public void UpdateRememberMeCookie(long selector)
{
SystemAdminDbContext sysDbContext = new SystemAdminDbContext(connStringAdmin);
CookieAuthInfoModel authModel = (from sysAuthInfo in sysDbContext.CookieInformation
where sysAuthInfo.Selector == selector
select sysAuthInfo).FirstOrDefault();
//Generate unique string associated with selector --called Validator
Guid gd = Guid.NewGuid();
string GuidString = Convert.ToBase64String(gd.ToByteArray());
GuidString = GuidString.Replace("=", "");
GuidString = GuidString.Replace("+", "");
//tick is also used as a salt
var GuidStrWithSalt = GuidString + selector.ToString();
//generate Hash of the Validator, that can be used as a token
string msgDigest = ComputeSha256Hash(GuidStrWithSalt);
authModel.HashedToken = msgDigest;
sysDbContext.Entry(authModel).Property(x => x.HashedToken).IsModified = true;
Response.Cookies.Delete("uData");
Response.Cookies.Append("uData", GuidString, new Microsoft.AspNetCore.Http.CookieOptions
{
Expires = authModel.Expires
});
sysDbContext.SaveChanges();
}
public IActionResult Logout(string returnUrl = null)
{
//HttpContext.Session.Set<RbacUser>("currentuser", null);
//Remove all sessin variable values
SystemAdminDbContext adminDbContext = new SystemAdminDbContext(connStringAdmin);
RbacUser currentUser = HttpContext.Session.Get <RbacUser>("currentuser");
LoginInformationModel LoginInfo = new LoginInformationModel();
//once logged out currentuser gets null, so don't go inside if it's null..
if (currentUser != null)
{
LoginInfo.EmployeeId = currentUser.EmployeeId;
LoginInfo.UserName = currentUser.UserName;
LoginInfo.ActionName = "logout";
LoginInfo.CreatedOn = System.DateTime.Now;
adminDbContext.LoginInformation.Add(LoginInfo);
adminDbContext.SaveChanges();
}
RemoveRememberMeCookie();
RemoveSessionValues();
//HttpContext.Session.Remove("currentuser");
LoginViewModel newLogin = new LoginViewModel();
ViewData["status"] = "logout-success";
return(View("Login", newLogin));
}
public IActionResult Login(LoginViewModel model, string returnUrl = null)
{
if (ModelState.IsValid)
{
SystemAdminDbContext adminDbContext = new SystemAdminDbContext(connStringAdmin);
RbacUser validUser = RBAC.GetUser(model.UserName, model.Password);
LoginInformationModel LoginInfo = new LoginInformationModel();
//seting session for current valid user
if (validUser != null)
{
//Check user status is Active or not, If user is InActive then return to login page
if (validUser.IsActive == false)
{
ViewData["status"] = "user-inactive";
return(View(model));
}
validUser.Password = "";
LoginInfo.EmployeeId = validUser.EmployeeId;
LoginInfo.ActionName = "login";
LoginInfo.CreatedOn = System.DateTime.Now;
LoginInfo.UserName = validUser.UserName;
adminDbContext.LoginInformation.Add(LoginInfo);
adminDbContext.SaveChanges();
SetSessionVariable(validUser);
if (model.RememberMe)
{
DateTime centuryBegin = new DateTime(2001, 1, 1);
DateTime currentDate = DateTime.Now;
//Generate unique tick to make it a selector
long ticksElapsed = currentDate.Ticks - centuryBegin.Ticks;
SetRememberMeCookieVariable(ticksElapsed, validUser.UserId);
}
return(RedirectToAction("Index", "Home"));
}
else
{
LoginInfo.ActionName = "invalid-login-attempt";
LoginInfo.EmployeeId = null;
LoginInfo.CreatedOn = System.DateTime.Now;
LoginInfo.UserName = model.UserName;
adminDbContext.LoginInformation.Add(LoginInfo);
adminDbContext.SaveChanges();
}
ViewData["status"] = "login-failed";
return(View(model));
}
//If we got this far, something failed, redisplay form
return(View(model));
}
private Boolean CheckDBVersionForRestore(string backupFileVersion)
{
try
{
SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(connStringAdmin);
string dbCurrentVersion = (from parameters in systemAdminDbContext.AdminParameters
where parameters.ParameterName == "DatabaseCurrentVersion"
select parameters.ParameterValue
).SingleOrDefault();
return(dbCurrentVersion == backupFileVersion ? true : false);
}
catch (Exception ex)
{
throw ex;
}
}
