public void UpdateRememberMeCookie(long selector) { SystemAdminDbContext sysDbContext = new SystemAdminDbContext(connStringAdmin); CookieAuthInfoModel authModel = (from sysAuthInfo in sysDbContext.CookieInformation where sysAuthInfo.Selector == selector select sysAuthInfo).FirstOrDefault(); //Generate unique string associated with selector --called Validator Guid gd = Guid.NewGuid(); string GuidString = Convert.ToBase64String(gd.ToByteArray()); GuidString = GuidString.Replace("=", ""); GuidString = GuidString.Replace("+", ""); //tick is also used as a salt var GuidStrWithSalt = GuidString + selector.ToString(); //generate Hash of the Validator, that can be used as a token string msgDigest = ComputeSha256Hash(GuidStrWithSalt); authModel.HashedToken = msgDigest; sysDbContext.Entry(authModel).Property(x => x.HashedToken).IsModified = true; Response.Cookies.Delete("uData"); Response.Cookies.Append("uData", GuidString, new Microsoft.AspNetCore.Http.CookieOptions { Expires = authModel.Expires }); sysDbContext.SaveChanges(); }
public IActionResult Logout(string returnUrl = null) { //HttpContext.Session.Set<RbacUser>("currentuser", null); //Remove all sessin variable values SystemAdminDbContext adminDbContext = new SystemAdminDbContext(connStringAdmin); RbacUser currentUser = HttpContext.Session.Get <RbacUser>("currentuser"); LoginInformationModel LoginInfo = new LoginInformationModel(); //once logged out currentuser gets null, so don't go inside if it's null.. if (currentUser != null) { LoginInfo.EmployeeId = currentUser.EmployeeId; LoginInfo.UserName = currentUser.UserName; LoginInfo.ActionName = "logout"; LoginInfo.CreatedOn = System.DateTime.Now; adminDbContext.LoginInformation.Add(LoginInfo); adminDbContext.SaveChanges(); } RemoveRememberMeCookie(); RemoveSessionValues(); //HttpContext.Session.Remove("currentuser"); LoginViewModel newLogin = new LoginViewModel(); ViewData["status"] = "logout-success"; return(View("Login", newLogin)); }
public IActionResult Login(LoginViewModel model, string returnUrl = null) { if (ModelState.IsValid) { SystemAdminDbContext adminDbContext = new SystemAdminDbContext(connStringAdmin); RbacUser validUser = RBAC.GetUser(model.UserName, model.Password); LoginInformationModel LoginInfo = new LoginInformationModel(); //seting session for current valid user if (validUser != null) { //Check user status is Active or not, If user is InActive then return to login page if (validUser.IsActive == false) { ViewData["status"] = "user-inactive"; return(View(model)); } validUser.Password = ""; LoginInfo.EmployeeId = validUser.EmployeeId; LoginInfo.ActionName = "login"; LoginInfo.CreatedOn = System.DateTime.Now; LoginInfo.UserName = validUser.UserName; adminDbContext.LoginInformation.Add(LoginInfo); adminDbContext.SaveChanges(); SetSessionVariable(validUser); if (model.RememberMe) { DateTime centuryBegin = new DateTime(2001, 1, 1); DateTime currentDate = DateTime.Now; //Generate unique tick to make it a selector long ticksElapsed = currentDate.Ticks - centuryBegin.Ticks; SetRememberMeCookieVariable(ticksElapsed, validUser.UserId); } return(RedirectToAction("Index", "Home")); } else { LoginInfo.ActionName = "invalid-login-attempt"; LoginInfo.EmployeeId = null; LoginInfo.CreatedOn = System.DateTime.Now; LoginInfo.UserName = model.UserName; adminDbContext.LoginInformation.Add(LoginInfo); adminDbContext.SaveChanges(); } ViewData["status"] = "login-failed"; return(View(model)); } //If we got this far, something failed, redisplay form return(View(model)); }
private Boolean CheckDBVersionForRestore(string backupFileVersion) { try { SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(connStringAdmin); string dbCurrentVersion = (from parameters in systemAdminDbContext.AdminParameters where parameters.ParameterName == "DatabaseCurrentVersion" select parameters.ParameterValue ).SingleOrDefault(); return(dbCurrentVersion == backupFileVersion ? true : false); } catch (Exception ex) { throw ex; } }
