final fixes in exchange rate, force change password, implement Authorization

CustomerOnlineV2/CustomerOnlineV2.Business/Business/AccountBusiness/AccountBusiness.cs

@@ -1,4 +1,5 @@
-using CustomerOnlineV2.Common.Models.AccountModel;
+using CustomerOnlineV2.Common.Models;
+using CustomerOnlineV2.Common.Models.AccountModel;
 using CustomerOnlineV2.Repository.Repository.AccountRepository;
 using Microsoft.Extensions.Logging;
 
@@ -19,5 +20,15 @@ namespace CustomerOnlineV2.Business.Business.AccountBusiness
         {
             return await _accountRepo.Login(model);
         }
+
+        public async Task<CommonResponse> ChangePassword(ForceChangePasswordModel model, LoginResponse logindetails)
+        {
+            if (model.NewPassword != model.ConfirmNewPassword)
+            {
+                return new CommonResponse(ResponseHelper.FAILED, "New Password and confirm new password does not match!");
+            }
+
+            return await _accountRepo.ChangePassword(model, logindetails);
+        }
     }
 }

CustomerOnlineV2/CustomerOnlineV2.Business/Business/AccountBusiness/IAccountBusiness.cs

@@ -1,9 +1,11 @@
-using CustomerOnlineV2.Common.Models.AccountModel;
+using CustomerOnlineV2.Common.Models;
+using CustomerOnlineV2.Common.Models.AccountModel;
 
 namespace CustomerOnlineV2.Business.Business.AccountBusiness
 {
     public interface IAccountBusiness
     {
         Task<LoginResponse> Login(LoginModel model);
+        Task<CommonResponse> ChangePassword(ForceChangePasswordModel model, LoginResponse logindetails);
     }
 }

CustomerOnlineV2/CustomerOnlineV2.Business/Business/TransactionBusiness/TransactionBusiness.cs

@@ -1,5 +1,6 @@
 using CustomerOnlineV2.Api.API.TPApi;
 using CustomerOnlineV2.Common.Helper;
+using CustomerOnlineV2.Common.Models;
 using CustomerOnlineV2.Common.Models.AccountModel;
 using CustomerOnlineV2.Common.Models.TransactionModel;
 using CustomerOnlineV2.Repository.Repository.TransactionRepository;
@@ -25,13 +26,97 @@ namespace CustomerOnlineV2.Business.Business.TransactionBusiness
         {
             ExrateResponse _response = new ExrateResponse();
             _logger.LogDebug("TRANSACTIONBUSINESS | DOCALCULATION | REQUEST | " + JsonConvert.SerializeObject(calcModel));
+            _response = ValidateExrateRequest(calcModel);
 
-            ExratePayoutDetailsModel _partnerDetails = await _transactionRepo.GetPayoutDetails(calcModel, loginDetails);
+            if (_response.ResponseCode == ResponseHelper.SUCCESS)
+            {
+                ExratePayoutDetailsModel _partnerDetails = await _transactionRepo.GetPayoutDetails(calcModel, loginDetails);
+
+                ExrateCalculateRequestModel _request = GenerateExrateParams(calcModel, loginDetails, _partnerDetails);
+
+                _response = await _tpApi.GetExRate(_request);
+            }
+            return _response;
+        }
+
+        private ExrateResponse ValidateExrateRequest(SendTransactionModel calcModel)
+        {
+            ExrateResponse _response = new ExrateResponse();
+            _response.ResponseCode = ResponseHelper.SUCCESS;
+            _response.ResponseMessage = ResponseMessageHelper.SUCCESS;
+
+            if (string.IsNullOrEmpty(calcModel.CalcBy))
+            {
+                _response.ResponseCode = ResponseHelper.FAILED;
+                _response.ResponseMessage = "Param calcBy can not be emoty!";
+
+                _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+            }
+            else if (calcModel.CalcBy != "c")
+            {
+                if (calcModel.CalcBy != "p")
+                {
+                    _response.ResponseCode = ResponseHelper.FAILED;
+                    _response.ResponseMessage = "Param calcBy have invalid value!";
 
