private UserInfo Authenticate(LoginView login, out User user, out Role role)
{
UserModels sv = new UserModels();
UserInfo iit = new UserInfo();
user = sv.GetUserbyUserName(login.UserName);
if (user != null && MD5Extend.EncodePassword(login.Password) == user.Password && user.Online == true)
{
role = sv.GetRolebyId(user.Role);
iit = sv.GetUserInforByEmail(user.Username);
if (iit != null)
{
return(iit);
}
else
{
return(null);
}
}
else
{
role = null;
return(null);
}
}
public IActionResult UpdateUserInfor(string userName, [FromBody] AdminEditUserInforView userView)
{
IActionResult response = null;
UserModels userModels = new UserModels();
BaseClass baseClass = new BaseClass();
UserInfo infor = null;
var mess = string.Empty;
string rt = string.Empty;
bool is_valid = true;
if (!string.IsNullOrEmpty(userName))
{
infor = userModels.GetUserInforByEmail(userName);
}
if (!is_valid)
{
return(response);
}
if (infor != null)
{
infor.Email = userName;
infor.Fname = userView.Fname;
infor.Lname = userView.Lname;
infor.Phone = userView.Phone;
infor.Address = userView.Address;
if (!string.IsNullOrEmpty(userView.Birthday))
{
infor.Birthday = DateTime.Parse(userView.Birthday);
}
infor.Avatar = userView.Avatar;
infor.FullName = userView.FullName;
rt = userModels.UpdateUserInfor(userName, infor);
}
if (rt.Length > 0)
{
response = Json(new { code = Constant.Success, message = Constant.MessageUpdateCompleted });
}
else
{
response = Json(new { code = Constant.Fail, message = Constant.MessageUpdateUncompleted });
}
return(response);
}
public IActionResult Delete(string userName)
{
IActionResult response = null;
string mess = string.Empty;
UserModels userModels = new UserModels();
User cuser = userModels.GetUserbyUserName(userName);
UserInfo userInfo = userModels.GetUserInforByEmail(userName);
if (cuser != null)
{
//// delete user
bool rt = userModels.DeleteUser(userName);
if (rt)
{
//// delete avatar file
if (!string.IsNullOrEmpty(userInfo.Avatar) && userInfo.Avatar.Contains("/"))
{
string webRootPath = _hostingEnvironment.WebRootPath;
string fileDelete = Path.Combine(webRootPath, userInfo.Avatar.Replace("/", "\\"));
if (System.IO.File.Exists(fileDelete))
{
System.IO.File.Delete(fileDelete);
}
string fileDelete2 = Path.Combine(webRootPath, userInfo.Avatar.Replace("/", "\\").Replace("sc_small_", "sc_full_"));
if (System.IO.File.Exists(fileDelete2))
{
System.IO.File.Delete(fileDelete2);
}
}
response = Json(new { code = Constant.Success, message = Constant.MessageDeleteCompleted });
}
else
{
response = Json(new { code = Constant.Fail, message = Constant.MessageDeleteUncompleted });
}
}
else
{
response = Json(new { code = Constant.NotExist, message = Constant.MessageNotExist });
}
return(response);
}
public IActionResult getUserInforDetail(string userName)
{
UserModels sv = new UserModels();
IActionResult response = null;
var userInfor = sv.GetUserInforByEmail(userName);
if (userInfor != null)
{
response = Json(userInfor);
}
else
{
response = Json(new { code = Constant.NotExist, message = Constant.MessageNotExist });
}
return(response);
}
public ActionResult My_account()
{
if (!this.CheckMemberlogin())
{
return(this.RedirectToAction("login", "account", new { return_url = string.Empty + Url.Action("my_account", "account") }));
}
else
{
UserModels sv = new UserModels();
C_UserInfo iit = new C_UserInfo();
string strBread;
ViewBag.Title = App_GlobalResources.Lang.strMyAccount + " | " + GeneralModels.GetContent(CommonGlobal.PageName, this.Lang);
strBread = "<li>" + App_GlobalResources.Lang.strMyAccount + "</li>";
ViewBag.heading = App_GlobalResources.Lang.strMyAccount;
ViewBag.str_breadcrumbs = strBread;
this.AddMeta(CommonGlobal.Keyword, App_GlobalResources.Lang.strMyAccount);
this.AddMeta(CommonGlobal.Description, App_GlobalResources.Lang.strMyAccount);
iit = sv.GetUserInforByEmail(Session["mem"].ToString());