public void SetRememberMeCookieVariable(long selector, int userId)
{
try
{
SystemAdminDbContext sysDbContext = new SystemAdminDbContext(connStringAdmin);
CookieAuthInfoModel authModel = new CookieAuthInfoModel();
//Generate unique string associated with selector --called Validator
Guid gd = Guid.NewGuid();
string GuidString = Convert.ToBase64String(gd.ToByteArray());
GuidString = GuidString.Replace("=", "");
GuidString = GuidString.Replace("+", "");
//tick is also used as a salt
var GuidStrWithSalt = GuidString + selector.ToString();
//generate Hash of the Validator, that can be used as a token
string msgDigest = ComputeSha256Hash(GuidStrWithSalt);
authModel.Selector = selector;
authModel.HashedToken = msgDigest;
authModel.UserId = userId;
authModel.Expires = System.DateTime.Now.AddYears(2);
sysDbContext.CookieInformation.Add(authModel);
sysDbContext.SaveChanges();
Response.Cookies.Append("uRef", selector.ToString(),
new Microsoft.AspNetCore.Http.CookieOptions
{
Expires = authModel.Expires
});
Response.Cookies.Append("uData", GuidString, new Microsoft.AspNetCore.Http.CookieOptions
{
Expires = authModel.Expires
});
}
catch (Exception ex)
{
throw ex;
}
}
private int CheckTodaysBackup()
{
try
{
SystemAdminDbContext systemAdmindbContext = new SystemAdminDbContext(connStringAdmin);
var dbBackupLog = (from dblog in systemAdmindbContext.DatabaseLog
where dblog.CreatedOn.Value.Year == System.DateTime.Now.Year &&
dblog.CreatedOn.Value.Month == System.DateTime.Now.Month &&
dblog.CreatedOn.Value.Day == System.DateTime.Now.Day && dblog.Action == "backup" && dblog.Status == "success"
select dblog
).ToList();
int count = dbBackupLog.Count();
//We are taking only 3 backup for day
return(count);
}
catch (Exception ex)
{
throw ex;
}
}
private Boolean CheckBackupFolderPath()
{
try
{
SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(connStringAdmin);
string databaseBackupFolderPath = (from parameters in systemAdminDbContext.AdminParameters
where parameters.ParameterName == "DbBackupFolderPath"
select parameters.ParameterValue
).SingleOrDefault();
if (!Directory.Exists(databaseBackupFolderPath))//check directory is existed or not if not then create one
{
System.IO.Directory.CreateDirectory(databaseBackupFolderPath);
}
return(System.IO.Directory.Exists(databaseBackupFolderPath) == true ? true : false);
}
catch (Exception ex)
{
throw ex;
}
}
public string Get(string reqType, DateTime FromDate, DateTime ToDate, string LogType, string Table_Name, string UserName)
{
DanpheHTTPResponse <List <object> > responseData = new DanpheHTTPResponse <List <object> >();
DanpheHTTPResponse <object> responseDataObj = new DanpheHTTPResponse <object>();
try
{
RbacDbContext rbacDbContext = new RbacDbContext(connString);
if (reqType == "getDBBakupLog")
{
SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(this.connStringAdmin);
var result = (from dbBackupLog in systemAdminDbContext.DatabaseLog
orderby dbBackupLog.CreatedOn descending
select new
{
CreatedOn = dbBackupLog.CreatedOn,
FileName = dbBackupLog.FileName,
DatabaseName = dbBackupLog.DatabaseName,
DatabaseVersion = dbBackupLog.DatabaseVersion,
Action = dbBackupLog.Action,
Status = dbBackupLog.Status,
MessageDetail = dbBackupLog.MessageDetail,
FolderPath = dbBackupLog.FolderPath,
IsActive = dbBackupLog.IsActive,
IsDBRestorable = dbBackupLog.IsDBRestorable
}
).ToList <object>();
responseData.Results = result;
responseData.Status = "OK";
}
#region DanpheAuditTrail Details
else if (reqType == "get-audit-trail-details")
{
ReportingDbContext dbContext = new ReportingDbContext(this.connStringAdmin);
DanpheHTTPResponse <DataTable> resData = new DanpheHTTPResponse <DataTable>();
DataTable res = dbContext.AuditTrails(FromDate, ToDate, Table_Name, UserName);
responseDataObj.Results = res;
responseDataObj.Status = "OK";
return(DanpheJSONConvert.SerializeObject(responseDataObj, true));
}
#endregion
#region DanpheAuditList Details
else if (reqType == "get-audit-list")
{