-            ExrateCalculateRequestModel _request = GenerateExrateParams(calcModel, loginDetails, _partnerDetails);
+                    _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+                }
+            }
+            else if (string.IsNullOrEmpty(calcModel.ReceivingCountry))
+            {
+                _response.ResponseCode = ResponseHelper.FAILED;
+                _response.ResponseMessage = "Param ReceivingCountry can not be emoty!";
+
+                _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+            }
+            else if (string.IsNullOrEmpty(calcModel.DeliveryMethod))
+            {
+                _response.ResponseCode = ResponseHelper.FAILED;
+                _response.ResponseMessage = "Param DeliveryMethod can not be emoty!";
+
+                _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+            }
+            else if (string.IsNullOrEmpty(calcModel.CollectAmount))
+            {
+                if (string.IsNullOrEmpty(calcModel.PayoutAmount))
+                {
+                    _response.ResponseCode = ResponseHelper.FAILED;
+                    _response.ResponseMessage = "Params CollectAmount and PayoutAmount can not be emoty!";
+
+                    _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+                }
+            }
+            else if (string.IsNullOrEmpty(calcModel.CollMode))
+            {
+                _response.ResponseCode = ResponseHelper.FAILED;
+                _response.ResponseMessage = "Param CollMode can not be emoty!";
+
+                _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+            }
+            else if (Utilities.TryParseDecimal(calcModel.CollectAmount) <= 0)
+            {
+                if (Utilities.TryParseDecimal(calcModel.PayoutAmount) <= 0)
+                {
+                    _response.ResponseCode = ResponseHelper.FAILED;
+                    _response.ResponseMessage = "Param CollectAmount or PayoutAmount has invalid value!";
 
-            _response = await _tpApi.GetExRate(_request);
+                    _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+                }
+            }
+            else if (calcModel.CalcBy == "c" && Utilities.TryParseDecimal(calcModel.CollectAmount) <= 0)
+            {
+                _response.ResponseCode = ResponseHelper.FAILED;
+                _response.ResponseMessage = "Param CollectAmount has invalid value!";
+
+                _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+            }
+            else if (calcModel.CalcBy == "p" && Utilities.TryParseDecimal(calcModel.PayoutAmount) <= 0)
+            {
+                _response.ResponseCode = ResponseHelper.FAILED;
+                _response.ResponseMessage = "Param PayoutAmount has invalid value!";
 
+                _logger.LogError("TRANSACTIONBUSINESS | DOCALCULATION.VALIDATEEXRATEREQUEST | REQUEST | " + JsonConvert.SerializeObject(_response));
+            }
             return _response;
         }
 

CustomerOnlineV2/CustomerOnlineV2.Common/Helper/Utilities.cs

@@ -21,6 +21,14 @@ namespace CustomerOnlineV2.Common.Helper
             return ConfigurationManager.AppSettings[key] ?? defValue;
         }
 
+        public static decimal TryParseDecimal(string amount)
+        {
+            decimal output;
+            decimal.TryParse(amount, out output);
+
+            return output;
+        }
+
         public static string GetRowCellValue(object v)
         {
             try

CustomerOnlineV2/CustomerOnlineV2.Common/Models/AccountModel/AccountModel.cs

@@ -14,6 +14,13 @@
         public bool RememberMe { get; set; }
     }
 
+    public class ForceChangePasswordModel
+    {
+        public string? NewPassword { get; set; }
+        public string? ConfirmNewPassword { get; set; }
+        public string? IpAddress { get; set; }
+    }
+
     public class LoginResponse : CommonResponse
     {
         public string? UserId { get; set; }

CustomerOnlineV2/CustomerOnlineV2.Repository/Repository/AccountRepository/AccountRepository.cs

@@ -1,5 +1,5 @@
-using CustomerOnlineV2.Common.Models.AccountModel;
-using CustomerOnlineV2.Common.Models;
+using CustomerOnlineV2.Common.Models;
+using CustomerOnlineV2.Common.Models.AccountModel;
 using CustomerOnlineV2.Repository.ConnectionHelper;
 using Microsoft.Extensions.Logging;
 using Newtonsoft.Json;
@@ -67,5 +67,30 @@ namespace CustomerOnlineV2.Repository.Repository.AccountRepository
             }
             return await Task.FromResult(_response);
         }
+
+        public async Task<CommonResponse> ChangePassword(ForceChangePasswordModel model, LoginResponse logindetails)
+        {
+            CommonResponse _response = new CommonResponse();
+            try
+            {
+                var sql = "EXEC PROC_DYNAMIC_TABLE";
+                sql += " @Flag  = " + _connHelper.FilterString("ForceChange");
+                sql += ",@UserEmail  = " + _connHelper.FilterString(logindetails.UserName);
+                sql += ",@Password = " + _connHelper.FilterString(model.NewPassword);
+                sql += ",@ConfirmPassword = " + _connHelper.FilterString(model.ConfirmNewPassword);
+                sql += ",@ipAddress = " + _connHelper.FilterString(model.IpAddress);
+
+                _logger.LogDebug("ACCOUNTREPOSITORY | CHANGEPASSWORD | SQL | " + sql);
+                return _connHelper.ParseDbResult(sql);
+            }
+            catch (Exception ex)
+            {
+                _response.ResponseCode = ResponseHelper.EXCEPTION;
+                _response.ResponseMessage = "Exception occured: " + ex.Message;
+
+                _logger.LogError("ACCOUNTREPOSITORY | LOGIN | EXCEPTION | " + JsonConvert.SerializeObject(_response));
+            }
+            return await Task.FromResult(_response);
+        }
     }
 }

CustomerOnlineV2/CustomerOnlineV2.Repository/Repository/AccountRepository/IAccountRepository.cs

