public ActionResult Authenticate(string userName, string password, string returnUrl)
{
try
{
IWebUserService webUserService = new WebUserService();
WebUser webUser = webUserService.VerifyCredentials(userName, password);
if (webUser != null)
{
Session.Add(SessionKey, userName);
Session.Add(SessionKeyRole, webUser.Role);
Session.Add(SessionKeyStudentNo, webUser.WebUserId);
logger.Info("User '" + userName + "' has logged in.");
Response.Redirect(AppHelper.HomeUrl("Home"), false);
}
else
{
logger.Info("User '" + userName + "' failed to login.");
ViewData["ErrorMessage"] = "Username and/or Password are invalid.";
}
string LoginMsg = webUserService.GetLoginMsgText();
ViewData["CustomMsg"] = LoginMsg;
return(View("Login"));
}
catch (Exception ex)
{
logger.Error("Exception in UserController", ex);
// Redirect to error page
Response.Redirect("Result/error");
return(null);
}
}
public ActionResult ChangeLoginMsg(string txtChangeLoginMsg)
{
try
{
IWebUserService webUserService = new WebUserService();
var studentNo = Session[SessionKeyStudentNo];
webUserService.UpdateLoginMsg(txtChangeLoginMsg);
// Get Admin information ...
WebUser userInfo = webUserService.GetUserInfo(int.Parse(studentNo.ToString()));
userInfo.WelcomeMsg = webUserService.GetWelcomeMsgText();
userInfo.RoleReportsRights = webUserService.GetRoleRights("Student");
userInfo.LoginMsg = webUserService.GetLoginMsgText();
ViewData["editOption"] = "NN";
// Record is updated.
ViewData["successMsg"] = "1";
logger.Info("Welcome message changed successfully of Student No." + Session[SessionKeyStudentNo]);
return(View("AdminSettings", userInfo));
}
catch (Exception ex)
{
logger.Info("Welcome message not changed of Student No." + Session[SessionKeyStudentNo]);
logger.Error(ex.Message);
// Redirect to error page
Response.Redirect("Result/error");
return(null);
}
}
public ActionResult ChangeSecretQuestion(FormCollection collection)
{
string txtSecretQuestion = collection["txtSecretQuestion"];
string txtSecretAnswer = collection["txtSecretAnswer"];
try
{
IWebUserService webUserService = new WebUserService();
var studentNo = Session[SessionKeyStudentNo];
webUserService.UpdateSecretQuestionAnswer(int.Parse(studentNo.ToString()), txtSecretQuestion, txtSecretAnswer);
// Get Student information ...
var userInfo = GetStudentInfo();
ViewData["editOption"] = "csq";
// Record is updated.
ViewData["successMsg"] = "1";
logger.Debug("Secret question changed successfully for Student No." + Session[SessionKeyStudentNo]);
return(View("UserSettings", userInfo));
}
catch (Exception ex)
{
var sb = new StringBuilder();
sb.AppendFormat("Secret question change request failded for Student No:{0}. " + Session[SessionKeyStudentNo]);
sb.AppendFormat("SecretQuestion: {0}, SecretAnswer: {1}", txtSecretQuestion, txtSecretAnswer);
logger.Error(sb.ToString(), ex);
// Redirect to error page
Response.Redirect(AppHelper.SharedUrl("Reply/Error"));
return(null);
}
}
public ActionResult ChangeEmail(FormCollection collection)
{
string txtChangeEmail = collection["txtChangeEmail"];
try
{
IWebUserService webUserService = new WebUserService();
var studentNo = Session[SessionKeyStudentNo];
webUserService.UpdateEmail(int.Parse(studentNo.ToString()), txtChangeEmail);
// Get Student information ...
var userInfo = GetStudentInfo();
ViewData["editOption"] = "cm";
// Record is updated.