var register_view = new Register_view();
register_view.Message = string.Empty;
register_view.Parent_action = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
register_view.Parent_controller = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
if (iit == null)
{
return(this.RedirectToAction("login", "account", new { return_url = string.Empty + Url.Action("my_account", "account") }));
}
else
{
register_view.FirstName = iit.FName;
register_view.Address = iit.Address;
register_view.Phone = iit.Phone;
}
if (iit.Birthday != null)
{
register_view.Birthday = Convert.ToDateTime(iit.Birthday).ToString("dd/M/yyyy").Replace('-', '/');
}
register_view.Email = iit.Email;
return(this.PartialView("../page/my_account", register_view));
}
}
public IActionResult Get()
{
UserModels sv = new UserModels();
IActionResult response = null;
var identity = (ClaimsIdentity)User.Identity;
IEnumerable <Claim> claims = identity.Claims;
var userLogin = claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value;
var userInfor = sv.GetUserInforByEmail(userLogin);
if (userInfor != null)
{
response = Json(userInfor);
}
else
{
response = Json(new { code = Constant.NotExist, message = Constant.MessageNotExist });
}
return(response);
}
public IActionResult Refresh([FromBody] RefreshTokenResource resource)
{
UserModels sv = new UserModels();
IActionResult response = null;
var identity = (ClaimsIdentity)User.Identity;
IEnumerable <Claim> claims = identity.Claims;
var userLogin = claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value;
User user = sv.GetUserbyUserName(userLogin);
if (user != null && user.Token == resource.Token)
{
var role = sv.GetRolebyId(user.Role);
var expiresDate = DateTime.Now.AddHours(12);
var now = DateTime.Now;
var userInfo = sv.GetUserInforByEmail(user.Username);
if (!string.IsNullOrEmpty(user.Token) && user.Expire != null && user.Expire.Value > DateTime.Now)
{
var tokenResource = new TokenResource
{
Token = user.Token,
Expiry = user.Expire.Value
};
response = Json(tokenResource);
}
else
{
var tokenResource = BuildToken(userInfo, user, role, now, expiresDate);
response = Json(tokenResource);
}
}
return(response);
}
public ActionResult Login(string user_name, string password, string return_url)
{
var login_view = new Login_view();
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
login_view.ParentAction = HttpContext.Request.RequestContext.RouteData.Values["action"].ToString();
login_view.ParentController = HttpContext.Request.RequestContext.RouteData.Values["controller"].ToString();
it = sv.GetUserbyUserName(user_name);
if (it != null && MD5Extend.EncodePassword(password) == it.Password)
{
iit = sv.GetUserInforByEmail(user_name);
if (iit != null)
{
this.Session["acc"] = iit.FName + ' ' + iit.LName;
this.Session["mem"] = user_name;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, user_name, it.Role.ToString(), 6);
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
sv.Update_User(it);
if (it.Role.ToString() == "2" && it.Online == true)
{
if (this.Session["acc"] == null)
{
this.Session["acc"] = it.Username;
}
if (Url.IsLocalUrl(return_url))
{
return(this.Redirect(return_url));
}
else
{
return(this.RedirectToAction("my_account", "account"));
}
}
else if (it.Role.ToString() == "1" && it.Online == true)
{
return(this.RedirectToAction("index", "dashboard", new { area = "admin" }));
}
else
{
login_view.Message = App_GlobalResources.Lang.mess403;
login_view.ReturnUrl = return_url;
return(this.PartialView("../page/login", login_view));
}
}
else
{
login_view.Message = App_GlobalResources.Lang.mess403;
login_view.ReturnUrl = return_url;
return(this.PartialView("../page/login", login_view));
}
}
else
{
login_view.Message = App_GlobalResources.Lang.messLoginFail;
login_view.ReturnUrl = return_url;
return(this.PartialView("../page/login", login_view));
}
}
/// <summary>
/// Instagrams the callback.