public void SetRememberMeCookieVariable(long selector, int userId) { try { SystemAdminDbContext sysDbContext = new SystemAdminDbContext(connStringAdmin); CookieAuthInfoModel authModel = new CookieAuthInfoModel(); //Generate unique string associated with selector --called Validator Guid gd = Guid.NewGuid(); string GuidString = Convert.ToBase64String(gd.ToByteArray()); GuidString = GuidString.Replace("=", ""); GuidString = GuidString.Replace("+", ""); //tick is also used as a salt var GuidStrWithSalt = GuidString + selector.ToString(); //generate Hash of the Validator, that can be used as a token string msgDigest = ComputeSha256Hash(GuidStrWithSalt); authModel.Selector = selector; authModel.HashedToken = msgDigest; authModel.UserId = userId; authModel.Expires = System.DateTime.Now.AddYears(2); sysDbContext.CookieInformation.Add(authModel); sysDbContext.SaveChanges(); Response.Cookies.Append("uRef", selector.ToString(), new Microsoft.AspNetCore.Http.CookieOptions { Expires = authModel.Expires }); Response.Cookies.Append("uData", GuidString, new Microsoft.AspNetCore.Http.CookieOptions { Expires = authModel.Expires }); } catch (Exception ex) { throw ex; } }
private int CheckTodaysBackup() { try { SystemAdminDbContext systemAdmindbContext = new SystemAdminDbContext(connStringAdmin); var dbBackupLog = (from dblog in systemAdmindbContext.DatabaseLog where dblog.CreatedOn.Value.Year == System.DateTime.Now.Year && dblog.CreatedOn.Value.Month == System.DateTime.Now.Month && dblog.CreatedOn.Value.Day == System.DateTime.Now.Day && dblog.Action == "backup" && dblog.Status == "success" select dblog ).ToList(); int count = dbBackupLog.Count(); //We are taking only 3 backup for day return(count); } catch (Exception ex) { throw ex; } }
private Boolean CheckBackupFolderPath() { try { SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(connStringAdmin); string databaseBackupFolderPath = (from parameters in systemAdminDbContext.AdminParameters where parameters.ParameterName == "DbBackupFolderPath" select parameters.ParameterValue ).SingleOrDefault(); if (!Directory.Exists(databaseBackupFolderPath))//check directory is existed or not if not then create one { System.IO.Directory.CreateDirectory(databaseBackupFolderPath); } return(System.IO.Directory.Exists(databaseBackupFolderPath) == true ? true : false); } catch (Exception ex) { throw ex; } }
public string Get(string reqType, DateTime FromDate, DateTime ToDate, string LogType, string Table_Name, string UserName) { DanpheHTTPResponse <List <object> > responseData = new DanpheHTTPResponse <List <object> >(); DanpheHTTPResponse <object> responseDataObj = new DanpheHTTPResponse <object>(); try { RbacDbContext rbacDbContext = new RbacDbContext(connString); if (reqType == "getDBBakupLog") { SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(this.connStringAdmin); var result = (from dbBackupLog in systemAdminDbContext.DatabaseLog orderby dbBackupLog.CreatedOn descending select new { CreatedOn = dbBackupLog.CreatedOn, FileName = dbBackupLog.FileName, DatabaseName = dbBackupLog.DatabaseName, DatabaseVersion = dbBackupLog.DatabaseVersion, Action = dbBackupLog.Action, Status = dbBackupLog.Status, MessageDetail = dbBackupLog.MessageDetail, FolderPath = dbBackupLog.FolderPath, IsActive = dbBackupLog.IsActive, IsDBRestorable = dbBackupLog.IsDBRestorable } ).ToList <object>(); responseData.Results = result; responseData.Status = "OK"; } #region DanpheAuditTrail Details else if (reqType == "get-audit-trail-details") { ReportingDbContext dbContext = new ReportingDbContext(this.connStringAdmin); DanpheHTTPResponse <DataTable> resData = new DanpheHTTPResponse <DataTable>(); DataTable res = dbContext.AuditTrails(FromDate, ToDate, Table_Name, UserName); responseDataObj.Results = res; responseDataObj.Status = "OK"; return(DanpheJSONConvert.SerializeObject(responseDataObj, true)); } #endregion #region DanpheAuditList Details else if (reqType == "get-audit-list") { ReportingDbContext dbContext = new ReportingDbContext(this.connStringAdmin); var userList = (from rbac in rbacDbContext.Users select new { UserName = rbac.UserName }).ToList <object>(); var tableNameList = dbContext.AuditTrailList().Select(s => new { Table_Name = s.Table_Name }).ToList(); responseDataObj.Results = new { UserList = userList, TableNameList = tableNameList }; responseDataObj.Status = "OK"; return(DanpheJSONConvert.SerializeObject(responseDataObj, true)); } #endregion else if (reqType == "get-login-info") { SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(this.connStringAdmin); var loginList = systemAdminDbContext.LoginInformation .Where(log => DbFunctions.TruncateTime(log.CreatedOn) >= FromDate && DbFunctions.TruncateTime(log.CreatedOn) <= ToDate).ToList(); responseDataObj.Status = "OK"; responseDataObj.Results = loginList; return(DanpheJSONConvert.SerializeObject(responseDataObj, true)); } else if (reqType == "getIRDInvoiceDetails") { //We are calling from ReportingDbContext because of problem from admin db context ReportingDbContext dbContext = new ReportingDbContext(this.connString); List <InvoiceDetailsModel> res = dbContext.InvoiceDetails(FromDate, ToDate); DanpheHTTPResponse <List <InvoiceDetailsModel> > resData = new DanpheHTTPResponse <List <InvoiceDetailsModel> >(); resData.Results = res; resData.Status = "OK"; return(DanpheJSONConvert.SerializeObject(resData, true)); } else if (reqType == "getPhrmIRDInvoiceDetails") { ReportingDbContext dbContext = new ReportingDbContext(this.connString); List <PhrmInvoiceDetails> res = dbContext.PhrmInvoiceDetails(FromDate, ToDate); DanpheHTTPResponse <List <PhrmInvoiceDetails> > resData = new DanpheHTTPResponse <List <PhrmInvoiceDetails> >(); resData.Results = res; resData.Status = "OK"; return(DanpheJSONConvert.SerializeObject(resData, true)); } else if (reqType == "getDbActivityLogDetails") { //use admin-db's connection string to get db-activity log ReportingDbContext dbContext = new ReportingDbContext(this.connStringAdmin); DanpheHTTPResponse <List <SqlAuditModel> > resData = new DanpheHTTPResponse <List <SqlAuditModel> >(); List <SqlAuditModel> res = dbContext.SqlAuditDetails(FromDate, ToDate, LogType); resData.Results = res; resData.Status = "OK"; return(DanpheJSONConvert.SerializeObject(resData, true)); } } catch (Exception ex) { responseData.Status = "Failed"; responseData.ErrorMessage = ex.Message + " exception details:" + ex.ToString(); } return(DanpheJSONConvert.SerializeObject(responseData, true)); }
public string Post() { DanpheHTTPResponse <object> responseData = new DanpheHTTPResponse <object>(); responseData.Status = "OK"; //string ipDataString = Request.Form.Keys.First<string>(); try { string reqType = this.ReadQueryStringData("reqType"); string ExportType = this.ReadQueryStringData("ExportType"); SystemAdminDbContext systemAdmindbContext = new SystemAdminDbContext(connStringAdmin); #region Database Backup functionality if (reqType == "databaseBackup") { //Transaction Begin using (var dbContextTransaction = systemAdmindbContext.Database.BeginTransaction()) { try { //Check Backup Folder is present or not in local system if (CheckBackupFolderPath()) { int todayDBBackup = CheckTodaysBackup(); SystemAdminDbContext systemAdminDbContext = new SystemAdminDbContext(connStringAdmin); int todaysDBBackupFrequency = Convert.ToInt32((from parameters in systemAdminDbContext.AdminParameters where parameters.ParameterName == "DaillyDBBackupLimit" select parameters.ParameterValue ).SingleOrDefault()); if (todayDBBackup >= todaysDBBackupFrequency) { responseData.Status = "Failed"; responseData.ErrorMessage = "Today You have already taken " + todaysDBBackupFrequency + "DB backup"; } else { //Backup Database with local directory if (BackupDatabase(connStringAdmin)) { if (DeleteOldBackupFiles(connStringAdmin)) { responseData.Status = "OK"; responseData.Results = 1; dbContextTransaction.Commit(); } else { responseData.Status = "Failed"; responseData.ErrorMessage = "Backup Files deleting Error"; dbContextTransaction.Rollback(); } } else { responseData.Status = "Failed"; responseData.ErrorMessage = "Database Backup failed, Please try again"; } } } else { responseData.Status = "Failed"; responseData.ErrorMessage = "Please create Directory(folder) first for Backup."; } //Commit Transaction //dbContextTransaction.Commit(); } catch (Exception ex) { //Rollback all transaction if exception occured dbContextTransaction.Rollback(); throw ex; } } } #endregion #region Database Restore Functionality else if (reqType == "databaseRestore") { string dataString = this.ReadPostData(); DatabaseLogModel dbBackupLogDataFromClient = DanpheJSONConvert.DeserializeObject <DatabaseLogModel>(dataString); string backupDBFilePath = dbBackupLogDataFromClient.FolderPath + dbBackupLogDataFromClient.FileName; string backupDBFileVersion = dbBackupLogDataFromClient.DatabaseVersion; //Transaction Begin using (var dbContextTransaction = systemAdmindbContext.Database.BeginTransaction()) { try { //Boolean x = System.IO.File.Exists(""); //Check backup file is exist or not for restore if (System.IO.File.Exists(backupDBFilePath)) { //check Backup dbfile and current database version compatibility if (CheckDBVersionForRestore(backupDBFileVersion)) { //first take backup of Database then restore BackupDatabase(connStringAdmin); //Restore database if (RestoreDatabase(connStringAdmin, dbBackupLogDataFromClient)) { responseData.Status = "OK"; responseData.Results = 1; dbContextTransaction.Commit(); } else { responseData.Status = "Failed"; responseData.ErrorMessage = "Database restore failed, Please try again"; dbContextTransaction.Rollback(); } } else { responseData.Status = "Failed"; responseData.ErrorMessage = "Version is not compatible for Restore."; } } else { responseData.Status = "Failed"; responseData.ErrorMessage = "There is no backup file for restore, Please Try again."; } } catch (Exception ex) { //Rollback all transaction if exception occured dbContextTransaction.Rollback(); throw ex; } } } #endregion #region Database Export as CSV/XML/pdf files else if (reqType != null && reqType == "exportDBToCSVOrXMLOrPDF") { try { if (!String.IsNullOrEmpty(ExportType)) { CoreDbContext coreDBContext = new CoreDbContext(connString); //get local export file path for export files and send to user also string ExportedFilePath = (from parameter in coreDBContext.Parameters where parameter.ParameterName == "DBExportCSVXMLDirPath" select parameter.ParameterValue ).SingleOrDefault(); //Call function to complete Export database functionality if (ExportDatabaseToCSVOrXMLOrPDF(connString, ExportType, ExportedFilePath)) { responseData.Status = "OK"; responseData.Results = ExportedFilePath; } else { responseData.Status = "Failed"; responseData.ErrorMessage = "Failed to Export Database as " + ExportType; } } else { responseData.Status = "Failed"; responseData.ErrorMessage = "Please select export file type as " + ExportType; } } catch (Exception ex) { throw ex; } } #endregion else { responseData.Status = "Failed"; responseData.ErrorMessage = "request type is incorrect."; } } catch (Exception ex) { responseData.Status = "Failed"; responseData.ErrorMessage = ex.Message + " exception details:" + ex.ToString(); } return(DanpheJSONConvert.SerializeObject(responseData, true)); }
