public ActionResult Captcha(string empty) { LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func(); string username = (string)Session["username"]; User LoginUser = HelperFunc.UsernameExists(username); if (this.IsCaptchaValid("Captcha is not valid")) { LoginUser.CaptchaCounter = 0; DB.Users.Attach(LoginUser); var entry1 = DB.Entry(LoginUser); entry1.Property(e => e.CaptchaCounter).IsModified = true; // other changed properties DB.SaveChanges(); return(RedirectToAction("Login")); } LoginUser.CaptchaCounter++; DB.Users.Attach(LoginUser); var entry2 = DB.Entry(LoginUser); entry2.Property(e => e.CaptchaCounter).IsModified = true; // other changed properties DB.SaveChanges(); if (LoginUser.CaptchaCounter > 5) { LoginUser.State = "Blocked"; var entry3 = DB.Entry(LoginUser); entry3.Property(e => e.State).IsModified = true; DB.SaveChanges(); return(RedirectToAction("BlockUser")); } ViewBag.ErrMessage = "Error: captcha is not valid."; return(View()); }
public ActionResult Login(loginModel model) { ViewBag.captchacount = 0.ToString(); if (model.Username == null || model.Password == null) { } else { Session["username"] = model.Username.ToString(); string hashedPassword = LogInOut_ForgPass_Func.GenerateSHA256String(model.Password); if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.State != "Active").FirstOrDefault() != null) { ViewBag.message = "User Blocked"; } else if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.IsEmailVerified == false).FirstOrDefault() != null) { ViewBag.message = "User not verified"; } else if (DB.Users.Where(x => x.UserName == model.Username).Where(x => x.Password == hashedPassword).FirstOrDefault() != null) { FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, // Ticket version model.Username, // Username to be associated with this ticket DateTime.Now, // Date/time ticket was issued DateTime.Now.AddDays(14), // Date and time the cookie will expire false, // if user has chcked rememebr me then create persistent cookie model.Username, FormsAuthentication.FormsCookiePath); string encrypted = FormsAuthentication.Encrypt(ticket); var cooki = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted); cooki.Expires = DateTime.Now.AddDays(14); cooki.HttpOnly = true; Response.Cookies.Add(cooki); using (DBentities db = new DBentities()) { LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func(); User resetCaptcha = HelperFunc.UsernameExists(model.Username); resetCaptcha.CaptchaCounter = 0; db.Users.Attach(resetCaptcha); var ourentry = db.Entry(resetCaptcha); ourentry.Property(e => e.CaptchaCounter).IsModified = true; db.SaveChanges(); } return(RedirectToAction("UserDashboard", "Dashboard")); } else { ViewBag.message = "Wrong password"; LogInOut_ForgPass_Func HelperFunc = new LogInOut_ForgPass_Func(); User LoginUser = HelperFunc.UsernameExists(model.Username); //User LoginUser = (from u in DB.Users // where u.Email == model.EmailID // select u).FirstOrDefault(); if (LoginUser != null) { LoginUser.CaptchaCounter++; ViewBag.captchacount = LoginUser.CaptchaCounter.ToString(); DB.Users.Attach(LoginUser); var entry = DB.Entry(LoginUser); entry.Property(e => e.CaptchaCounter).IsModified = true; // other changed properties DB.SaveChanges(); if (LoginUser.CaptchaCounter > 3) { return(RedirectToAction("Captcha")); } } else { ViewBag.message = "Wrong username or password"; } } } return(View()); }
public ActionResult Register([Bind(Exclude = "Admin,State,IsEmailVerified,ActivationCode")] User user) { bool Status = false; string message = ""; // //model validation if (ModelState.IsValid) { #region //email already exists //User exist = RegisterHelperFunc.UserExists(user.Email); User emailExist = DB.Users.Where(x => x.Email == user.Email).FirstOrDefault(); User usernameExist = RegisterHelperFunc.UsernameExists(user.UserName); if (emailExist != null && usernameExist != null) { ViewBag.validate = "Username and Email already exist"; return(View(user)); } else if (emailExist != null) { ViewBag.validate = "Email already exist"; ModelState.AddModelError("Email Exists", "Email already exists"); return(View(user)); } else if (usernameExist != null) { ViewBag.validate = "Username already exist"; return(View(user)); } #endregion #region Generate Activation code user.ActivationCode = Guid.NewGuid(); #endregion #region password hashing user.Password = LogInOut_ForgPass_Func.GenerateSHA256String(user.Password); //user.ConfirmPassword = Crypto.Hash(user.ConfirmPassword); #endregion #region answer hashing user.QuestionAnswer = LogInOut_ForgPass_Func.GenerateSHA256String(user.QuestionAnswer); #endregion user.IsEmailVerified = false; user.CaptchaCounter = 0; user.navigateToLink = false; #region save to database // using (DBentities db = new DBentities()) //{ // user.State = "active"; /// string ques = Request.Params[6].ToString(); // user.Question = (from q in db.Questions // where q.QTextEnglish == ques // select q).FirstOrDefault(); user.Admin = false; user.State = "Active"; DB.Users.Add(user); DB.SaveChanges(); //send email to user RegisterHelperFunc.OldURL = Request.Url.PathAndQuery; RegisterHelperFunc.sendverification(user.Email, user.ActivationCode.ToString()); message = "successfully registered. Account activation link has been sent to email: " + user.Email; Status = true; // } #endregion } else { message = "Invalid Request"; } //generate activation code //password hashing //save data to database ViewBag.Message = message; ViewBag.Status = Status; ViewBag.questions = DB.Questions.ToList(); return(View(user)); //return Content("ok"); }