@@ -1,9 +1,11 @@
-using CustomerOnlineV2.Common.Models.AccountModel;
+using CustomerOnlineV2.Common.Models;
+using CustomerOnlineV2.Common.Models.AccountModel;
 
 namespace CustomerOnlineV2.Repository.Repository.AccountRepository
 {
     public interface IAccountRepository
     {
+        Task<CommonResponse> ChangePassword(ForceChangePasswordModel model, LoginResponse logindetails);
         Task<LoginResponse> Login(LoginModel model);
     }
 }

CustomerOnlineV2/CustomerOnlineV2/Authorization/AuthorizationAttribute.cs

@@ -0,0 +1,107 @@
+using CustomerOnlineV2.Common.Models.AccountModel;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+using System.Net;
+using System.Security.Claims;
+
+namespace CustomerOnlineV2.Authorization
+{
+    public class AuthorizationAttribute: TypeFilterAttribute
+    {
+        public AuthorizationAttribute(params string[] ids) : base(typeof(ClaimRequirementFilter))
+        {
+            Arguments = new object[] { ids };
+        }
+
+        public class ClaimRequirementFilter : IAuthorizationFilter
+        {
+            private readonly string[] _ids;
+            public ClaimRequirementFilter(string[] ids)
+            {
+                _ids = ids;
+            }
+
+            public void OnAuthorization(AuthorizationFilterContext context)
+            {
+                var IsAuthenticated = context.HttpContext.User.Identity.IsAuthenticated;
+                var claimsIndentity = context.HttpContext.User.Identity as ClaimsIdentity;
+
+                if (IsAuthenticated)
+                {
+                    try
+                    {
+                        LoginResponse _loginData = new LoginResponse();
+                        _loginData.UserName = claimsIndentity.FindFirst(c => c.Type == "UserName").Value;
+                        _loginData.SessionId = claimsIndentity.FindFirst(c => c.Type == "SessionId").Value;
+                        _loginData.ForceChangePassword = Convert.ToBoolean(claimsIndentity.FindFirst(c => c.Type == "ForceChangePassword").Value);
+
+                        if (string.IsNullOrEmpty(_loginData.UserName))
+                        {
+
+                            if (context.HttpContext.Request.IsAjaxRequest())
+                            {
+                                context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
+                                return;
+                            }
+
+                            context.Result = new RedirectToRouteResult(new RouteValueDictionary(new { action = "Index", controller = "Account" }));
+                            return;
+                        }
+
+                        //force change password
+                        if (_loginData.ForceChangePassword)
+                        {
+                            context.HttpContext.Response.StatusCode = (int)HttpStatusCode.OK;
+                            context.HttpContext.Response.Redirect("/Account/ForceChangePassword");
+                            return;
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
+                        context.Result = new RedirectToRouteResult(new RouteValueDictionary(new { action = "Index", controller = "Account" }));
+                        return;
+                    }
+                }
+                else
+                {
+                    if (context.HttpContext.Request.IsAjaxRequest())
+                    {
+                        context.HttpContext.Response.StatusCode = (int)HttpStatusCode.Unauthorized; //Set HTTP 403 -   
+                    }
+                    else
+                    {
+                        var request = context.HttpContext.Request;
+                        var returnUrl = request.Path;
+                        var queryString = request.QueryString.Value;
+                        if (!string.IsNullOrEmpty(queryString))
+                        {
+                            returnUrl += queryString;
+                        }
+
+                        context.Result = new RedirectToRouteResult(new RouteValueDictionary(new
+                        {
+                            action = "Index",
+                            controller = "Account",
+                            returnUrl = returnUrl.Value
+                        }));
+                    }
+                }
+            }
+        }
+    }
+
+    public static class CheckAjaxRequest
+    {
+        public static bool IsAjaxRequest(this HttpRequest request)
+        {
+            if (request == null)
+                throw new ArgumentNullException("request");
+            if (request.Headers["X-Requested-With"] == "XMLHttpRequest")
+                return true;
+            if (request.Headers != null)
+                return request.Headers["X-Requested-With"] == "XMLHttpRequest";
+            return false;
+        }
+    }
+}

CustomerOnlineV2/CustomerOnlineV2/Controllers/AccountController.cs

@@ -11,6 +11,7 @@ using Serilog.Context;
 using Serilog;
 using System.Security.Claims;
 using System.Web;
+using System.Security.Permissions;
 
 namespace CustomerOnlineV2.Controllers
 {
@@ -79,11 +80,11 @@ namespace CustomerOnlineV2.Controllers
                         HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
                                           new ClaimsPrincipal(claimsIdentity));
 
-                        //if (result.ForceChangePassword)
-                        //{
-                        //    Log.Information("ACCOUNTCONTROLLER | LOGIN | FORCE CHANGE PASSWORD");
-                        //    return RedirectToAction("ChangePassword", "Account");
-                        //}
+                        if (result.ForceChangePassword)
+                        {
+                            Log.Information("ACCOUNTCONTROLLER | LOGIN | FORCE CHANGE PASSWORD");
+                            return RedirectToAction("ForceChangePassword", "Account");
+                        }
 
