public int ChangePassword(string OldPass, string NewPass)
{
string hashOldPass = MyHashTool.GetMd5Hash(OldPass);
var cus = HttpContext.Session.GetObject <Customer>("Customer");
var emp = HttpContext.Session.GetObject <Employee>("Employee");
if (cus != null)
{
if (cus.Password.ToLower() == hashOldPass.ToLower())
{
//They are same
var c = _ctx.Customer.SingleOrDefault(p => p.CustomerId == cus.CustomerId);
c.Password = MyHashTool.GetMd5Hash(NewPass);
_ctx.Customer.Update(c);
_ctx.SaveChanges();
HttpContext.Session.SetObject <Customer>("Customer", c);
return(1);
}
}
else
{
if (emp.Password.ToLower() == hashOldPass.ToLower())
{
//They are same
var e = _ctx.Employee.SingleOrDefault(p => p.EmployeeId == emp.EmployeeId);
e.Password = MyHashTool.GetMd5Hash(NewPass);
_ctx.Employee.Update(e);
_ctx.SaveChanges();
HttpContext.Session.SetObject <Employee>("Employee", e);
return(1);
}
}
return(0);
}
public async Task <IActionResult> Edit(Customer customer, string NameImage, string NameFolder)
{
var info = HttpContext.Session.GetObject <Employee>("Employee");
if (info == null)
{
return(BadRequest(new { message = "login" }));
}
MyTool.MoveImage("Customer", NameImage, NameFolder);
var cus = await _context.Customer.AsNoTracking().SingleOrDefaultAsync(e => e.CustomerId == customer.CustomerId);
if (customer.Password != cus.Password)
{
customer.Password = MyHashTool.GetMd5Hash(customer.Password);
}
if (ModelState.IsValid)
{
try
{
customer.Image = NameImage;
_context.Update(customer);
await _context.SaveChangesAsync();
}
catch
{
return(BadRequest(new { content = "Sửa không thành công!!!" }));
}
var model = await _context.Customer.AsNoTracking().ToListAsync();
return(View("Datatable", model));
}
return(View(customer));
}
public async Task <IActionResult> Add(Employee employee, string NameImage, string NameFolder)
{
var info = HttpContext.Session.GetObject <Employee>("Employee");
if (info == null)
{
return(BadRequest(new { message = "login" }));
}
if (ModelState.IsValid && employee != null)
{
bool check = _context.Employee.Any(e => e.UserName == employee.UserName);
if (!check)
{
MyTool.MoveImage("Employee", NameImage, NameFolder);
employee.Image = NameImage;
employee.CreatedDate = DateTime.Now;
employee.Password = MyHashTool.GetMd5Hash(employee.Password);
_context.Employee.Add(employee);
await _context.SaveChangesAsync();
}
else
{
return(BadRequest(new { content = "Tài khoản đã tồn tại!!!" }));
}
}
else
{
return(BadRequest(new { content = "Vui lòng điền thông tin tài khoản!" }));
}
var model = await _context.Employee.AsNoTracking().ToListAsync();
return(View("Datatable", model));
}
public async Task <IActionResult> Edit([Bind("EmployeeId,UserName,Password,FirstName,LastName,Address,Email,Sex,Phone,BirthDate,Role,ManagerId,Image,IsActive")] Employee employee, string NameImage, string NameFolder)
{
var info = HttpContext.Session.GetObject <Employee>("Employee");
if (info == null)
{
return(BadRequest(new { message = "login" }));
}
if (ModelState.IsValid)
{
try
{
var emp = await _context.Employee.AsNoTracking().SingleOrDefaultAsync(e => e.EmployeeId == employee.EmployeeId);
if (emp == null)
{
return(BadRequest(new { content = "Không tồn tại nhân viên này!!" }));
}
if (employee.Password != emp.Password)
{
employee.Password = MyHashTool.GetMd5Hash(employee.Password);
}
MyTool.MoveImage("Employee", NameImage, NameFolder);
employee.Image = NameImage;
employee.UserName = emp.UserName;
_context.Update(employee);
await _context.SaveChangesAsync();
}
catch
{
return(BadRequest(new { content = "Sửa không thành công!" }));
}
}
var model = await _context.Employee.AsNoTracking().ToListAsync();
return(View("Datatable", model));
}
public async Task <IActionResult> Add(Customer customer, string NameImage, string NameFolder)
{
var info = HttpContext.Session.GetObject <Employee>("Employee");
if (info == null)
{
return(BadRequest(new { message = "login" }));
}
if (ModelState.IsValid && customer != null)
{
bool check = _context.Customer.Any(c => c.UserName == customer.UserName);
if (!check)
{
MyTool.MoveImage("Customer", NameImage, NameFolder);
Customer cus = _context.Customer.SingleOrDefault(c => c.CustomerId == customer.CustomerId);
customer.Image = NameImage;
customer.CreatedDate = DateTime.Now;
if (cus.Password != customer.Password)
{
customer.Password = MyHashTool.GetMd5Hash(customer.Password);
}
_context.Customer.Add(customer);
await _context.SaveChangesAsync();
}
else
{
return(BadRequest(new { content = "Tài khoản này đã tồn tại!!!" }));
}
}
else
{
return(BadRequest());
}
var model = await _context.Customer.AsNoTracking().ToListAsync();
return(View("Datatable", model));
}
public async Task <IActionResult> Login([Bind("UserName", "Password")] LoginViewModel loginViewModel, string ReturnUrl = null)
{
Customer customer = _ctx.Customer.AsNoTracking().SingleOrDefault(p => p.UserName == loginViewModel.UserName && p.Password == MyHashTool.GetMd5Hash(loginViewModel.Password));
