public ActionResult Captcha(string empty)
{
LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func();
string username = (string)Session["username"];
User LoginUser = HelperFunc.UsernameExists(username);
if (this.IsCaptchaValid("Captcha is not valid"))
{
LoginUser.CaptchaCounter = 0;
DB.Users.Attach(LoginUser);
var entry1 = DB.Entry(LoginUser);
entry1.Property(e => e.CaptchaCounter).IsModified = true;
// other changed properties
DB.SaveChanges();
return(RedirectToAction("Login"));
}
LoginUser.CaptchaCounter++;
DB.Users.Attach(LoginUser);
var entry2 = DB.Entry(LoginUser);
entry2.Property(e => e.CaptchaCounter).IsModified = true;
// other changed properties
DB.SaveChanges();
if (LoginUser.CaptchaCounter > 5)
{
LoginUser.State = "Blocked";
var entry3 = DB.Entry(LoginUser);
entry3.Property(e => e.State).IsModified = true;
DB.SaveChanges();
return(RedirectToAction("BlockUser"));
}
ViewBag.ErrMessage = "Error: captcha is not valid.";
return(View());
}
public ActionResult ResetPassword(string id)
{
List <Question> QList = DB.Questions.ToList();
ViewBag.Quests = QList;
LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func();
User returnedUser = HelperFunc.UpdateNavToLisk(id);
if (returnedUser == null)
{
return(RedirectToAction("Expired"));
}
int userID = returnedUser.ID;
DateTime epiredDate = (DateTime)(returnedUser.ResetPasswordDate);
bool navToLink = returnedUser.navigateToLink;
//int userID = DB.Users.Where(x => x.ResetPasswordCode.ToString() == id).FirstOrDefault().ID;
//DateTime epiredDate = (DateTime)(DB.Users.Where(x => x.ID == userID).FirstOrDefault().ResetPasswordDate);
//bool navToLink = DB.Users.Where(x => x.ID == userID).FirstOrDefault().navigateToLink;
if (DateTime.Now > epiredDate.AddDays(1) || navToLink == true)
{
return(RedirectToAction("Expired"));
}
returnedUser.navigateToLink = true;
DB.Users.Attach(returnedUser);
var entry = DB.Entry(returnedUser);
entry.Property(e => e.navigateToLink).IsModified = true;
// other changed properties
DB.SaveChanges();
resetPasswordModel model = new resetPasswordModel();
model.id = userID;
return(View(model));
}
public ActionResult ResetPassword(resetPasswordModel model)
{
User U = DB.Users.Where(n => n.ID == model.id).Where(n => n.ID == model.id).FirstOrDefault();
string hashedAnswer = LogInOut_ForgPass_Func.GenerateSHA256String(model.Answer);
int questinID = DB.Questions.Where(a => a.QTextEnglish == model.Question).FirstOrDefault().ID;
//User x = DB.Users.Where(n => n.ID == model.id).Where(n => n.QuestionAnswer == hashedAnswer).FirstOrDefault();
if (questinID == U.QuestionID && U.QuestionAnswer == hashedAnswer)
{
U.Password = LogInOut_ForgPass_Func.GenerateSHA256String(model.Password);
TempData["passwordChanged"] = "Password changed successfully";
DB.Entry(U).State = System.Data.Entity.EntityState.Modified;
DB.SaveChanges();
}
else
{
TempData["passwordChanged"] = "Question Or answer is wrong";
}
return(RedirectToAction("PassChanged"));
}
public ActionResult Login(loginModel model)
{
ViewBag.captchacount = 0.ToString();
if (model.Username == null || model.Password == null)
{
}
else
{
Session["username"] = model.Username.ToString();
string hashedPassword = LogInOut_ForgPass_Func.GenerateSHA256String(model.Password);
if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.State != "Active").FirstOrDefault() != null)
{
ViewBag.message = "User Blocked";
}
else if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.IsEmailVerified == false).FirstOrDefault() != null)
{
ViewBag.message = "User not verified";
}
else if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.Password == hashedPassword).FirstOrDefault() != null)
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // Ticket version
model.Username, // Username to be associated with this ticket