ViewData["successMsg"] = "1";
logger.Debug("Email changed successfully for Student No." + Session[SessionKeyStudentNo]);
return(View("UserSettings", userInfo));
}
catch (Exception ex)
{
logger.Error("Email changed failded of Student No." + Session[SessionKeyStudentNo] + " New Email: " + txtChangeEmail, ex);
// Redirect to error page
Response.Redirect(AppHelper.SharedUrl("Reply/Error"));
return(null);
}
}
private WebUser GetWebInformation()
{
var studentNo = Session[SessionKeyStudentNo];
IWebUserService webUserService = new WebUserService();
WebUser userInfo = webUserService.GetUserInfo(int.Parse(studentNo.ToString()));
if (userInfo != null)
{
ISettingsService settingsService = new SettingsService();
userInfo.WelcomeMsg = settingsService.GetWelcomeMsgText();
userInfo.RoleReportsRights = webUserService.GetRoleRights("Student");
userInfo.LoginMsg = settingsService.GetLoginMsgText();
userInfo.TitleMsg = settingsService.GetTitleMsg();
userInfo.LogoFileName = settingsService.GetLogoFileName();
userInfo.EmailOrStudentId = (Int16)settingsService.GetForgetUsernameSetting();
// Set Logo file Path
//var path = ConfigurationManager.AppSettings["logoPath"];
//path = Path.Combine(path, userInfo.LogoFileName);
//ViewData["LogoFilePath"] = HeaderControl.imagesPath;
}
else
{
logger.Warn("User Info is null. ID is: " + studentNo);
}
return(userInfo);
}
public ActionResult Logout()
{
try
{
ILogger logger = new Logger(this.GetType());
IWebUserService webUserService = new WebUserService();
string userName = Session[SessionKey] as string;
if (userName != null)
{
webUserService.Logout(userName);
}
Session.Clear();
logger.Info("User '" + userName + "' has logged out.");
string LoginMsg = webUserService.GetLoginMsgText();
ViewData["CustomMsg"] = LoginMsg;
return(View("Login"));
}
catch (Exception ex)
{
logger.Error("Exception in UserController", ex);
// Redirect to error page
Response.Redirect("Result/error");
return(null);
}
}
public ActionResult ResetPasswordAuthentication(string userName, string accountEmail)
{
try
{
IWebUserService webUserService = new WebUserService();
string dbPassword = webUserService.GetPassword(userName);
if (string.IsNullOrEmpty(dbPassword))
{
ViewData["ForgotPasswordErrorMessage"] = "No such user name exists.";
}
else
{
Session[UserEmailToSendPassword] = accountEmail;
Response.Redirect("AskSecretQuestion/" + userName, false);
}
}
catch (Exception ex)
{
logger.Error("Excpetion occurred. ", ex);
// Redirect to error page
Response.Redirect("Result/error");
return(null);
}
return(View("ResetPassword"));
}
public ActionResult AskSecretQuestion(FormCollection collection)
{
try
{
IWebUserService webUserService = new WebUserService();
string userName = TempData["username"] as string;
string to = TempData["email"] as string;
string secretQuestion = TempData["secretQuestion"] as string;
string userAnswer = collection["secretAnswer"] as string;
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(to) || string.IsNullOrEmpty(secretQuestion))
{
return(Redirect("ResetPassword"));
}//View("ResetPassword");
bool isValid = webUserService.ConfirmSecretAnswer(userName, userAnswer);
if (isValid)
{
var dbPassword = webUserService.GetPassword(userName);
var emailBody = new StringBuilder();
emailBody.AppendFormat("Dear {0},{1}{1}Your password is:{2}{1}", userName, Environment.NewLine, dbPassword)
.AppendFormat("If you received this as an error or you didn't request your password, please ignore the email and delete it.{0}{0}DiamondD Services.",
Environment.NewLine);
string emailFrom = ConfigurationManager.AppSettings[Email];
string subject = ConfigurationManager.AppSettings[EmailSubject];
var displayName = ConfigurationManager.AppSettings[DisplayName];
SendEmail(displayName, emailFrom, to, subject, emailBody.ToString());
var sb = new StringBuilder();
sb.AppendFormat("Email sent to {0}, with display Name: {1} from email {2} with subject {3}, having body {4}.", to,
displayName, emailFrom, subject, emailBody);
logger.Info(sb.ToString());
ViewData["SecretAnswerSuccessMessage"] = "Password has been sent at your email address";
}
else
{
TempData["username"] = userName;
TempData["email"] = to;
TempData["SecretQuestion"] = secretQuestion;
ViewData["SecretQuestion"] = secretQuestion;
TempData["SecretAnswerErrorMessage"] = "Your answer doesn't match.";
var sb = new StringBuilder();
sb.AppendFormat("Answer doesn't match for userName{0}. Entered answer: {1}", userName, userAnswer);
logger.Info(sb.ToString());
}
}
catch (Exception ex)
{
logger.Error("Exception Occurred while confirming secret answer.", ex);
Response.Redirect(AppHelper.SharedUrl("Result/Error"));
}
return(View());
}
public ActionResult ChangeEmail(string txtChangeEmail)
{
try
{
IWebUserService webUserService = new WebUserService();
var studentNo = Session[SessionKeyStudentNo];
webUserService.UpdateEmail(int.Parse(studentNo.ToString()), txtChangeEmail);
// Get Student information ...
