IME-LONDON
/
WEB_CORE
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
76 Commits
9 Branches
0 Tags
43 MiB
Tree: 9852a81306
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9852a81306'
${ noResults }
WEB_CORE/Swift.web/Admin/Default.aspx.cs

318 lines
12 KiB
Raw Normal View History

Base project from JME
1 year ago
  1. using Swift.API.Common;
  2. using Swift.API.GoogleAuthenticator;
  3. using Swift.DAL.BL.System.UserManagement;
  4. using Swift.DAL.SwiftDAL;
  5. using Swift.web.Library;
  6. using Swift.web.SwiftSystem.UserManagement.ApplicationUserPool;
  7. using System;
  8. using System.Text;
  9. using System.Web;
  10. using System.Web.Script.Serialization;
  12. namespace Swift.web.Admin
  13. {
  14. public partial class Default : System.Web.UI.Page
  15. {
  16. private ApplicationUserDao user = new ApplicationUserDao();
  17. protected GoogleAuthenticatorAPI _auth = new GoogleAuthenticatorAPI();
  18. private string ipAddress = "";
  19. private string Username = "";
  20. private string pwd = "";
  21. private string Usercode = "";
  22. protected string use2FA = "Y";
  23. private UserPool userPool = UserPool.GetInstance();
  25. protected void Page_Load(object sender, EventArgs e)
  26. {
  27. ipAddress = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
  28. if (string.IsNullOrEmpty(ipAddress))
  29. {
  30. ipAddress = Request.ServerVariables["REMOTE_ADDR"];//"203.223.132.106";//
  31. }
  32. if (!IsPostBack)
  33. {
  34. if (GetStatic.ReadWebConfig("UseGoogle2FAuthAdmin", "") != "Y")
  35. {
  36. use2FA = "N";
  37. DisableGoogle2FAuth();
  38. }
  39. else
  40. {
  41. EnableGoogle2FAuth();
  42. }
  44. string methodname = Request.Form["methodName"];
  45. switch (methodname)
  46. {
  47. case "GetLogin":
  48. GetLogin();
  49. break;
  50. }
  51. }
  52. //userName.Attributes.Add("onkeypress", "ClearMessage()");
  53. //pwd.Attributes.Add("onkeypress", "isCapslock((event?event:evt))");
  54. //userCode.Attributes.Add("onkeypress", "ClearMessage()");
  55. }
  57. private void EnableGoogle2FAuth()
  58. {
  59. Google2FAuthDiv.Visible = true;
  60. verificationCode.Enabled = true;
  62. Google2FAuthDivCode.Visible = false;
  63. txtCompcode.Enabled = false;
  64. }
  66. private void DisableGoogle2FAuth()
  67. {
  68. Google2FAuthDiv.Visible = false;
  69. verificationCode.Enabled = false;
  71. Google2FAuthDivCode.Visible = true;
  72. txtCompcode.Enabled = true;
  73. }
  75. private void GetLogin()
  76. {
  77. Username = Request.Form["username"];
  78. pwd = Request.Form["password"];
  79. Usercode = Request.Form["companycode"];
  80. Authenticate();
  81. }
  83. private void EnableLogin()
  84. {
  85. btnLogin.Enabled = true;
  86. }
  88. private void DisableLogin()
  89. {
  90. btnLogin.Enabled = false;
  91. }
  93. private void Authenticate()
  94. {
  95. var dbResult = new DbResult();
  96. DisableLogin();
  97. //if (!GetStatic.IsNumeric(Usercode))
  98. //{
  99. // dbResult.ErrorCode = "1";
  100. // dbResult.Msg = "Login fails, Incorrect user name or password or user code !";
  101. // // jsonSerialize(dbResult);
  102. // errMsg.InnerText = dbResult.Msg;
  103. // errMsg.Visible = true;
  104. // EnableLogin();
  105. // return;
  106. //}
  108. var dr = user.DoLogin(Username, pwd, Usercode, ipAddress, GetUserInfo(), GetStatic.GetLocation(ipAddress), verificationCode.Text, GetStatic.ReadWebConfig("UseGoogle2FAuthAdmin", ""));
  109. if (null == dr)
  110. {