                         var returnUrl = Convert.ToString(TempData["ReturnUrl"]);
                         if (Url.IsLocalUrl(returnUrl))
@@ -108,5 +109,43 @@ namespace CustomerOnlineV2.Controllers
             }
             return View();
         }
+
+        public async Task<IActionResult> ForceChangePassword()
+        {
+            return View();
+        }
+
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<IActionResult> ForceChangePassword(ForceChangePasswordModel model)
+        {
+            var logindetails = HttpContext.GetLoginDetails();
+            model.IpAddress = Utilities.GetIpAddressv2(HttpContext);
+            using (LogContext.PushProperty("DebugId", logindetails.UserName))
+            {
+                _logger.LogDebug("ACCOUNTCONTROLLER | FORCECHANGEPASSWORD | REQUEST | " + JsonConvert.SerializeObject(model));
+                if (string.IsNullOrEmpty(logindetails.UserName))
+                {
+                    _logger.LogError("ACCOUNTCONTROLLER | FORCECHANGEPASSWORD | INVALID logindetails.UserName");
+                    RedirectToAction("Index", "Account");
+                }
+
+                var response = await _accountBusiness.ChangePassword(model, logindetails);
+                Log.Debug("Change password response: " + JsonConvert.SerializeObject(response));
+                if (response.ResponseCode == ResponseHelper.SUCCESS)
+                {
+                    Log.Debug("ACCOUNTCONTROLLER | CHANGEPASSWORD | REQUEST ARRIVED | " + logindetails.UserName);
+                    HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+                    return RedirectToAction("Index", "Account");
+                }
+                else
+                {
+                    ViewBag.ResponseCode = response.ResponseCode;
+                    ViewBag.ResponseMessage = response.ResponseMessage;
+                    _logger.LogError("ACCOUNTCONTROLLER | LOGIN | ERROR OCCURED | " + JsonConvert.SerializeObject(response));
+                    return View();
+                }
+            }
+        }
     }
 }

CustomerOnlineV2/CustomerOnlineV2/Controllers/HomeController.cs

@@ -7,6 +7,7 @@ using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Authentication;
 using Microsoft.AspNetCore.Authorization;
 using CustomerOnlineV2.Common.Models.HomeModel;
+using CustomerOnlineV2.Authorization;
 
 namespace CustomerOnlineV2.Controllers
 {
@@ -21,11 +22,13 @@ namespace CustomerOnlineV2.Controllers
             _homeBusiness = homeBusiness;
         }
 
+        [Authorization("Index")]
         public IActionResult Index()
         {
             return View();
         }
 
+        [Authorization("Privacy")]
         public IActionResult Privacy()
         {
             return View();
@@ -38,7 +41,6 @@ namespace CustomerOnlineV2.Controllers
         }
 
         [AllowAnonymous]
-        [ValidateAntiForgeryToken]
         public IActionResult Logout()
         {
             HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
@@ -47,6 +49,7 @@ namespace CustomerOnlineV2.Controllers
 
         [HttpPost]
         [ValidateAntiForgeryToken]
+        [Authorization("GetTransactionList")]
         public async Task<CustomerTransactionList> GetTransactionList()
         {
             var loginDetails = HttpContext.GetLoginDetails();
@@ -55,6 +58,7 @@ namespace CustomerOnlineV2.Controllers
 
         [HttpPost]
         [ValidateAntiForgeryToken]
+        [Authorization("GetReceiverList")]
         public async Task<CustomerReceiverModel> GetReceiverList()
         {
             var loginDetails = HttpContext.GetLoginDetails();
@@ -63,6 +67,7 @@ namespace CustomerOnlineV2.Controllers
 
         [HttpPost]
         [ValidateAntiForgeryToken]
+        [Authorization("GetDDLList")]
         public async Task<CommonDropDownList> GetDDLList(CommonDropDownModel model)
         {
             var loginDetails = HttpContext.GetLoginDetails();

CustomerOnlineV2/CustomerOnlineV2/Controllers/TransactionController.cs

@@ -4,7 +4,7 @@ using CustomerOnlineV2.Common.Helper;
 using Microsoft.AspNetCore.Mvc;
 using Newtonsoft.Json;
 using Serilog.Context;
-using System.Web;
+using CustomerOnlineV2.Authorization;
 
 namespace CustomerOnlineV2.Controllers
 {
@@ -21,6 +21,7 @@ namespace CustomerOnlineV2.Controllers
 
         [HttpPost]
         [ValidateAntiForgeryToken]
+        [Authorization("DoCalculation")]
         public async Task<ExrateResponse> DoCalculation(SendTransactionModel calcModel)
         {
             ExrateResponse _response = new ExrateResponse(); 