var userInfo = GetStudentInfo();
ViewData["editOption"] = "cm";
// Record is updated.
ViewData["successMsg"] = "1";
logger.Info("Email changed successfully of Student No." + Session[SessionKeyStudentNo]);
return(View("UserSettings", userInfo));
}
catch (Exception ex)
{
logger.Info("Email changed failded of Student No." + Session[SessionKeyStudentNo]);
logger.Error(ex.Message);
// Redirect to error page
Response.Redirect("Result/error");
return(null);
}
}
public ActionResult ModifyReportRights(FormCollection collection)
{
string enableReports = collection["enableReports"];
try
{
var studentNo = Session[SessionKeyStudentNo];
IWebUserService webUserService = new WebUserService();
webUserService.UpdateReportsRight(enableReports, "Student");
// Get Admin information ...
WebUser userInfo = GetWebInformation();
// Record is updated.
ViewData["successMsg"] = "1";
logger.Debug("Report rights modification done successfully for Student role. enableReports:" + enableReports);
return(View("Rights", userInfo));
}
catch (Exception ex)
{
logger.Error("Report rights modification failded for Student Role. enableReports:" + enableReports, ex);
// Redirect to error page
Response.Redirect(AppHelper.SharedUrl("Reply/Error"));
return(null);
}
}
public ActionResult ModifyReportRights(string enableReports)
{
try
{
var studentNo = Session[SessionKeyStudentNo];
IWebUserService webUserService = new WebUserService();
webUserService.UpdateReportsRight(enableReports, "Student");
// Get Admin information ...
WebUser userInfo = webUserService.GetUserInfo(int.Parse(studentNo.ToString()));
userInfo.WelcomeMsg = webUserService.GetWelcomeMsgText();
userInfo.RoleReportsRights = webUserService.GetRoleRights("Student");
userInfo.LoginMsg = webUserService.GetLoginMsgText();
ViewData["editOption"] = "NN";
// Record is updated.
ViewData["successMsg"] = "1";
logger.Info("Report rights modification done successfully of Student No." + Session[SessionKeyStudentNo]);
return(View("AdminSettings", userInfo));
}
catch (Exception ex)
{
logger.Error("Report rights modification failded of Student No." + Session[SessionKeyStudentNo], ex);
// Redirect to error page
Response.Redirect("Result/error");
return(null);
}
}
public void Check_If_WebUserService_VerifyCredentials_Returns_True_For_A_Valid_Test_User()
{
// Arrange
IWebUserService wuService = new WebUserService(new TestWebUserRepository(), new TestLogService());
//Assert
Assert.IsNotNull(wuService.VerifyCredentials("alex", "wonderland"));
}
public void Check_If_WebUserService_VerifyCredentials_Returns_False_For_An_InValid_Test_User()
{
// Arrange
IWebUserService wuService = new WebUserService(new TestWebUserRepository(), new TestLogService());
//Assert
Assert.IsNull(wuService.VerifyCredentials("nouser", "nopassword"));
}
public void Check_If_WebUserService_VerifyCredentials_Returns_False_For_An_InValid_Db_User()
{
// Arrange
IWebUserService wuService = new WebUserService();
//Assert
Assert.IsNull(wuService.VerifyCredentials("blank", "blank"));
}
public void Check_If_WebUserService_VerifyCredentials_Returns_True_For_A_Valid_Db_User()
{
// Arrange
IWebUserService wuService = new WebUserService();
//Assert
Assert.IsNotNull(wuService.VerifyCredentials(TestConstants.DbStudentUserName, TestConstants.DbStudentPassword));
}
public ActionResult RegisterAuthentication(string userName, string newPassword, string studentID,
string dateofBirth, string Email, string secretQuestion, string secretAnswer)
{
try
{
if (!CheckValidationForRegisterInfo(userName, newPassword, studentID,
dateofBirth, Email, secretQuestion, secretAnswer))