/// </summary>
/// <returns>the Instagram Call back</returns>
public ActionResult InstagramCallback()
{
if (!string.IsNullOrEmpty(Request.QueryString["code"]))
{
string code = Request.QueryString["code"];
try
{
NameValueCollection parameters = new NameValueCollection();
parameters.Add("client_id", Util.GetConfigValue("AppInstagramID", string.Empty));
parameters.Add("client_secret", Util.GetConfigValue("AppInstagramSecret", string.Empty));
parameters.Add("grant_type", "authorization_code");
parameters.Add("redirect_uri", Util.GetConfigValue("AppIstagramReturn", string.Empty));
parameters.Add("code", code);
WebClient client = new WebClient();
var result = client.UploadValues("https://api.instagram.com/oauth/access_token", "POST", parameters);
var response = System.Text.Encoding.Default.GetString(result);
//// deserializing nested JSON string to object
var javascriptResult = (JObject)JsonConvert.DeserializeObject(response);
string accessToken = (string)javascriptResult["access_token"];
string id = (string)javascriptResult["user"]["id"];
string username_client = (string)javascriptResult["user"]["username"];
string fullname_client = (string)javascriptResult["user"]["full_name"];
////This code register id and access token to get on client side
////Page.ClientScript.RegisterStartupScript(this.GetType(), "GetToken", "<script>var instagramaccessid=\"" + @"" + id + "" + "\"; var instagramaccesstoken=\"" + @"" + accessToken + "" + "\";</script>");
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
it = sv.GetUserbyUserName(username_client);
if (it == null)
{
it = new C_User();
string rt = string.Empty;
bool infors = false;
it.Username = username_client;
it.Role = 2;
it.Password = MD5Extend.EncodePassword("123456");
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
rt = sv.Add_User(it);
iit.FName = fullname_client;
iit.Email = username_client;
////iit.LName = middlename;
iit.DateRegister = DateTime.Now;
////iit.EventId = string.IsNullOrEmpty(ids) != false ? int.Parse(ids) : 0;
iit.Note = "Instagram login";
infors = sv.Add_User_Infor(iit);
if (rt.Length > 0 && infors == true)
{
////register_view.message = Lang.strMessageLogin;
this.Session["acc"] = iit.FName;
this.Session["mem"] = rt;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, rt, it.Role.ToString(), 6);
}
}
else
{
iit = sv.GetUserInforByEmail(username_client);
this.Session["acc"] = iit.FName;
this.Session["mem"] = it.Username;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, it.Username, it.Role.ToString(), 6);
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
sv.Update_User(it);
}
if (this.Session["Instagram_return"] != null && Url.IsLocalUrl(this.Session["Instagram_return"].ToString()))
{
return(this.Redirect(this.Session["Instagram_return"].ToString()));
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
catch (Exception)
{
throw;
}
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
/// <summary>
/// Google the callback.
/// </summary>
/// <returns>Google Call back</returns>
public ActionResult GoogleCallback()
{
GoogleConnect.ClientId = Util.GetConfigValue("AppGoogleID", string.Empty);
GoogleConnect.ClientSecret = Util.GetConfigValue("AppGoogleSecret", string.Empty);
if (!string.IsNullOrEmpty(Request.QueryString["code"]))
{
string code = Request.QueryString["code"];
string json = GoogleConnect.Fetch("me", code);
GoogleProfile profile = new JavaScriptSerializer().Deserialize <GoogleProfile>(json);
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
it = sv.GetUserbyUserName(profile.Emails.Find(email => email.Type == "account").Value);
if (it == null)
{
it = new C_User();
string rt = string.Empty;
bool infors = false;
it.Username = profile.Emails.Find(email => email.Type == "account").Value;
it.Role = 2;
it.Password = MD5Extend.EncodePassword("123456");
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
rt = sv.Add_User(it);
iit.FName = profile.DisplayName;
iit.Email = profile.Emails.Find(email => email.Type == "account").Value;
////iit.LName = middlename;
iit.DateRegister = DateTime.Now;
////iit.EventId = string.IsNullOrEmpty(ids) != false ? int.Parse(ids) : 0;
iit.Note = "Google login";
infors = sv.Add_User_Infor(iit);
if (rt.Length > 0 && infors == true)
{
////register_view.message = Lang.strMessageLogin;
this.Session["acc"] = iit.FName;
this.Session["mem"] = rt;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, rt, it.Role.ToString(), 6);
}
}
else
{
iit = sv.GetUserInforByEmail(profile.Emails.Find(email => email.Type == "account").Value);
this.Session["acc"] = iit.FName;
this.Session["mem"] = it.Username;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, it.Username, it.Role.ToString(), 6);
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
sv.Update_User(it);
}
////lblId.Text = profile.Id;
////lblName.Text = profile.DisplayName;
////lblEmail.Text = profile.Emails.Find(email => email.Type == "account").Value;
////lblGender.Text = profile.Gender;
////lblType.Text = profile.ObjectType;
////ProfileImage.ImageUrl = profile.Image.Url;
if (Request.QueryString["error"] == "access_denied")
{
////login fail
logger.Error("Error requesting OAuth user data from Google:" + Request.QueryString["error"]);
}
if (this.Session["Google_return"] != null && Url.IsLocalUrl(this.Session["Google_return"].ToString()))
{
return(this.Redirect(Session["Google_return"].ToString()));
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
/// <summary>
/// Facebook the callback.