CustomerOnlineV2/CustomerOnlineV2/Views/Account/ForceChangePassword.cshtml

@@ -0,0 +1,237 @@
+@model CustomerOnlineV2.Common.Models.AccountModel.ForceChangePasswordModel
+@{
+    Layout = null;
+}
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8" />
+    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+    <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1.0, shrink-to-fit=no" />
+    <link href="images/favicon.png" rel="icon" />
+    <title>Money Transfer and Online Payments</title>
+    <meta name="description" content="Money" />
+    <base href="~/" />
+    <link href="~/vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet" />
+    <link href="~/vendor/font-awesome/css/all.min.css" rel="stylesheet" />
+    <link href="~/vendor/bootstrap-select/css/bootstrap-select.min.css" rel="stylesheet" />
+    <link href="~/vendor/currency-flags/css/currency-flags.min.css" rel="stylesheet" />
+    <link href="~/vendor/owl.carousel/owl.carousel.min.css" rel="stylesheet" />
+    <link href="~/css/styles-login.css" rel="stylesheet" />
+    <link href="~/vendor/toast-alert/izitoast.min.css" rel="stylesheet" />
+    <link rel="icon" type="image/png" href="favicon.png" />
+</head>
+<body>
+    <!-- Preloader -->
+    <div id="preloader">
+        <div data-loader="dual-ring"></div>
+    </div>
+    <!-- Preloader End -->
+    <!-- Document Wrapper -->
+    <div id="main-wrapper">
+        <!-- Header -->
+        <header id="header">
+            <div class="container">
+                <div class="header-row">
+                    <div class="header-column justify-content-between">
+                        <!-- Logo
+                        ============================= -->
+                        <div class="logo me-3">
+                            <a class="d-flex" href="index.html" title="Money - HTML Template">
+                                <img src="images/imelondon.svg" height="35" alt="IME London - Logo" />
+                            </a>
+                        </div>
+                        <!-- Logo end -->
+                        <!-- Collapse Button
+                        ============================== -->
+                        <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#header-nav"><span></span> <span></span> <span></span></button>
+                        <!-- Collapse Button end -->
+                        <!-- Primary Navigation
+                        ============================== -->
+                        <nav class="primary-menu navbar navbar-expand-lg">
+                            <div id="header-nav" class="collapse navbar-collapse">
+                                <ul class="navbar-nav me-auto">
+                                    <li><a href="dashboard-new.html">Dashboard</a></li>
+                                </ul>
+                            </div>
+                        </nav>
+                        <!-- Primary Navigation end -->
+                    </div>
+                    <div class="header-column justify-content-end">
+                        <!-- Login & Signup Link
+                        ============================== -->
+                        <!-- Login & Signup Link end -->
+                    </div>
+                </div>
+            </div>
+        </header>
+        <!-- Header End -->
+        <!-- Page Header
+        ============================================= -->
+        <!-- Page Header end -->
+        <!-- Content -->
+        <div id="content">
+            <!-- Who we are  -->
+            <section class="section section-form-bg">
+                <div class="container">
+                    <div class="row align-items-center">
+                        <div class="col-md-7 pe-0">
+                            <div class="contact-from-wrap">
+                                <div class="sec-heading mb-5">
+                                    <h2 class="sec-title">Change Password</h2>
+                                    <div class="text-3">You need to change your password to keep your account secure.</div>
+                                    <p class="sec-subtitle"></p>
+                                </div>
+                                <form asp-controller="Account" id="force-change-pwd" asp-action="ForceChangePassword" method="post" novalidate>
+                                    <div class="form-floating mb-3">
+                                        <input type="password" class="form-control" asp-for="NewPassword" placeholder="IMe12312@3asdfk43933" required>
+                                        <label for="floatingInput">Current Password</label>
+                                    </div>
+                                    <div class="form-floating mb-3">
+                                        <input type="password" class="form-control" asp-for="ConfirmNewPassword" placeholder="IMe12312@3asdfk43933" required>
+                                        <label for="floatingInput">Enter New Password</label>
+                                    </div>
+                                    <div class="col-lg-3 mt-4">
+                                        <div class="d-grid mb-5">
+                                            <button type="submit" id="BtnLogin" class="btn btn-primary btn-sumbit-blue" style="width: 250px;">
+                                                <span class="loginText">Change Password</span>&nbsp;<div class="spinner-border text-success loading" role="status" style="display:none;"></div> <i class="fa fa-window-maximize px-2 loginText" aria-hidden="true"></i>
+                                            </button>
+                                        </div>
+                                    </div>
+                                </form>
+                            </div>
+                        </div>
+                        <div class="col-md-5 ps-0">
+                            <div class="contact-info-wrap">
+                                <address>
+                                    <i class="fas fa-envelope"></i>