DateTime.Now, // Date/time ticket was issued
DateTime.Now.AddDays(14), // Date and time the cookie will expire
false, // if user has chcked rememebr me then create persistent cookie
model.Username,
FormsAuthentication.FormsCookiePath);
string encrypted = FormsAuthentication.Encrypt(ticket);
var cooki = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
cooki.Expires = DateTime.Now.AddDays(14);
cooki.HttpOnly = true;
Response.Cookies.Add(cooki);
using (DBentities db = new DBentities())
{
LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func();
User resetCaptcha = HelperFunc.UsernameExists(model.Username);
resetCaptcha.CaptchaCounter = 0;
db.Users.Attach(resetCaptcha);
var ourentry = db.Entry(resetCaptcha);
ourentry.Property(e => e.CaptchaCounter).IsModified = true;
db.SaveChanges();
}
return(RedirectToAction("UserDashboard", "Dashboard"));
}
else
{
ViewBag.message = "Wrong password";
LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func();
User LoginUser = HelperFunc.UsernameExists(model.Username);
//User LoginUser = (from u in DB.Users
// where u.Email == model.EmailID
// select u).FirstOrDefault();
if (LoginUser != null)
{
LoginUser.CaptchaCounter++;
ViewBag.captchacount = LoginUser.CaptchaCounter.ToString();
DB.Users.Attach(LoginUser);
var entry = DB.Entry(LoginUser);
entry.Property(e => e.CaptchaCounter).IsModified = true;
// other changed properties
DB.SaveChanges();
if (LoginUser.CaptchaCounter > 3)
{
return(RedirectToAction("Captcha"));
}
}
else
{
ViewBag.message = "Wrong username or password";
}
}
}
return(View());
}
public ActionResult Register([Bind(Exclude = "Admin,State,IsEmailVerified,ActivationCode")] User user)
{
bool Status = false;
string message = "";
//
//model validation
if (ModelState.IsValid)
{
#region //email already exists
//User exist = RegisterHelperFunc.UserExists(user.Email);
User emailExist = DB.Users.Where(x => x.Email == user.Email).FirstOrDefault();
User usernameExist = RegisterHelperFunc.UsernameExists(user.UserName);
if (emailExist != null && usernameExist != null)
{
ViewBag.validate = "Username and Email already exist";
return(View(user));
}
else if (emailExist != null)
{
ViewBag.validate = "Email already exist";
ModelState.AddModelError("Email Exists", "Email already exists");
return(View(user));
}
else if (usernameExist != null)
{
ViewBag.validate = "Username already exist";
return(View(user));
}
#endregion
#region Generate Activation code
user.ActivationCode = Guid.NewGuid();
#endregion
#region password hashing
user.Password = LogInOut_ForgPass_Func.GenerateSHA256String(user.Password);
//user.ConfirmPassword = Crypto.Hash(user.ConfirmPassword);
#endregion
#region answer hashing
user.QuestionAnswer = LogInOut_ForgPass_Func.GenerateSHA256String(user.QuestionAnswer);
#endregion
user.IsEmailVerified = false;
user.CaptchaCounter = 0;
user.navigateToLink = false;
#region save to database
// using (DBentities db = new DBentities())
//{
// user.State = "active";
/// string ques = Request.Params[6].ToString();
// user.Question = (from q in db.Questions
// where q.QTextEnglish == ques
// select q).FirstOrDefault();
user.Admin = false;
user.State = "Active";
DB.Users.Add(user);
DB.SaveChanges();
//send email to user
RegisterHelperFunc.OldURL = Request.Url.PathAndQuery;
RegisterHelperFunc.sendverification(user.Email, user.ActivationCode.ToString());
message = "successfully registered. Account activation link has been sent to email: " + user.Email;
Status = true;
// }
#endregion
}
else
{
message = "Invalid Request";
}
//generate activation code
//password hashing
//save data to database
ViewBag.Message = message;
ViewBag.Status = Status;
ViewBag.questions = DB.Questions.ToList();
return(View(user));
//return Content("ok");
}