public IActionResult Login(string returnUrl = null) { DateTime centuryBegin = new DateTime(2001, 1, 1); DateTime currentDate = DateTime.Now; //Generate unique tick to make it a selector long ticksElapsed = currentDate.Ticks - centuryBegin.Ticks; //Generate unique string associated with selector --called Validator Guid gd = Guid.NewGuid(); string GuidString = Convert.ToBase64String(gd.ToByteArray()); GuidString = GuidString.Replace("=", ""); GuidString = GuidString.Replace("+", ""); //tick is also used as a salt GuidString = GuidString + ticksElapsed.ToString(); //generate Hash of the Validator, that can be used as a token string msgDigest = ComputeSha256Hash(GuidString); //start: sud:16Jul'19-- If One user is already logged in - (check from session) - Load home index page directly. RbacUser currentUser = HttpContext.Session.Get <RbacUser>("currentuser"); if (currentUser != null && currentUser.UserId != 0) { return(RedirectToAction("Index", "Home")); } //end: sud:16Jul'19-- If One user is already logged in - (check from session) - Load home index page directly. if (!string.IsNullOrEmpty(Request.Cookies["uRef"])) { SystemAdminDbContext adminDbContext = new SystemAdminDbContext(connStringAdmin); var selector = Convert.ToInt64(Request.Cookies["uRef"]); var validatorWithSalt = Request.Cookies["uData"] + Request.Cookies["uRef"]; var hashedValidator = ComputeSha256Hash(validatorWithSalt); //To make sure that only one UserId will be selected at a time var userIdList = (from sysAuthInfo in adminDbContext.CookieInformation where sysAuthInfo.Selector == selector && sysAuthInfo.HashedToken == hashedValidator select sysAuthInfo.UserId).ToList(); if (userIdList.Count == 1) { RbacUser validUser = RBAC.GetUser(userIdList[0]); LoginViewModel model = new LoginViewModel(); model.UserName = validUser.UserName; //seting session for current valid user if (validUser != null) { //Check user status is Active or not, If user is InActive then return to login page if (validUser.IsActive == false) { RemoveRememberMeCookie(); RemoveSessionValues(); ViewData["status"] = "user-inactive"; return(View(model)); } validUser.Password = ""; UpdateRememberMeCookie(selector); SetSessionVariable(validUser); return(RedirectToAction("Index", "Home")); } } else { RemoveRememberMeCookie(); RemoveSessionValues(); return(View()); } } CoreDbContext coreDbContext = new CoreDbContext(connString); ParameterModel licenseParam = coreDbContext.Parameters.Where(p => p.ParameterGroupName == "TenantMgnt" && p.ParameterName == "SoftwareLicense") .FirstOrDefault(); string paramValue = licenseParam != null ? licenseParam.ParameterValue : null; if (paramValue != null) { // var paramValueJson = Newtonsoft.Json.Linq.JObject.Parse(paramValue); //format of parameter:softwarelicense is as below var definition = new { StartDate = "", EndDate = "", ExpiryNoticeDays = "", LicenseType = "" }; var license = JsonConvert.DeserializeAnonymousType(paramValue, definition); DateTime startDate = Convert.ToDateTime(RBAC.DecryptPassword(license.StartDate)); DateTime endDate = Convert.ToDateTime(RBAC.DecryptPassword(license.EndDate)); int expiryNoticeDays = Convert.ToInt32(RBAC.DecryptPassword(license.ExpiryNoticeDays)); double remainingDays = (endDate - DateTime.Now).TotalDays; if (remainingDays < 0) { TempData["LicenseMessage"] = "License expired on: " + endDate.ToString("yyyy-MMM-dd"); return(RedirectToAction("LicenseExpired", "Account")); } if (expiryNoticeDays > remainingDays) { ViewData["ExpiryNotice"] = "Notice ! Your Software License is expiring in " + Convert.ToInt32(remainingDays) + " days."; //display remaining days through viewdata. } } else { TempData["LicenseMessage"] = "License Information not found.."; return(RedirectToAction("LicenseExpired", "Account")); } ViewData["ReturnUrl"] = returnUrl; return(View()); }