/// </summary>
/// <param name="code">The code.</param>
/// <returns>Facebook Call back</returns>
public ActionResult FacebookCallback(string code)
{
var fb = new Facebook.FacebookClient();
dynamic result = fb.Post("oauth/access_token", new { client_id = Util.GetConfigValue("AppFaceBookID", string.Empty), client_secret = Util.GetConfigValue("AppFacebookSecret", string.Empty), redirect_uri = this.RedirectUri.AbsoluteUri, code = code });
var accessToken = result.access_token;
//// Store the access token in the session for farther use
this.Session["AccessToken"] = accessToken;
//// update the facebook client with the access token so
//// we can make requests on behalf of the user
fb.AccessToken = accessToken;
//// Get the user's information
dynamic me = fb.Get("me?fields=first_name,middle_name,last_name,id,email");
string email = me.email;
string firstname = me.first_name;
string middlename = me.middle_name;
string lastname = me.last_name;
string ids = me.id;
//// Set the auth cookie
////FormsAuthentication.SetAuthCookie(email, false);
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
it = sv.GetUserbyUserName(email);
if (it == null)
{
it = new C_User();
string rt = string.Empty;
bool infors = false;
it.Username = email;
it.Role = 2;
it.Password = MD5Extend.EncodePassword("123456");
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
rt = sv.Add_User(it);
iit.FName = firstname;
iit.Email = email;
iit.LName = middlename;
iit.DateRegister = DateTime.Now;
iit.EventId = string.IsNullOrEmpty(ids) != false?int.Parse(ids) : 0;
iit.Note = "Facebook login";
infors = sv.Add_User_Infor(iit);
if (rt.Length > 0 && infors == true)
{
////register_view.message = Lang.strMessageLogin;
this.Session["acc"] = iit.FName;
this.Session["mem"] = rt;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, rt, it.Role.ToString(), 6);
}
}
else
{
iit = sv.GetUserInforByEmail(email);
this.Session["acc"] = iit.FName;
this.Session["mem"] = it.Username;
this.Session["role"] = it.Role.ToString();
this.SetAccountCookies(iit.FName, it.Username, it.Role.ToString(), 6);
it.Online = true;
it.IP = HttpContext.Request.ServerVariables["REMOTE_ADDR"].ToString();
it.LastLogin = DateTime.Now;
sv.Update_User(it);
}
if (this.Session["FaceBook_return"] != null && Url.IsLocalUrl(this.Session["FaceBook_return"].ToString()))
{
return(this.Redirect(Session["FaceBook_return"].ToString()));
}
else
{
return(this.RedirectToAction("index", "home"));
}
}
/// <summary>
/// Checks the member login.
/// </summary>
/// <returns>Check Member login</returns>
public bool CheckMemberlogin()
{
string mem = string.Empty;
string role = string.Empty;
////get session
if (this.Session["mem"] != null)
{
mem = this.Session["mem"].ToString();
}
if (this.Session["role"] != null)
{
role = this.Session["role"].ToString();
}
////if session null get from cookies and set session
if (mem == string.Empty || role == string.Empty)
{
HttpCookie cookie = this.Request.Cookies["mem"];
if (cookie != null)
{
HttpCookie decodedCookie = HttpSecureCookie.Decode(cookie);
if (decodedCookie != null && decodedCookie.Value != null)
{
UserModels sv = new UserModels();
C_User it = new C_User();
C_UserInfo iit = new C_UserInfo();
it = sv.GetUserbyUserName(decodedCookie.Value);
if (it != null && it.Role == 2)
{
iit = sv.GetUserInforByEmail(it.Username);
this.Session["mem"] = iit.FName;
this.Session["role"] = it.Role.ToString();
this.Session["acc"] = it.Username;
}
}
else
{
mem = string.Empty;
role = string.Empty;
}
}
}
////HttpCookie cookie = new HttpCookie("UserName", "Terminator");
////cookie.Expires = DateTime.Now.AddDays(1);
////HttpCookie encodedCookie = HttpSecureCookie.Encode(cookie);
////Response.Cookies.Add(encodedCookie);
////HttpCookie cookie = Request.Cookies["UserName"];
////lblDisplayBefore.Text = cookie.Value;
////HttpCookie decodedCookie = HttpSecureCookie.Decode(cookie);
if (mem != string.Empty && role == "2")
{
return(true);
}
else
{
return(false);
}
}