+                                    <span>Email Address</span>
+                                    <a href="mailto:info@imelondon.co.uk">info@imelondon.co.uk</a>
+                                </address>
+                                <address>
+                                    <i class="fas fa-phone-alt"></i>
+                                    <span>Contact Numbers</span>
+                                    <a href="tel:+44 02088660307">+44 02088660307</a>
+                                    <a href="tel:+44 07984713677">+44 07984713677</a>
+                                </address>
+                                <address>
+                                    <i class="fas fa-map-marker-alt"></i>
+                                    <span>Our Head Office</span>
+                                    Pentax House, South Hill Avenue, South Harrow, London, HA2 0DU
+                                </address>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </section>
+        </div>
+        <!-- Footer -->
+        <footer id="footer" class="footer-web">
+            <div class="container">
+                <div class="text-center">
+                    <div class="row">
+                        <div class="mx-auto">
+                            <div class="text-center text-white">
+                                <p class="text-center mb-3 text-1">
+                                    IME London is a product of Subhida UK Limited, Pentax House,South Hill Avenue, South Harrow, London, H2A 0D
+
+                                    Company Registration No. 06432399 Subhida UK Ltd is authorized and regulated by the Financial Conduct
+                                    Authority (FCA) <br> under the Payment Service Regulations 2017. FCA Registration No. 576127 HMRC Registration No. XYML000000119350
+                                <p class="text-center my-3 text-1"></p>
+                            </div>
+                        </div>
+                    </div>
+                    <div class="row">
+                        <div class="col-lg-6 mx-auto">
+                            <div class="text-center text-white">
+                                <p>© IME London, 2023</p>
+                            </div>
+
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </footer>
+        <!-- Footer end -->
+    </div>
+    <!-- Document Wrapper end -->
+    <!-- Back to Top
+    ============================================= -->
+    <a id="back-to-top" data-bs-toggle="tooltip" title="Back to Top" href="javascript:void(0)"><i class="fa fa-chevron-up"></i></a>
+    <!-- Video Modal
+    ============================================= -->
+    <div class="modal fade" id="videoModal" tabindex="-1" role="dialog">
+        <div class="modal-dialog modal-lg modal-dialog-centered" role="document">
+            <div class="modal-content bg-transparent border-0">
+                <button type="button" class="btn-close btn-close-white ms-auto me-n3" data-bs-dismiss="modal" aria-label="Close"></button>
+                <div class="modal-body p-0">
+                    <div class="ratio ratio-16x9">
+                        <iframe id="video" src="" allow="autoplay;" allowfullscreen></iframe>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <script src="~/vendor/jquery/jquery.min.js"></script>
+    <script src="https://cdn.jsdelivr.net/npm/jquery-validation@1.19.5/dist/jquery.validate.js"></script>
+    <script src="~/vendor/bootstrap/js/bootstrap.bundle.min.js"></script>
+    <script src="~/vendor/bootstrap-select/js/bootstrap-select.min.js"></script>
+    <script src="~/vendor/owl.carousel/owl.carousel.min.js"></script>
+    <script src="~/js/script.js"></script>
+    <script src="~/vendor/toast-alert/izitoast.min.js"></script>
+    <script src="~/js/custom.js"></script>
+    <script type="text/javascript">
+        (function () {
+            'use strict'
+            // Fetch all the forms we want to apply custom Bootstrap validation styles to
+            var forms = document.querySelectorAll('#force-change-pwd')
+
+            // Loop over them and prevent submission
+            Array.prototype.slice.call(forms)
+                .forEach(function (form) {
+                    form.addEventListener('submit', function (event) {
+                        if (!form.checkValidity()) {
+                            event.preventDefault();
+                            event.stopPropagation();
+                        }
+                        else {
+                            debugger
+                            if ($('#NewPassword').val() != $('#ConfirmNewPassword').val()) {
+                                ShowAlertMessage(1, 'Password are confirm password are not same!');
+                                $('#NewPassword').focus();
+                                event.preventDefault();
+                                event.stopPropagation();
+                                return false;
+                            }
+                            event.preventDefault();
+                            $('.loginText').hide();
+                            $('#BtnLogin').css('cursor', 'not-allowed');
+                            $('.loading').show();
+                            $('#BtnLogin').prop('disabled', true);
+
+                            $("#force-change-pwd").submit();
+                        }
+                        form.classList.add('was-validated')
+                    }, false)
+                })
+        })();
+
+        if ('@ViewBag.ResponseCode' != '') {
+            if ('@ViewBag.ResponseCode' != '0') {
+                iziToast.error({
+                    title: 'Error',
+                    message: '@ViewBag.ResponseMessage'
+                });
+            }
+            else {
+                iziToast.success({
+                    title: 'OK',
+                    message: '@ViewBag.ResponseMessage'
+                });
+            }
+        }
+    </script>
+</body>
+</html>