if (customer != null)
{
if (customer.PhoneNumberConfirmed == false)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, customer.FirstName + " " + customer.LastName),
new Claim(ClaimTypes.Role, "Customer")
};
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims, "Customer");
ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
await HttpContext.SignInAsync("Customer", claimsPrincipal);
HttpContext.Session.SetObject <Customer>("Customer", customer);
TempData["ThongBao"] = "Đăng nhập thành công";
}
else if (customer.PhoneNumberConfirmed == true && customer.AuthyId != null)
{
// Gửi sms mã xác nhận
var sendSMSResponse = await _authy.SendSmsAsync(customer.AuthyId).ConfigureAwait(false);
if (sendSMSResponse.StatusCode == HttpStatusCode.OK)
{
var smsVerificationSucceedObject = JsonConvert.DeserializeObject <AccessCodeVerifyResult>(await sendSMSResponse.Content.ReadAsStringAsync());
if (smsVerificationSucceedObject.Success)
{
ViewBag.CustomerId = customer.CustomerId;
ViewBag.ResultSMS = "Gửi mã thành công!";
//Send SMS success
return(View("VerifyUser"));
}
else
{
ViewBag.CustomerId = customer.CustomerId;
ViewBag.ResultSMS = "Gửi mã thất bại!";
//Fail
return(View("VerifyUser"));
}
}
else
{
ViewBag.ResultSMS = "Gửi mã thất bại!";
return(View("Login"));
}
}
}
else
{
ViewBag.ResultLogin = "******";
return(View());
}
if (Url.IsLocalUrl(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
return(RedirectToAction("Index", "Home"));
}
public async Task <IActionResult> Register([Bind("UserName", "Password", "FirstName", "LastName", "Sex", "Address", "Email", "PhoneNumber")] UserRegister userRegister, [Bind("TwoFactorCheck")] bool TwoFactorCheck, [Bind("fFile")] IFormFile fFile)
{
Customer customerSimilar = _ctx.Customer.AsNoTracking().FirstOrDefault(p => p.UserName == userRegister.UserName);
if (customerSimilar == null)
{
Customer customer = _mapper.Map <UserRegister, Customer>(userRegister);
if (ModelState.IsValid)
{
//thiếu check mail, phone,...
customer.Password = MyHashTool.GetMd5Hash(customer.Password);
//thêm ảnh đại diện
string fileName = UploadAnh(fFile);
if (fileName != null)
{
customer.Image = fileName;
}
else
{
customer.Image = "";
}
customer.IsActive = true;
Roles role = _ctx.Roles.AsNoTracking().SingleOrDefault(p => p.RoleName == "Customer");
customer.Role = role.RoleId;
customer.PhoneNumberConfirmed = false;
UserModel userModel = new UserModel
{
Email = customer.Email,
CountryCode = "+84",
PhoneNumber = (customer.PhoneNumber.Length > 9) ? customer.PhoneNumber.Substring(1) : customer.PhoneNumber
};
//Lấy authy id
var authyId = await _authy.RegisterUserAsync(userModel).ConfigureAwait(false);
_ctx.Add(customer);
_ctx.SaveChanges();
if (string.IsNullOrEmpty(authyId))
{
//return Json(new { success = false });
ViewBag.RegisterResult = "Đăng ký thành công";
ViewBag.RegisterSMS = "Xác thực số điện thoại thất bại";
return(View("Login"));
}
else
{
//update authyId in database
customer.AuthyId = authyId;
_ctx.Update(customer);
await _ctx.SaveChangesAsync();
if (TwoFactorCheck == true)
{
ViewBag.CustomerId = customer.CustomerId;
// Gửi sms mã xác nhận
var sendSMSResponse = await _authy.SendSmsAsync(customer.AuthyId).ConfigureAwait(false);
if (sendSMSResponse.StatusCode == HttpStatusCode.OK)
{
var smsVerificationSucceedObject = JsonConvert.DeserializeObject <AccessCodeVerifyResult>(await sendSMSResponse.Content.ReadAsStringAsync());
if (smsVerificationSucceedObject.Success)
{
ViewBag.CustomerId = customer.CustomerId;
ViewBag.ResultSMS = "Gửi mã thành công!";
//Send SMS success
return(View("VerifyUser"));
}
else
{
ViewBag.ResultSMS = "Gửi mã thất bại!";
ViewBag.CustomerId = customer.CustomerId;
//Fail
return(View("VerifyUser"));
}
}
else
{
ViewBag.ResultSMS = "Gửi mã thất bại!";
return(View("Login"));
}
}
else
{
ViewBag.RegisterResult = "Đăng ký thành công";
return(View("Login"));
}
}
}
}
ViewBag.RegisterResult = "Trùng tên đăng nhập hoặc mật khẩu";
return(View());
}
public async Task <IActionResult> Index(LoginViewModel loginViewModel, string ReturnUrl)
{
Employee employee = _ctx.Employee.SingleOrDefault(p => p.UserName == loginViewModel.UserName && p.Password == MyHashTool.GetMd5Hash(loginViewModel.Password));
if (employee == null)
{
ViewBag.ThongBaoLoi = "Sai thông tin đăng nhập !!!";
return(View());
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, employee.FirstName + " " + employee.LastName),
new Claim(ClaimTypes.Role, employee.Role.ToString())
};
ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims, "Admin");
ClaimsPrincipal claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
await HttpContext.SignInAsync("Admin", claimsPrincipal);
if (Url.IsLocalUrl(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
HttpContext.Session.SetObject <Employee>("Employee", employee);
return(RedirectToAction("Index", "Home"));
}
