public ActionResult UpdatePassword(string action, string oldpassword, string password, int iduser)
{
try
{
if (action == "cancel")
{
//cancel
return(Json(new { valor = 0, href = Url.Action("Login", "Account") }));
}
else
{
//guardar
if (!_tokenManager.GenerateToken("pepe", EncryptHelper.CalculateMD5Hash(password)))
{
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
}
var userApi = new Spartan_UserApiConsumer();
userApi.SetAuthHeader(_tokenManager.Token);
var tmpuser = userApi.GetByKey(iduser, false);
if (tmpuser != null && tmpuser.Resource != null)
{
if (oldpassword == password)
{
return(Json(new { valor = 2, message = Resources.LoginResources.ErrorNewPassword }));
}
tmpuser.Resource.Password = EncryptHelper.CalculateMD5Hash(password);
var rta = userApi.Update(tmpuser.Resource, null, null);
var userhistApi = new Spartan_User_Historical_PasswordApiConsumer();
userhistApi.SetAuthHeader(_tokenManager.Token);
rta = userhistApi.Insert(new Core.Domain.Spartan_User_Historical_Password.Spartan_User_Historical_Password()
{
Fecha_de_Registro = DateTime.Now,
Usuario = iduser,
Password = EncryptHelper.CalculateMD5Hash(password)
}, null, null);
return(Json(new { valor = 1, href = Url.Action("Login", "Account") }));
}
else
{
return(null);
}
}
}
catch (Exception ex)
{
//error
return(null);
}
}
public ActionResult ValidateLogin(string username, string password)
{
try
{
string passEncripted = EncryptHelper.CalculateMD5Hash(password);
var UserDetails = _IUseroApiConsumer.ValidateUser(1, 10, "Username = '******' COLLATE SQL_Latin1_General_CP1_CS_AS And Password = '******' COLLATE SQL_Latin1_General_CP1_CS_AS").Resource;
if (UserDetails.Spartan_Users != null && UserDetails.Spartan_Users.Count() > 0)
{
if (!_tokenManager.GenerateToken(username, EncryptHelper.CalculateMD5Hash(password)))
{
ModelState.AddModelError("", Resources.LoginResources.InvalidUserPassword);
}
if (UserDetails.Spartan_Users.FirstOrDefault().Status == 2)
{
ModelState.AddModelError("", Resources.LoginResources.DeactivateAccount);
return(Json(new { valor = 0 }));
}
var histPasswordApi = new Spartan_User_Historical_PasswordApiConsumer();
histPasswordApi.SetAuthHeader(_tokenManager.Token);
var histUser = histPasswordApi.ListaSelAll(0, 9999, "Spartan_User_Historical_Password.Usuario=" + UserDetails.Spartan_Users[0].Id_User, "").Resource;
//validacion de cantidades de logins realizados
if (histUser.RowCount > 0)
{
//validacion de expirtacion
_ISpartan_SettingsApiConsumer.SetAuthHeader(_tokenManager.Token);
var ExpirationDaysDB = _ISpartan_SettingsApiConsumer.GetByKey("ExpirationDays", false).Resource;
int ExpirationDays = Convert.ToInt32(ExpirationDaysDB.Valor);
//TODO: obtener cantidad de dias para expirtacion de pwd
var lastLogin = histUser.Spartan_User_Historical_Passwords.OrderByDescending(h => h.Clave).FirstOrDefault();
if ((DateTime.Now - Convert.ToDateTime(lastLogin.Fecha_de_Registro)).TotalDays > ExpirationDays)
{
//debe cambiar la password por expiracion
Session["tmpExpira"] = 1;
Session["tmpIdUser"] = UserDetails.Spartan_Users[0].Id_User;
Session["tmpUsername"] = username;
Session["tmpPassword"] = password;
return(Json(new { valor = 1 }));
}
else
{
//inicia sesion normalmente
return(Json(new { valor = 2 }));
}
}
else
{
//debe cambiar la password por ser el primer login
Session["tmpExpira"] = 0;
Session["tmpIdUser"] = UserDetails.Spartan_Users[0].Id_User;
Session["tmpUsername"] = username;
Session["tmpPassword"] = password;
return(Json(new { valor = 1 }));
}
}
//credenciales incorrectas
return(Json(new { valor = 0 }));