{
ViewData["errorMessage"] = "Provide wrong information.";
}
else
{
WebUser webUserInfo = new WebUser();
// Set Data
webUserInfo.AccountStatus = "InActive";
webUserInfo.SecretAnswer = secretAnswer;
webUserInfo.SecretQuestion = secretQuestion;
webUserInfo.Email = Email;
webUserInfo.WebUserId = Convert.ToInt32(studentID);
webUserInfo.UserName = userName;
webUserInfo.WebPassword = newPassword;
webUserInfo.DateofBirth = DateTime.Parse(dateofBirth);
IWebUserService webUserService = new WebUserService();
try
{
bool isUnique = webUserService.Register(webUserInfo);
if (isUnique)
{
logger.Info("New student registered successfully with student No. is " + studentID);
// redirect to success page
Response.Redirect("Result/success");
}
else
{
ViewData["UserNameDuplicated"] = "Username already exists! Please choose another.";
return(View("Register"));
}
}
catch (Exception ex)
{
logger.Error("New student registered failed with student No. is " + studentID, ex);
// Redirect to error page
Response.Redirect("Result/error");
}
}
}
catch (Exception ex)
{
logger.Error("Exception in UserController", ex);
// Redirect to error page
Response.Redirect("Result/error");
}
return(View("Register"));
}
public void Check_WebUser_information_Is_Successfully_get_From_Service_For_A_Valid_Db_Student()
{
// Arrange
IWebUserService _Repository = new WebUserService();
//Act
WebUser result = _Repository.GetUserInfo(DbStudentNo) as WebUser;
//Assert
Assert.IsNotNull(result);
}
private WebUser GetStudentInfo()
{
IWebUserService webUserService = new WebUserService();
var studentNo = Session[SessionKeyStudentNo];
if (studentNo != null)
{
WebUser userInfo = webUserService.GetUserInfo(int.Parse(studentNo.ToString()));
return(userInfo);
}
return(null);
}
public ActionResult Login(FormCollection collection)
{
try
{
string userName = collection["userName"];
string password = collection["password"];
IWebUserService webUserService = new WebUserService();
WebUser webUser = webUserService.VerifyCredentials(userName, password);
if (webUser != null)
{
Session.Add(SessionKey, userName);
Session.Add(SessionKeyRole, webUser.Role);
Session.Add(SessionKeyRights, webUser.VisibleReports);
Session.Add(SessionKeyStudentNo, webUser.WebUserId);
Session.Add(SessionKeyEmail, webUser.Email);
Session.Add(SessionKeyEmailSent, webUser.EmailSent);
Session["uname"] = userName;
logger.Info("User '" + userName + "' has logged in.");
Response.Redirect(AppHelper.UsersUrl("Home"), false);
}
else
{
var sb = new StringBuilder();
sb.AppendFormat("No such user with credentials : userName:{0}, password:{1}", userName, password);
logger.Info(sb.ToString());
ViewData["ErrorMessage"] = "Username and/or Password are invalid.";
ISettingsService settingsService = new SettingsService();
string loginMessage = settingsService.GetLoginMsgText();
ViewData["CustomMsg"] = loginMessage;
logger.Debug("Got Login Message: " + loginMessage + " (Invalid password case).");
}
return(View("Login"));
}
catch (Exception ex)
{
logger.Error("Exception in UserController", ex);
// Redirect to error page
Response.Redirect(AppHelper.SharedUrl("Result/Error"));
return(null);
}
}
public ActionResult RegisterAuthentication(string userName, string newPassword, string studentID,
string dateofBirth, string Email, string secretQuestion, string secretAnswer)
{
try
{
if (!CheckValidationForRegisterInfo(userName, newPassword, studentID,
dateofBirth, Email, secretQuestion, secretAnswer))
{
ViewData["errorMessage"] = "Provide wrong information.";
}
else
{
WebUser webUserInfo = new WebUser();
// Seet Data
