private void LoginUser(string destination) { MembershipUser muser = Membership.GetUser(UserName.Text); C3User user = new C3User(muser); Session.Add("C3User", user); UserHelper.ManageSession(false); destination = Request["ReturnURL"] == null ? destination : Request["ReturnURL"]; if (string.IsNullOrEmpty(destination)) { destination = user.Controls.Count == 0 ? "~/AccessDenied.aspx" : user.Controls[0].Path; } if (!string.IsNullOrEmpty(UserHelper.GetDefaultContract(user).ContractId.ToString())) { user.CurrentContract = UserHelper.GetDefaultContract(user); } PageInfo info = UserHelper.RedirectUser(user, destination, string.Empty, false); var auditLog = GetAuditLog(); auditLog.Type = "SignIn"; auditLog.LandingPage = info.RedirectURL; AuditService.Instance.LogEvent(auditLog); FormsAuthentication.SetAuthCookie(UserName.Text, false); Response.Redirect(info.RedirectURL); }
protected void UserNameSubmitButton_Click(object sender, EventArgs e) { bool errorMsg = false; if (txtUserName.Text.Length == 0) { errorMsg = true; } else { muser = Membership.GetUser(txtUserName.Text); if (muser != null) { C3User user = new C3User(muser); if (!user.IsActive) { UserPageInfo.ErrorMessageCode = "ERR_010"; UserHelper.RedirectUser(user, "~/Login.aspx", "Login", true); } else if (user.IsDeleted) { UserPageInfo.ErrorMessageCode = "ERR_011"; UserHelper.RedirectUser(user, GlobalSiteRoot + "Login.aspx", "Login", true); } else if (user.IsLocked) { UserPageInfo.ErrorMessageCode = "ERR_012"; UserHelper.RedirectUser(user, GlobalSiteRoot + "Login.aspx", "Login", true); } else if (string.IsNullOrEmpty(user.PasswordQuestion)) { UserPageInfo.ErrorMessageCode = "ERR_008"; UserHelper.RedirectUser(user, GlobalSiteRoot + "Login.aspx", "Login", true); } else { Question.Text = muser.PasswordQuestion; UserPageInfo.InformationMessageCode = "INF_018"; UserPageInfo.ErrorMessageCode = ""; SetInformationText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.InformationMessageCode)); SetPageErrorText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.ErrorMessageCode)); UserNamePanel.Style["display"] = "none"; QuestionPanel.Style["display"] = "block"; txtAnswer.Focus(); } } else { errorMsg = true; } } if (errorMsg == true) { UserPageInfo.ErrorMessageCode = "ERR_002"; UserPageInfo.InformationMessageCode = "INF_017"; SetPageErrorText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.ErrorMessageCode)); SetInformationText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.InformationMessageCode)); } }
protected void QuestionSubmitButton_OnClick(object sender, EventArgs e) { bool errorMsg = false; muser = Membership.GetUser(txtUserName.Text); C3User user = new C3User(muser); passwordAnswerCount = user.FailedPasswordAnswerAttemptCount; if (txtAnswer.Text.Length == 0) { errorMsg = true; } else { PhytelEncrypter phytelEncrypter = new PhytelEncrypter(); string passwordAnswerEncrypted = phytelEncrypter.Encrypt(txtAnswer.Text.ToLower()); if (user.PasswordAnswer == passwordAnswerEncrypted) { user.ResetPassword(); DateTime expiration = System.DateTime.Now.AddMinutes(-1); //string expiration = System.DateTime.Today.ToShortDateString(); user.SetPasswordExpiration(expiration.ToString()); Membership.ValidateUser(user.UserName, user.GetPassword()); FormsAuthentication.SetAuthCookie(user.UserName, false); user.ResetFailedAttemptCounts(); Session.Add("C3User", user); UserPageInfo.ErrorMessageCode = string.Empty; Response.Redirect(GlobalSiteRoot + "ChangePassword.aspx"); } else { errorMsg = true; passwordAnswerCount += 1; user.SetFailedPasswordAnswerAttemptCount(passwordAnswerCount); } } if (errorMsg == true) { if (passwordAnswerCount == 5) { //Lock out user user.LockOutUser(); UserPageInfo.ErrorMessageCode = "ERR_009"; Response.Redirect(GlobalSiteRoot + "Login.aspx"); } else { UserPageInfo.InformationMessageCode = "INF_018"; UserPageInfo.ErrorMessageCode = "ERR_004"; SetPageErrorText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.ErrorMessageCode)); SetInformationText(ApplicationMessageService.Instance.GetMessage(UserPageInfo.InformationMessageCode)); } } }
protected void SubmitButton_OnClick(object sender, EventArgs e) { ApplicationMessage errMessage = null; string newPasswordEncrypted = string.Empty; if (String.IsNullOrEmpty(NewPassword.Text) || String.IsNullOrEmpty(ConfirmNewPassword.Text)) { errMessage = ApplicationMessageService.Instance.GetMessage("ERR_032"); } else if (ConfirmNewPassword.Text != NewPassword.Text) { errMessage = ApplicationMessageService.Instance.GetMessage("ERR_005"); } NewPasswordValidator.Visible = String.IsNullOrEmpty(NewPassword.Text); ConfirmPasswordValidator.Visible = String.IsNullOrEmpty(ConfirmNewPassword.Text); if (errMessage == null) { if (!ValidateNewPassword()) { errMessage = ApplicationMessageService.Instance.GetMessage("ERR_006"); hdnNewPassword.Value = NewPassword.Text; hdnConfirmNewPassword.Value = ConfirmNewPassword.Text; } } if (errMessage == null) { // Attempt to Change Password CurrentUser.ChangePassword(CurrentUser.CurrentPassword, NewPassword.Text); CurrentUser.SetPasswordExpiration(); //Log Audit for Change Password LogAuditEvent("ChangePassword", null); // Store new password in the Password History table CurrentUser.AddToPasswordHistory(newPasswordEncrypted); //send email if (string.IsNullOrEmpty(CurrentUser.Email)) { MembershipUser mUser = Membership.GetUser(CurrentUser.AdminUserId); if (mUser != null) { C3User adminUser = new C3User(mUser); if (!string.IsNullOrEmpty(adminUser.Email)) { UserHelper.SendEmail(CurrentUser, ApplicationSettingService.Instance.GetSetting("EMAIL_CHGPWD_ADMIN_SUBJECT").Value, ApplicationSettingService.Instance.GetSetting("EMAIL_CHGPWD_ADMIN_BODY").Value, adminUser); } } } else { UserHelper.SendEmail(CurrentUser, ApplicationSettingService.Instance.GetSetting("EMAIL_CHGPWD_USER_SUBJECT").Value, ApplicationSettingService.Instance.GetSetting("EMAIL_CHGPWD_USER_BODY").Value); } if (CurrentUser.FirstTimeUser) { //Set FirstTimeUser to false CurrentUser.SetFirstTimeUser(); } UserPageInfo.ErrorMessageCode = ""; UserPageInfo.InformationMessageCode = ""; UserHelper.RedirectUser(CurrentUser); } else { //SetPageErrorText(errMessage); } }