ReportingDbContext dbContext = new ReportingDbContext(this.connStringAdmin);
var userList = (from rbac in rbacDbContext.Users
select new
{
UserName = rbac.UserName
}).ToList <object>();
var tableNameList = dbContext.AuditTrailList().Select(s => new { Table_Name = s.Table_Name }).ToList();
responseDataObj.Results = new
{
UserList = userList,
TableNameList = tableNameList
};
responseDataObj.Status = "OK";
return(DanpheJSONConvert.SerializeObject(responseDataObj, true));
}
#endregion
else if (reqType == "get-login-info")
{
SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(this.connStringAdmin);
var loginList = systemAdminDbContext.LoginInformation
.Where(log => DbFunctions.TruncateTime(log.CreatedOn) >= FromDate && DbFunctions.TruncateTime(log.CreatedOn) <= ToDate).ToList();
responseDataObj.Status = "OK";
responseDataObj.Results = loginList;
return(DanpheJSONConvert.SerializeObject(responseDataObj, true));
}
else if (reqType == "getIRDInvoiceDetails")
{
//We are calling from ReportingDbContext because of problem from admin db context
ReportingDbContext dbContext = new ReportingDbContext(this.connString);
List <InvoiceDetailsModel> res = dbContext.InvoiceDetails(FromDate, ToDate);
DanpheHTTPResponse <List <InvoiceDetailsModel> > resData = new DanpheHTTPResponse <List <InvoiceDetailsModel> >();
resData.Results = res;
resData.Status = "OK";
return(DanpheJSONConvert.SerializeObject(resData, true));
}
else if (reqType == "getPhrmIRDInvoiceDetails")
{
ReportingDbContext dbContext = new ReportingDbContext(this.connString);
List <PhrmInvoiceDetails> res = dbContext.PhrmInvoiceDetails(FromDate, ToDate);
DanpheHTTPResponse <List <PhrmInvoiceDetails> > resData = new DanpheHTTPResponse <List <PhrmInvoiceDetails> >();
resData.Results = res;
resData.Status = "OK";
return(DanpheJSONConvert.SerializeObject(resData, true));
}
else if (reqType == "getDbActivityLogDetails")
{
//use admin-db's connection string to get db-activity log
ReportingDbContext dbContext = new ReportingDbContext(this.connStringAdmin);
DanpheHTTPResponse <List <SqlAuditModel> > resData = new DanpheHTTPResponse <List <SqlAuditModel> >();
List <SqlAuditModel> res = dbContext.SqlAuditDetails(FromDate, ToDate, LogType);
resData.Results = res;
resData.Status = "OK";
return(DanpheJSONConvert.SerializeObject(resData, true));
}
}
catch (Exception ex)
{
responseData.Status = "Failed";
responseData.ErrorMessage = ex.Message + " exception details:" + ex.ToString();
}
return(DanpheJSONConvert.SerializeObject(responseData, true));
}
public string Post()
{
DanpheHTTPResponse <object> responseData = new DanpheHTTPResponse <object>();
responseData.Status = "OK";
//string ipDataString = Request.Form.Keys.First<string>();
try
{
string reqType = this.ReadQueryStringData("reqType");
string ExportType = this.ReadQueryStringData("ExportType");
SystemAdminDbContext systemAdmindbContext = new SystemAdminDbContext(connStringAdmin);
#region Database Backup functionality
if (reqType == "databaseBackup")
{
//Transaction Begin
using (var dbContextTransaction = systemAdmindbContext.Database.BeginTransaction())
{
try
{
//Check Backup Folder is present or not in local system
if (CheckBackupFolderPath())
{
int todayDBBackup = CheckTodaysBackup();
SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(connStringAdmin);
int todaysDBBackupFrequency = Convert.ToInt32((from parameters in systemAdminDbContext.AdminParameters
where parameters.ParameterName == "DaillyDBBackupLimit"
select parameters.ParameterValue
).SingleOrDefault());
if (todayDBBackup >= todaysDBBackupFrequency)
{
responseData.Status = "Failed";
responseData.ErrorMessage = "Today You have already taken " + todaysDBBackupFrequency + "DB backup";
}
else
{
//Backup Database with local directory
if (BackupDatabase(connStringAdmin))
{
if (DeleteOldBackupFiles(connStringAdmin))
{
responseData.Status = "OK";
responseData.Results = 1;
dbContextTransaction.Commit();
}
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "Backup Files deleting Error";