CustomerOnlineV2/CustomerOnlineV2/Views/Shared/_Layout.cshtml

@@ -115,7 +115,7 @@
                                         </li>
                                         <li class="dropdown-divider mx-n3"></li>
                                         <li>
-                                            <a class="dropdown-item" href="login-new.html"><i class="fas fa-sign-out-alt"></i>Sign Out</a>
+                                            <a class="dropdown-item" href="/Home/Logout"><i class="fas fa-sign-out-alt"></i>Sign Out</a>
                                         </li>
                                     </ul>
                                 </li>

CustomerOnlineV2/CustomerOnlineV2/Views/Shared/_Layout2.cshtml

@@ -117,7 +117,7 @@
                                         </li>
                                         <li class="dropdown-divider mx-n3"></li>
                                         <li>
-                                            <a class="dropdown-item" href="#"><i class="fas fa-sign-out-alt"></i>Sign Out</a>
+                                            <a class="dropdown-item" href="/Home/Logout"><i class="fas fa-sign-out-alt"></i>Sign Out</a>
                                         </li>
                                     </ul>
                                 </li>

CustomerOnlineV2/CustomerOnlineV2/Views/Transaction/SendMoney.cshtml

@@ -61,7 +61,7 @@
                                         <div class="col-md-5">
                                             <div class="mb-3">
                                                 <div class="form-floating mb-3">
-                                                    <input type="text" asp-for="PayoutAmount" class="form-control" id="floatingInput" placeholder="00.00">
+                                                    <input type="text" asp-for="PayoutAmount" class="form-control" placeholder="00.00">
                                                     <label for="floatingInput">Receive Amount NPR</label>
                                                 </div>
                                             </div>
@@ -71,7 +71,7 @@
                                         <div class="col-md-5">
                                             <div class="mb-3">
                                                 <div class="form-floating mb-3">
-                                                    <input type="text" asp-for="PromoCode" maxlength="10" class="form-control" id="floatingInput" placeholder="">
+                                                    <input type="text" asp-for="PromoCode" maxlength="10" class="form-control" placeholder="">
                                                     <label for="floatingInput">I Have Promo Code (Optional)</label>
                                                 </div>
                                             </div>
@@ -110,7 +110,7 @@
                                     <div class="row">
                                         <div class="mb-4">
                                             <div class="form-check d-flex align-items-center">
-                                                <input class="form-check-input me-2" asp-for="TermsAndConditions" type="checkbox">
+                                                <input class="form-check-input me-2" asp-for="TermsAndConditions" type="checkbox" required>
                                                 <label class="form-check-label" for="TermsAndConditions" />I have read the details and confirm to send now.
                                             </div>
                                         </div>
@@ -170,15 +170,31 @@
         </div>
     </div>
 </div>
+<input type="hidden" id="hdnCalcBy" />
 @section Scripts{
     <script type="text/javascript">
         $(document).ready(function () {
             $('#ReceivingCountry').change(function () {
-                debugger
                 if ($(this).val() != '') {
                     PopulateDDL('DeliveryMethod', 'pMode', $(this).val(), true, '');
                     PopulateDDL('Receiver', 'receiverList', $(this).val(), true, '');
                 }
+                else {
+                    $('#DeliveryMethod').empty();
+                    $('#Receiver').empty();
+                }
+            });
+
+            $('#CollectAmount').on('change', function () {
+                if (!isNaN(parseFloat($(this).val())) && parseFloat($(this).val()) > 0) {
+                    $('#hdnCalcBy').val('c');
+                }
+            });
+
+            $('#PayoutAmount').on('change', function () {
+                if (!isNaN(parseFloat($(this).val())) && parseFloat($(this).val()) > 0) {
+                    $('#hdnCalcBy').val('c');
+                }
             });
         });
 
@@ -204,6 +220,28 @@
                 })
         })();
 
+        (function () {
+            'use strict'
+            // Fetch all the forms we want to apply custom Bootstrap validation styles to
+            var forms = document.querySelectorAll('#SendMoneyForm')
+
+            // Loop over them and prevent submission
+            Array.prototype.slice.call(forms)
+                .forEach(function (form) {
+                    form.addEventListener('submit', function (event) {
+                        if (!form.checkValidity()) {
+                            event.preventDefault()
+                            event.stopPropagation()
+                        }
+                        else {
+                            event.preventDefault();
+                            SendMoney();
+                        }
+                        form.classList.add('was-validated')
+                    }, false)
+                })
+        })();
+
         function DoCalcualtion() {
             DisableCalculateButton();
             debugger
@@ -213,17 +251,28 @@
             let collectionAmount = parseFloat($('#CollectAmount').val());
             let payoutAmount = parseFloat($('#PayoutAmount').val());
             let promoCode = $('#PromoCode').val();
-            let calcBy = 'c';
+            let calcBy = $('#hdnCalcBy').val();
 
-            if (isNaN($('#CollectAmount').val()))
+            if (calcBy == '') {
+                ShowAlertMessage(1, 'Invalid param calculate by!');
+                EnableCalculateButton();
+                return false;
+            }
+
+            if (calcBy != 'c') {
+                if (calcBy != 'p') {
+                    ShowAlertMessage(1, 'Invalid param calculate by!');
+                    EnableCalculateButton();
+                    return false;
+                }
+            }
+
+            if (isNaN(parseFloat($('#CollectAmount').val())))
                 collectionAmount = 0;
 