  111. var msg = "wrong credentials.";
  112. // GetStatic.CallBackJs1(this, "", "ShowErrorMsg('" + msg + "');");
  113. errMsg.InnerText = msg;
  114. errMsg.Visible = true;
  115. EnableLogin();
  116. return;
  117. }
  119. if (dr.ErrorCode != "0")
  120. {
  121. //jsonSerialize(dr);
  122. // GetStatic.CallBackJs1(this, "", "ShowErrorMsg('" + dr.Msg + "');");
  123. errMsg.InnerText = dr.Msg;
  124. errMsg.Visible = true;
  125. EnableLogin();
  126. return;
  127. }
  129. if (GetStatic.ReadWebConfig("UseGoogle2FAuthAdmin", "") == "Y")
  130. {
  131. if (string.IsNullOrEmpty(dr.UserUniqueKey))
  132. {
  133. errMsg.InnerText = "Please contact JME Head office to get QR code for accessing JME Remit system!";
  134. errMsg.Visible = true;
  135. EnableLogin();
  136. return;
  137. }
  139. var _dbRes = _auth.Verify2FA(verificationCode.Text, dr.UserUniqueKey);
  140. user.Log2FAuth(dr.logId, _dbRes.ErrorCode == "0" ? "1" : "0");
  142. if (_dbRes.ErrorCode != "0")
  143. {
  144. errMsg.InnerText = _dbRes.Msg;
  145. errMsg.Visible = true;
  146. EnableLogin();
  147. return;
  148. }
  149. }
  151. if (dr.UserAccessLevel.ToUpper() == "S")
  152. {
  153. var cookieKey = Username + "_userSessionId";
  154. var lastUserSessionId = GetStatic.ReadCookie(cookieKey, "");
  155. if (userPool.IsUserExists(Username))
  156. {
  157. if (!userPool.IsUserExists(Username, lastUserSessionId))
  158. {
  159. Session.Add("usr", Username);
  160. var url = GetStatic.GetUrlRoot() + "/LoginSession.aspx";
  161. Response.Redirect(url);
  162. return;
  163. }
  164. else
  165. {
  166. userPool.RemoveUser(Username);
  167. }
  168. }
  169. }
  171. var db = ManageUserSession(dr);
  173. if (db.ErrorCode != "0")
  174. {
  175. //jsonSerialize(dr);
  176. // GetStatic.CallBackJs1(this, "", "ShowErrorMsg('" + dr.Msg + "');");
  177. errMsg.InnerText = db.Msg;
  178. errMsg.Visible = true;
  179. EnableLogin();
  180. return;
  181. }
  182. //jsonSerialize(dr);
  183. //return;
  185. if (dr.isForcePwdChanged.ToUpper() == "Y")
  186. {
  187. Response.Redirect("../SwiftSystem/UserManagement/ApplicationUserSetup/ChangePassword.aspx");
  188. }
  189. else
  190. {
  192. //Get2FAuthentication();
  193. //Response.Redirect("/Admin/Dashboard.aspx");
  194. Response.Redirect("/DashboardV2/Dashboard.aspx");
  195. }
  197. EnableLogin();
  198. // Response.Redirect("Popup.aspx");
  199. }
  201. private void Get2FAuthentication()
  202. {
  203. GoogleAuthenticatorModel _model = new GoogleAuthenticatorModel();
  204. login.Visible = false;
  205. //authenticate.Visible = true;
  206. _model = _auth.GenerateCodeAndImageURL(Username);
  208. //imgVerifyQRCode.ImageUrl = _model.BarCodeImageUrl;
  209. }
  211. private DbResult ManageUserSession(UserDetails ud)
  212. {
  213. Session.Clear();
  214. var res = SetUserPool(ud);
  215. if (res.ErrorCode != "0")
  216. return res;
  218. GetStatic.WriteSession("admin", Username);
  219. GetStatic.WriteSession("fullname", ud.FullName);
  220. GetStatic.WriteSession("branchId", ud.Branch);
  221. GetStatic.WriteSession("branchName", ud.BranchName);
  222. GetStatic.WriteSession("address", ud.Address);
  223. GetStatic.WriteSession("userType", ud.UserType);
  224. GetStatic.WriteCookie("loginType", "ADMIN");
  225. Session[Username + "Menu"] = new StringBuilder();
  226. Session.Timeout = Convert.ToInt16(ud.sessionTimeOut);
  227. var cookieKey = Username + "_userSessionId";