dbContextTransaction.Rollback();
}
}
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "Database Backup failed, Please try again";
}
}
}
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "Please create Directory(folder) first for Backup.";
}
//Commit Transaction
//dbContextTransaction.Commit();
}
catch (Exception ex)
{
//Rollback all transaction if exception occured
dbContextTransaction.Rollback();
throw ex;
}
}
}
#endregion
#region Database Restore Functionality
else if (reqType == "databaseRestore")
{
string dataString = this.ReadPostData();
DatabaseLogModel dbBackupLogDataFromClient = DanpheJSONConvert.DeserializeObject <DatabaseLogModel>(dataString);
string backupDBFilePath = dbBackupLogDataFromClient.FolderPath + dbBackupLogDataFromClient.FileName;
string backupDBFileVersion = dbBackupLogDataFromClient.DatabaseVersion;
//Transaction Begin
using (var dbContextTransaction = systemAdmindbContext.Database.BeginTransaction())
{
try
{
//Boolean x = System.IO.File.Exists("");
//Check backup file is exist or not for restore
if (System.IO.File.Exists(backupDBFilePath))
{
//check Backup dbfile and current database version compatibility
if (CheckDBVersionForRestore(backupDBFileVersion))
{
//first take backup of Database then restore
BackupDatabase(connStringAdmin);
//Restore database
if (RestoreDatabase(connStringAdmin, dbBackupLogDataFromClient))
{
responseData.Status = "OK";
responseData.Results = 1;
dbContextTransaction.Commit();
}
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "Database restore failed, Please try again";
dbContextTransaction.Rollback();
}
}
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "Version is not compatible for Restore.";
}
}
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "There is no backup file for restore, Please Try again.";
}
}
catch (Exception ex)
{
//Rollback all transaction if exception occured
dbContextTransaction.Rollback();
throw ex;
}
}
}
#endregion
#region Database Export as CSV/XML/pdf files
else if (reqType != null && reqType == "exportDBToCSVOrXMLOrPDF")
{
try
{
if (!String.IsNullOrEmpty(ExportType))
{
CoreDbContext coreDBContext = new CoreDbContext(connString);
//get local export file path for export files and send to user also
string ExportedFilePath = (from parameter in coreDBContext.Parameters
where parameter.ParameterName == "DBExportCSVXMLDirPath"
select parameter.ParameterValue
).SingleOrDefault();
//Call function to complete Export database functionality
if (ExportDatabaseToCSVOrXMLOrPDF(connString, ExportType, ExportedFilePath))
{
responseData.Status = "OK";
responseData.Results = ExportedFilePath;
}
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "Failed to Export Database as " + ExportType;
}
}
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "Please select export file type as " + ExportType;
}
}
catch (Exception ex)
{
throw ex;
}
}
#endregion
else
{
responseData.Status = "Failed";
responseData.ErrorMessage = "request type is incorrect.";
}
}
catch (Exception ex)
{
responseData.Status = "Failed";
responseData.ErrorMessage = ex.Message + " exception details:" + ex.ToString();
}
return(DanpheJSONConvert.SerializeObject(responseData, true));
}
public IActionResult Login(string returnUrl = null)
{
DateTime centuryBegin = new DateTime(2001, 1, 1);
DateTime currentDate = DateTime.Now;
//Generate unique tick to make it a selector
long ticksElapsed = currentDate.Ticks - centuryBegin.Ticks;
//Generate unique string associated with selector --called Validator
Guid gd = Guid.NewGuid();
string GuidString = Convert.ToBase64String(gd.ToByteArray());
GuidString = GuidString.Replace("=", "");
GuidString = GuidString.Replace("+", "");
//tick is also used as a salt
GuidString = GuidString + ticksElapsed.ToString();
//generate Hash of the Validator, that can be used as a token
string msgDigest = ComputeSha256Hash(GuidString);
//start: sud:16Jul'19-- If One user is already logged in - (check from session) - Load home index page directly.
