protected void loginBtn_Click(object sender, EventArgs e) { var usName = username.Text; var psWord = password.Text; QuizBookDbEntities1 _db = new QuizBookDbEntities1(); var user = _db.Candidates.FirstOrDefault(s => s.Username == usName); if (user != null) { string key = user.LogInKey; if (!string.IsNullOrEmpty(key) && !string.IsNullOrWhiteSpace(key)) { byte[] pw = ErecruitHelper.getByte(psWord, keySalt); byte[] pwFromDB = Convert.FromBase64String(key); if (ErecruitHelper.CompareByteArrays(pw, pwFromDB)) { if (user.Status.Trim() == ErecruitHelper.CStatus.Active.ToString()) { SessionHelper.SetEmail(user.Email, Session); SessionHelper.SetUserId((int)user.Id, Session); SessionHelper.SetUserName(user.Username, Session); if (user.TenantId == null) { SessionHelper.NullifyTenantID(Session); } else { SessionHelper.SetTenantID(user.TenantId.Value.ToString(), Session); } SessionHelper.SetLocation(user.Location, Session); SessionHelper.SetFirstName(user.FirstName, Session); SessionHelper.SetLastName(user.LastName, Session); var permissions = ErecruitHelper.GetuserPermissions(_db, user); SessionHelper.SetUserPermissions(permissions, System.Web.HttpContext.Current.Session); Response.Redirect("TestLanding.aspx"); } else { lblAlert.Text = string.Format("Your status is {0}. Kindly contact the Administartor", user.Status); } } else { lblAlert.Text = string.Format("Your password seems incorrect. Kindly check."); } } else { lblAlert.Text = string.Format("No password set."); } } else { lblAlert.Text = string.Format("Cannot find user in the System."); } }
protected void loginBtn_Click(object sender, EventArgs e) { var usName = username.Text; var psWord = password.Text; using (QuizBookDbEntities1 _db = new QuizBookDbEntities1()) { var user = _db.AdminUsers.FirstOrDefault(s => s.Username == usName); if (user != null) { string key = user.LogInKey; if (!string.IsNullOrEmpty(key) && !string.IsNullOrWhiteSpace(key)) { byte[] pw = ErecruitHelper.getByte(psWord, keySalt); byte[] pwFromDB = Convert.FromBase64String(key); if (ErecruitHelper.CompareByteArrays(pw, pwFromDB)) { if (user.Status.Trim() == ErecruitHelper.CStatus.Active.ToString()) { SessionHelper.SetEmail(user.Email, Session); SessionHelper.SetUserId((int)user.Id, Session); SessionHelper.SetUserName(user.Username, Session); if (user.TenantId == null) { SessionHelper.NullifyTenantID(Session); } else { SessionHelper.SetTenantID(user.TenantId.Value.ToString(), Session); SessionHelper.SetTenantName(user.Tenant.TenantName.ToString(), Session); } SessionHelper.SetLocation(user.Location, Session); SessionHelper.SetFirstName(user.FirstName, Session); SessionHelper.SetLastName(user.LastName, Session); var permissions = ErecruitHelper.GetAdminPermissions(_db, user); SessionHelper.SetUserPermissions(permissions, System.Web.HttpContext.Current.Session); //var adminObj = _db.Roles.FirstOrDefault(s => s.Description == "Admin"); var adminObj = _db.Roles.Select(s => s.Id).ToArray(); MB.FileBrowser.MagicSession.Current.FileBrowserAccessMode = IZ.WebFileManager.AccessMode.Write; if (user.Role.HasValue && adminObj.Contains(user.Role.Value)) { Response.Redirect("index.aspx", false); } else { Response.Redirect("TestLanding.aspx"); } } else { lblAlert.Text = string.Format("Your status is {0}. Kindly contact the Administartor", user.Status); } } } } } }
public static string PassCheck(string op, string xx) { string keySalt = "QuizBook"; QuizBookDbEntities1 _db = new QuizBookDbEntities1(); try { var usName = SessionHelper.FetchUserName(HttpContext.Current.Session); var psWord = op; string key = ""; if (xx == "index") { var qg = _db.AdminUsers.AsEnumerable().FirstOrDefault(s => s.Username.Trim() == usName.Trim()); key = qg == null?"":qg.LogInKey; } else { var qg = _db.Candidates.AsEnumerable().FirstOrDefault(s => s.Username.Trim() == usName.Trim()); key = qg == null ? "" : qg.LogInKey; } if (!string.IsNullOrEmpty(key) && !string.IsNullOrWhiteSpace(key)) { byte[] pw = ErecruitHelper.getByte(psWord, keySalt); byte[] pwFromDB = Convert.FromBase64String(key); if (ErecruitHelper.CompareByteArrays(pw, pwFromDB)) { return("success"); } else { return("failed"); } } else { return("failed"); } } catch (Exception ex) { return(ex.Message); } }