-            if (isNaN($('#PayoutAmount').val()))
+            if (isNaN(parseFloat($('#PayoutAmount').val())))
                 payoutAmount = 0;
 
-            if (payoutAmount > 0) {
-                calcBy = 'p';
-            }
             if (collectionAmount < 0) {
                 ShowAlertMessage(1, 'Invalid Collection Amount!');
                 EnableCalculateButton();
@@ -270,10 +319,10 @@
                         }
 
                         if (calcBy == 'c') {
-                            $('#PayoutAmount').val(NumberWithCommas(response.pAmt));
+                            $('#PayoutAmount').val(response.pAmt);
                         }
                         if (calcBy == 'p') {
-                            $('#CollectAmount').val(NumberWithCommas(response.collAmt));
+                            $('#CollectAmount').val(response.collAmt);
                         }
 
                         $('#payoutAmount').text(NumberWithCommas(response.pAmt));

CustomerOnlineV2/CustomerOnlineV2/obj/Debug/net7.0/CustomerOnlineV2.GeneratedMSBuildEditorConfig.editorconfig

@@ -16,6 +16,10 @@ build_property.GenerateRazorMetadataSourceChecksumAttributes = true
 build_property.MSBuildProjectDirectory = D:\C# Projects\UAT\JME_JAPAN\JME_Remit_UAT\Temp\Customer\CustomerPortal\CustomerOnlineV2\CustomerOnlineV2
 build_property._RazorSourceGeneratorDebug = 
 
+[D:/C\# Projects/UAT/JME_JAPAN/JME_Remit_UAT/Temp/Customer/CustomerPortal/CustomerOnlineV2/CustomerOnlineV2/Views/Account/ForceChangePassword.cshtml]
+build_metadata.AdditionalFiles.TargetPath = Vmlld3NcQWNjb3VudFxGb3JjZUNoYW5nZVBhc3N3b3JkLmNzaHRtbA==
+build_metadata.AdditionalFiles.CssScope = 
+
 [D:/C\# Projects/UAT/JME_JAPAN/JME_Remit_UAT/Temp/Customer/CustomerPortal/CustomerOnlineV2/CustomerOnlineV2/Views/Account/Index.cshtml]
 build_metadata.AdditionalFiles.TargetPath = Vmlld3NcQWNjb3VudFxJbmRleC5jc2h0bWw=
 build_metadata.AdditionalFiles.CssScope = 

CustomerOnlineV2/CustomerOnlineV2/obj/Debug/net7.0/CustomerOnlineV2.csproj.CoreCompileInputs.cache

@@ -1 +1 @@
-c4cd3de645e86cbe655423e1ab24014ec86289a6
+3b386b176dba6264a97c30f56e28bff52d79c74c

DB/PROC_DYNAMIC_TABLE.sql

@@ -9,6 +9,9 @@ ALTER PROC PROC_DYNAMIC_TABLE
 	,@selectedValue1 VARCHAR(20) = NULL
 	,@CountryId INT = NULL
 	,@PaymentMethod INT = NULL
+	,@Password VARCHAR(40) = NULL
+	,@ConfirmPassword VARCHAR(40) = NULL
+	,@ipAddress VARCHAR(20) = NULL
 )
 AS;
 SET NOCOUNT ON;
@@ -30,6 +33,35 @@ BEGIN TRY
 				, msg = 'Success'
 		FROM remitTranTemp (NOLOCK)
 	END
+	ELSE IF @Flag = 'ForceChange'
+	BEGIN
+		DECLARE @OldPassword VARCHAR(40) = NULL
+
+		SELECT @OldPassword = DBO.DECRYPTDB(customerPassword)
+		FROM CUSTOMERMASTER (NOLOCK) 
+		WHERE EMAIL = @UserEmail 
+		AND isForcedPwdChange = 1
+
+		IF ISNULL(@OldPassword, '') = ''
+		BEGIN
+			SELECT errorCode = 1, msg = 'Invalid customer!', id = NULL
+			RETURN;
+		END
+
+		IF @OldPassword = @Password
+		BEGIN
+			SELECT errorCode = 1, msg = 'Old password and new password can not be same!', id = NULL
+			RETURN;
+		END
+
+		UPDATE CUSTOMERMASTER 
+			SET isForcedPwdChange = 0
+				, customerPassword = dbo.fnaencryptstring(@Password)
+		WHERE EMAIL = @UserEmail
+
+		SELECT errorCode = 0, msg = 'Password changed successfully!', id = NULL
+		RETURN;
+	END
 	ELSE IF @Flag = 'PayoutMethod'
 	BEGIN
 		DECLARE @PayoutCurrency VARCHAR(5)