RbacUser currentUser = HttpContext.Session.Get <RbacUser>("currentuser");
if (currentUser != null && currentUser.UserId != 0)
{
return(RedirectToAction("Index", "Home"));
}
//end: sud:16Jul'19-- If One user is already logged in - (check from session) - Load home index page directly.
if (!string.IsNullOrEmpty(Request.Cookies["uRef"]))
{
SystemAdminDbContext adminDbContext = new SystemAdminDbContext(connStringAdmin);
var selector = Convert.ToInt64(Request.Cookies["uRef"]);
var validatorWithSalt = Request.Cookies["uData"] + Request.Cookies["uRef"];
var hashedValidator = ComputeSha256Hash(validatorWithSalt);
//To make sure that only one UserId will be selected at a time
var userIdList = (from sysAuthInfo in adminDbContext.CookieInformation
where sysAuthInfo.Selector == selector &&
sysAuthInfo.HashedToken == hashedValidator
select sysAuthInfo.UserId).ToList();
if (userIdList.Count == 1)
{
RbacUser validUser = RBAC.GetUser(userIdList[0]);
LoginViewModel model = new LoginViewModel();
model.UserName = validUser.UserName;
//seting session for current valid user
if (validUser != null)
{
//Check user status is Active or not, If user is InActive then return to login page
if (validUser.IsActive == false)
{
RemoveRememberMeCookie();
RemoveSessionValues();
ViewData["status"] = "user-inactive";
return(View(model));
}
validUser.Password = "";
UpdateRememberMeCookie(selector);
SetSessionVariable(validUser);
return(RedirectToAction("Index", "Home"));
}
}
else
{
RemoveRememberMeCookie();
RemoveSessionValues();
return(View());
}
}
CoreDbContext coreDbContext = new CoreDbContext(connString);
ParameterModel licenseParam = coreDbContext.Parameters.Where(p => p.ParameterGroupName == "TenantMgnt" && p.ParameterName == "SoftwareLicense")
.FirstOrDefault();
string paramValue = licenseParam != null ? licenseParam.ParameterValue : null;
if (paramValue != null)
{
// var paramValueJson = Newtonsoft.Json.Linq.JObject.Parse(paramValue);
//format of parameter:softwarelicense is as below
var definition = new { StartDate = "", EndDate = "", ExpiryNoticeDays = "", LicenseType = "" };
var license = JsonConvert.DeserializeAnonymousType(paramValue, definition);
DateTime startDate = Convert.ToDateTime(RBAC.DecryptPassword(license.StartDate));
DateTime endDate = Convert.ToDateTime(RBAC.DecryptPassword(license.EndDate));
int expiryNoticeDays = Convert.ToInt32(RBAC.DecryptPassword(license.ExpiryNoticeDays));
double remainingDays = (endDate - DateTime.Now).TotalDays;
if (remainingDays < 0)
{
TempData["LicenseMessage"] = "License expired on: " + endDate.ToString("yyyy-MMM-dd");
return(RedirectToAction("LicenseExpired", "Account"));
}
if (expiryNoticeDays > remainingDays)
{
ViewData["ExpiryNotice"] = "Notice ! Your Software License is expiring in " + Convert.ToInt32(remainingDays) + " days.";
//display remaining days through viewdata.
}
}
else
{
TempData["LicenseMessage"] = "License Information not found..";
return(RedirectToAction("LicenseExpired", "Account"));
}
ViewData["ReturnUrl"] = returnUrl;
return(View());
}