webUserInfo.AccountStatus = "InActive";
webUserInfo.SecretAnswer = secretAnswer;
webUserInfo.SecretQuestion = secretQuestion;
webUserInfo.Email = Email;
webUserInfo.WebUserId = Convert.ToInt32(studentID);
webUserInfo.UserName = userName;
webUserInfo.WebPassword = newPassword;
IWebUserService webUserService = new WebUserService();
try
{
webUserService.Register(webUserInfo);
logger.Info("New student registered successfully with student No. is " + studentID);
// redirect to success page
Response.Redirect("Result/success");
}
catch (Exception ex)
{
logger.Info("New student registered failed with student No. is " + studentID);
logger.Error(ex.Message);
// Redirect to error page
Response.Redirect("Result/error");
}
}
}
catch (Exception ex)
{
// Redirect to error page
logger.Error(ex.Message);
Response.Redirect("Result/error");
}
return(View("Register"));
}
public void Check_If_TestWebUserService_Returns_Correct_Role_Against_TestWebUserRepository()
{
// Arrange
IWebUserRepository userRepository = new TestWebUserRepository();
var testLogService = new TestLogService();
IWebUserService _Repository = new WebUserService(userRepository, testLogService);
//Act
var studentUserInfo = _Repository.GetUserInfo(1);
var adminUserInfo = _Repository.GetUserInfo(3);
//Assert
Assert.AreEqual("Student", studentUserInfo.Role);
Assert.AreEqual("Admin", adminUserInfo.Role);
}
public void Check_If_WebUserService_Returns_Role_Rights_Against_SqlWebUserRepository()
{
// Arrange
IWebUserRepository userRepository = new SqlWebUserRepository();
var testLogService = new TestLogService();
IWebUserService _Repository = new WebUserService(userRepository, testLogService);
//Act
var studentUserInfo = _Repository.GetUserInfo(TestConstants.DbStudentUserId);
var adminUserInfo = _Repository.GetUserInfo(TestConstants.DbAdminUserId);
//Assert
Assert.AreEqual("Student", studentUserInfo.Role);
Assert.AreEqual("Admin", adminUserInfo.Role);
}
private WebUser GetStudentInfo()
{
IWebUserService webUserService = new WebUserService();
var studentNo = Session[SessionKeyStudentNo];
if (studentNo != null)
{
WebUser userInfo = webUserService.GetUserInfo(int.Parse(studentNo.ToString()));
//userInfo.RoleReportsRights = webUserService.GetRoleRights("Student");
//userInfo.WelcomeMsg = webUserService.GetWelcomeMsgText();
return(userInfo);
}
return(null);
}
protected void Page_Load(object sender, EventArgs e)
{
try
{
IWebUserService webUserService = new WebUserService();
enabledReportsList = webUserService.GetRoleRights(Session["DD_Role"].ToString());
}
catch (SqlException sqlEx)
{
throw new Exception(EnumUtils.GetStringValue(ErrorMessage.UserDefinedMessage), sqlEx);
}
catch (Exception ex)
{
throw new Exception(EnumUtils.GetStringValue(ErrorMessage.UserDefinedMessage), ex);
}
}
private bool checkOldPasswordIsValid(string txtOldPassword)
{
IWebUserService webUserService = new WebUserService();
var studentNo = Session[SessionKeyStudentNo];
if (studentNo != null)
{
WebUser userInfo = webUserService.GetUserInfo(int.Parse(studentNo.ToString()));
if (userInfo.WebPassword == txtOldPassword)
{
return(true);
}
}
return(false);
}
public int LoginOn(string userAccount, string userPassword)
{
string password = FormsAuthentication.HashPasswordForStoringInConfigFile(userPassword, "md5");
bool exist = webUserservice.ExistUser(userAccount, password);
if (exist)
{
WebUser User = webUserservice.GetWebUserByAccount(userAccount, password);
WebUserService webuserservice = new WebUserService();
WebPeopleService webpeopleservice = new WebPeopleService();
//userAccount=UserName
if (User.IsLock)
{
//被锁定
return(100);
