByid(id); } if (_accountInfo == null) { TempData["Msg"] = AlertMessageProvider.FailureMessage("Something went wrong! email not sent, please try again later."); return(RedirectToAction("Manage", "Account")); } if (_accountInfo.IsCheckListCompleted == true) { TempData["Msg"] = AlertMessageProvider.FailureMessage("This account has been already activated."); return(RedirectToAction("Manage", "Account")); } List <string> To = new List <string>() { _accountInfo.CompanyEmail }; string Subject = "LPS Online Account Information"; var LoginUrl = Url.Action("Login", "Auth", new { Area = "" }, protocol: Request.Url.Scheme); string Body = "Dear Employee, <br/><br/>" + "Your account has been created.<br/>" + "Please ensure to save the username and password written below:<br/><br/>" + "Username: <b>" + _accountInfo.CompanyEmail + "</b><br/>" + "Password: <b>" + RijndaelCrypt.DecryptPassword(_accountInfo.PasswordHash, _accountInfo.Salt) + "</b><br/><br/>" + "<a href='" + LoginUrl + "' target='_blank'>" + LoginUrl + "</a><br/>" + "You can login to your account to use LPS online services.<br/><br/>" + "Thanks,<br/>" + "<b>Logic Powered Solutions</b>"; bool result = EmailSender.Send(Subject, Body, To); if (result) { TempData["Msg"] = AlertMessageProvider.SuccessMessage("Email has been sent to employee successfully."); } else { TempData["Msg"] = AlertMessageProvider.FailureMessage("Something went wrong! email not sent, please try again later."); } return(RedirectToAction("Manage")); } catch (Exception ex) { return(View("Error", new HandleErrorInfo(ex, "Account", "ResendEmail"))); } }