}
catch (Exception ex)
{
//error
return(null);
}
}
public JsonResult ForgotPassword(ForgotPasswordViewModel model)
{
if (ModelState.IsValid)
{
try
{
Spartan_User_Core UserDetails = _IUseroApiConsumer.ValidateUser(1, 10, "Username = '******' COLLATE SQL_Latin1_General_CP1_CS_AS And Email = '" + model.Email + "'").Resource;
if (UserDetails.Spartan_Users != null && UserDetails.Spartan_Users.Count() > 0)
{
if (System.IO.File.Exists(Server.MapPath("~/HTMLTemplates/ForgotPassword.html")))
{
// Get HTML Template for Forgot password
StreamReader sread = new StreamReader(Server.MapPath("~/HTMLTemplates/ForgotPassword.html"));
string strBodyTemplate = sread.ReadToEnd();
// Replace User Full Name
strBodyTemplate = strBodyTemplate.Replace("*|fullname|*", UserDetails.Spartan_Users[0].Name);
strBodyTemplate = strBodyTemplate.Replace("*|username|*", UserDetails.Spartan_Users[0].Username);
strBodyTemplate = strBodyTemplate.Replace("*|email|*", UserDetails.Spartan_Users[0].Email);
//strBodyTemplate = strBodyTemplate.Replace("*|password|*", UserDetails.Spartan_Users[0].Password);
//Replace text for apropiates values in Resources
strBodyTemplate = strBodyTemplate.Replace("*|text1|*", Resources.LoginResources.Hello);
strBodyTemplate = strBodyTemplate.Replace("*|text2|*", Resources.LoginResources.textTemplateEmail1);
strBodyTemplate = strBodyTemplate.Replace("*|text3|*", Resources.LoginResources.UserName.ToString());
strBodyTemplate = strBodyTemplate.Replace("*|text4|*", Resources.LoginResources.Email.ToString());
strBodyTemplate = strBodyTemplate.Replace("*|text5|*", Resources.LoginResources.Password);
strBodyTemplate = strBodyTemplate.Replace("*|text6|*", Resources.LoginResources.textTemplateEmail2.ToString());
if (!_tokenManager.GenerateToken("admin", "admin"))
{
return(null);
}
var userApi = new Spartan_UserApiConsumer();
userApi.SetAuthHeader(_tokenManager.Token);
var tmpuser = userApi.GetByKey(UserDetails.Spartan_Users[0].Id_User, false);
var pass = System.Web.Security.Membership.GeneratePassword(7, 0);
pass = Regex.Replace(pass, @"[^a-zA-Z0-9]", m => "9") + "$";
tmpuser.Resource.Password = EncryptHelper.CalculateMD5Hash(pass);
var res = userApi.Update(tmpuser.Resource, null, null);
var userhistApi = new Spartan_User_Historical_PasswordApiConsumer();
userhistApi.SetAuthHeader(_tokenManager.Token);
res = userhistApi.Insert(new Core.Domain.Spartan_User_Historical_Password.Spartan_User_Historical_Password()
{
Fecha_de_Registro = DateTime.Now,
Usuario = tmpuser.Resource.Id_User,
Password = tmpuser.Resource.Password
}, null, null);
strBodyTemplate = strBodyTemplate.Replace("*|password|*", pass);
// Replace ForgotPassword Link with Token and Encrypted Email
List <string> emails = new List <string>();
emails.Add(model.Email);
if (Helper.SendEmail(emails, string.Format(Resources.LoginResources.ForgotPasswordEmailSubject, model.UserName), strBodyTemplate))
{
return(Json(new { data = string.Format(Resources.LoginResources.ForgotPasswordSuccess, model.Email), valid = true }));
}
else
{
return(Json(new { data = Resources.LoginResources.ForgotPasswordEmailError, valid = false }));
}
}
else
{
return(Json(new { data = Resources.LoginResources.ForgotPasswordEmailError, valid = false }));
}
}
else
{
return(Json(new { data = Resources.LoginResources.InvalidEmailUserName, valid = false }));
}
}
catch (Exception)
{
return(Json(new { data = Resources.LoginResources.InvalidEmailUserName, valid = false }));
}
}
else
{
return(Json(Resources.LoginResources.InvalidEmailUserName));
}
}