}
else
{
SessionHelper.SetSession("UserName", userAccount);
WebUser webuser = webuserservice.GetWebUserByAccount(userAccount);
SessionHelper.SetSession("UserID", webuser.UserID);
SessionHelper.SetSession("PositionCode", webuser.PositionCode);
WebPeople webpeople = new WebPeople();
WebWorker webWorker = new WebWorker();
if (webpeopleservice.IsHaveuser(webuser.UserID) && webuser.PositionCode == "WebPeople")
{
webpeople = webpeopleservice.GetWebPeopleByUserID(webuser.UserID);
SessionHelper.SetSession("PositionID", webpeople.PeopleID);
}
else if (webWorkerService.IsHaveWorker(webuser.UserID) && (webuser.PositionCode == "WebWorkerLeader" || webuser.PositionCode == "WebWorker"))
{
webWorker = webWorkerService.GetWebWorkerByUserID(webuser.UserID);
SessionHelper.SetSession("PositionID", webWorker.WorkerID);
}
SessionHelper.SetSession("NickName", webuser.NickName);
return(200);
}
}
else
{
return(500);
}
}
public void Check_If_Student_is_Registered_Successfully_via_WebUserService()
{
var webUserInfo = new WebUser();
webUserInfo.StudentId = "Temp 2";
webUserInfo.AccountStatus = "InActive";
webUserInfo.SecretAnswer = "I am student.";
webUserInfo.SecretQuestion = "Who am I?";
webUserInfo.Email = "*****@*****.**";
webUserInfo.WebUserId = Convert.ToInt32(Int32.MaxValue);
webUserInfo.UserName = "******";
webUserInfo.WebPassword = "******";
IWebUserService webUserService = new WebUserService();
bool isRegistered = webUserService.Register(webUserInfo);
Assert.IsTrue(isRegistered);
}
public ActionResult ChangePassword(FormCollection collection)
{
string txtOldPassword = collection["txtOldPassword"];
string txtNewPassword = collection["txtNewPassword"];
try
{
if (CheckOldPasswordIsValid(txtOldPassword))
{
IWebUserService webUserService = new WebUserService();
var studentNo = Session[SessionKeyStudentNo];
webUserService.UpdatePassword(int.Parse(studentNo.ToString()), txtNewPassword);
// Get Student information ...
var userInfo = GetStudentInfo();
ViewData["editOption"] = "cp";
// Record is updated.
ViewData["successMsg"] = "1";
logger.Debug("Password was successfully changed for Student No." + Session[SessionKeyStudentNo]);
return(View("UserSettings", userInfo));
}
else
{
// Get Student information ...
var userInfo = GetStudentInfo();
ViewData["editOption"] = "cp";
// Old password not match
ViewData["oldPassword"] = "******";
logger.Info("Old password not match of student No. " + Session[SessionKeyStudentNo]);
return(View("UserSettings", userInfo));
}
}
catch (Exception ex)
{
logger.Error("Password change request failed for Student No." + Session[SessionKeyStudentNo], ex);
// Redirect to error page
Response.Redirect(AppHelper.SharedUrl("Reply/Error"));
return(null);
}
}
public ActionResult AdminSettings(string id)
{
var studentNo = Session[SessionKeyStudentNo];
ViewData["editOption"] = id;
// Record is not updated.
ViewData["successMsg"] = "0";
IWebUserService webUserService = new WebUserService();
// Get Admin information ...
WebUser userInfo = webUserService.GetUserInfo(int.Parse(studentNo.ToString()));
userInfo.WelcomeMsg = webUserService.GetWelcomeMsgText();
userInfo.RoleReportsRights = webUserService.GetRoleRights("Student");
userInfo.LoginMsg = webUserService.GetLoginMsgText();
return(View(userInfo));
}
public ActionResult Login()
{
try
{
IWebUserService webUserService = new WebUserService();
string LoginMsg = webUserService.GetLoginMsgText();
ViewData["CustomMsg"] = LoginMsg;
return(View());
}
catch (Exception ex)
{
logger.Error(ex.Message);
// Redirect to error page
Response.Redirect("Result/error");
return(null);
}
}