  228. GetStatic.WriteCookie(cookieKey, GetStatic.GetSessionId());
  229. return res;
  230. }
  232. private DbResult SetUserPool(UserDetails ud)
  233. {
  234. HttpBrowserCapabilities browser = Request.Browser;
  235. var usr = new LoggedInUser();
  237. usr.UserId = GetStatic.ParseInt(ud.UserId);
  238. usr.UserName = Username;
  239. usr.UserFullName = ud.FullName;
  240. usr.LoginTime = DateTime.Now;
  241. usr.UserAccessLevel = ud.UserAccessLevel;
  242. usr.UserAgentName = ud.BranchName;
  243. usr.LastLoginTime = Convert.ToDateTime(ud.LastLoginTs);
  244. usr.LoggedInCountry = ud.LoggedInCountry;
  245. usr.LoginAddress = ud.LoginAddress;
  246. usr.LastLoginTime = Convert.ToDateTime(ud.LastLoginTs);
  248. usr.Browser = browser.Browser + "/" + browser.Type;
  249. usr.IPAddress = ipAddress;
  250. usr.SessionID = GetStatic.GetSessionId();
  251. usr.LastActiveTime = usr.LoginTime;
  252. return userPool.AddUser(usr);
  253. }
  255. private string GetUserInfo()
  256. {
  257. HttpBrowserCapabilities browser = Request.Browser;
  259. string str = " Browser Capabilities = Values -:::-"
  260. + "Type = " + browser.Type + "-:::-" //-:::-
  261. + "Name = " + browser.Browser + "-:::-"
  262. + "Version = " + browser.Version + "-:::-"
  263. + "Major Version = " + browser.MajorVersion + "-:::-"
  264. + "Minor Version = " + browser.MinorVersion + "-:::-"
  265. + "Platform = " + browser.Platform + "-:::-"
  266. + "Is Beta = " + browser.Beta + "-:::-"
  267. + "Is Crawler = " + browser.Crawler + "-:::-"
  268. + "Is AOL = " + browser.AOL + "-:::-"
  269. + "Is Win16 = " + browser.Win16 + "-:::-"
  270. + "Is Win32 = " + browser.Win32 + "-:::-"
  271. + "Supports Frames = " + browser.Frames + "-:::-"
  272. + "Supports Tables = " + browser.Tables + "-:::-"
  273. + "Supports Cookies = " + browser.Cookies + "-:::-"
  274. + "Supports VBScript = " + browser.VBScript + "-:::-"
  275. + "Supports JavaScript = " + browser.EcmaScriptVersion.ToString() + "-:::-"
  276. + "Supports Java Applets = " + browser.JavaApplets + "-:::-"
  277. + "Supports ActiveX Controls = " + browser.ActiveXControls + "-:::-"
  278. + "Supports JavaScript Version = " + browser["JavaScriptVersion"] + "-:::-"
  279. + "CDF = " + browser.CDF + "-:::-"
  280. + "IP Adress = " + ipAddress + "-:::-"
  281. //+ "Certificate ID No = " + dcIdNo + "-:::-"
  282. //+ "Certificate User Name = " + dcUserName + "-:::-"
  283. + "User Agent = " + Request.ServerVariables["HTTP_USER_AGENT"] + "-:::-"
  284. + "Refrerer = " + Request.ServerVariables["HTTP_REFERER"] + "-:::-"
  285. + "Http Accept = " + Request.ServerVariables["HTTP_ACCEPT"] + "-:::-"
  286. + "Language = " + Request.ServerVariables["HTTP_ACCEPT_LANGUAGE"];
  288. return str;
  289. }
  291. public void jsonSerialize<T>(T obk)
  292. {
  293. JavaScriptSerializer jsonData = new JavaScriptSerializer();
  294. string jsonString = jsonData.Serialize(obk);
  295. Response.ContentType = "application/json";
  296. Response.Write(jsonString);
  297. Response.End();
  298. }
  300. private void GetServerCredentials()
  301. {
  302. Username = txtUsername.Text;
  303. pwd = txtPwd.Text;
  304. Usercode = txtCompcode.Text;
  305. Authenticate();
  306. }
  308. protected void btnLogin_Click(object sender, EventArgs e)
  309. {
  310. DisableLogin();
  311. GetServerCredentials();
  312. }
  314. //protected void bntSubmit_Click(object sender, EventArgs e)
  315. //{
  316. // //Authenticate();
  317. //}
  318. }
  319. }