diff --git a/150-DOCUMENTATION/002-DBScripts/DeleteIncorretLoginAttempts.sql b/150-DOCUMENTATION/002-DBScripts/DeleteIncorretLoginAttempts.sql new file mode 100644 index 0000000..d861020 --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/DeleteIncorretLoginAttempts.sql @@ -0,0 +1,33 @@ +-- ================================================ +-- Template generated from Template Explorer using: +-- Create Procedure (New Menu).SQL +-- +-- Use the Specify Values for Template Parameters +-- command (Ctrl-Shift-M) to fill in the parameter +-- values below. +-- +-- This block of comments will not be included in +-- the definition of the procedure. +-- ================================================ +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +-- ============================================= +-- Author: +-- Create date: <7/27/2017> +-- Description: +-- ============================================= +CREATE PROCEDURE DeleteIncorrectLoginAttempts + -- Add the parameters for the stored procedure here + @iUserId INT +AS +BEGIN + -- SET NOCOUNT ON added to prevent extra result sets from + -- interfering with SELECT statements. + SET NOCOUNT OFF; + + -- Insert statements for procedure here + DELETE from IncorrectLoginAttempts where UserId =@iUserId +END +GO \ No newline at end of file diff --git a/150-DOCUMENTATION/002-DBScripts/GetAllLoginFailureCauses.sql b/150-DOCUMENTATION/002-DBScripts/GetAllLoginFailureCauses.sql new file mode 100644 index 0000000..6e9f89b --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/GetAllLoginFailureCauses.sql @@ -0,0 +1,33 @@ +-- ================================================ +-- Template generated from Template Explorer using: +-- Create Procedure (New Menu).SQL +-- +-- Use the Specify Values for Template Parameters +-- command (Ctrl-Shift-M) to fill in the parameter +-- values below. +-- +-- This block of comments will not be included in +-- the definition of the procedure. +-- ================================================ +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +-- ============================================= +-- Author: +-- Create date: <07/31/2017> +-- Description: +-- ============================================= +CREATE PROCEDURE GetAllLoginFailureCauses + -- Add the parameters for the stored procedure here + +AS +BEGIN + -- SET NOCOUNT ON added to prevent extra result sets from + -- interfering with SELECT statements. + SET NOCOUNT ON; + + -- Insert statements for procedure here + SELECT lfc.Id, lfc.Description FROM LoginFailureCause lfc +END +GO diff --git a/150-DOCUMENTATION/002-DBScripts/GetBlockedUserByUserType.sql b/150-DOCUMENTATION/002-DBScripts/GetBlockedUserByUserType.sql new file mode 100644 index 0000000..2edcf97 --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/GetBlockedUserByUserType.sql @@ -0,0 +1,51 @@ +-- ================================================ +-- Template generated from Template Explorer using: +-- Create Procedure (New Menu).SQL +-- +-- Use the Specify Values for Template Parameters +-- command (Ctrl-Shift-M) to fill in the parameter +-- values below. +-- +-- This block of comments will not be included in +-- the definition of the procedure. +-- ================================================ +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +-- ============================================= +-- Author: +-- Create date: <2/8/2017> +-- Description: +-- ============================================= +CREATE PROCEDURE GetBlockedUserByUserType + -- Add the parameters for the stored procedure here + @iUserTypeId tinyint +AS +BEGIN + -- returns the metadata + IF 1=0 BEGIN + SET FMTONLY OFF + END + SELECT DISTINCT + AIAUser.Id, + AIAUser.FirstName, + AIAUser.LastName, + AIAUser.LoginId, + AIAUser.Password, + AIAUser.EmailId, + ISNULL(License.AccountNumber,'') AccountNumber, + IncorrectLoginAttempts.LoginTime + FROM + IncorrectLoginAttempts + INNER JOIN AIAUser ON IncorrectLoginAttempts.UserId = AIAUser.Id + INNER JOIN UserType ON AIAUser.UserTypeId = UserType.Id + LEFT JOIN AIAUserToLicenseEdition ON AIAUser.Id = AIAUserToLicenseEdition.UserId + LEFT JOIN LicenseToEdition ON AIAUserToLicenseEdition.LicenseEditionId = LicenseToEdition.Id + LEFT JOIN License ON LicenseToEdition.LicenseId = License.Id + WHERE + IncorrectLoginAttempts.CntIncorrectLogins >= 5 + AND UserType.Priority >= (SELECT UserType.Priority FROM UserType WHERE UserType.Id=@iUserTypeId) + --AND ((@iLicenseId =0) OR (License.Id = @iLicenseId)) + --AND License.IsActive = 1 +END \ No newline at end of file diff --git a/150-DOCUMENTATION/002-DBScripts/GetLicenseIdEditionIdByUserId.sql b/150-DOCUMENTATION/002-DBScripts/GetLicenseIdEditionIdByUserId.sql new file mode 100644 index 0000000..7d89f91 --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/GetLicenseIdEditionIdByUserId.sql @@ -0,0 +1,35 @@ +-- ================================================ +-- Template generated from Template Explorer using: +-- Create Procedure (New Menu).SQL +-- +-- Use the Specify Values for Template Parameters +-- command (Ctrl-Shift-M) to fill in the parameter +-- values below. +-- +-- This block of comments will not be included in +-- the definition of the procedure. +-- ================================================ +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +-- ============================================= +-- Author: +-- Create date: <07/31/2017> +-- Description: +-- ============================================= +CREATE PROCEDURE GetLicenseIdEditionIdByUserId + -- Add the parameters for the stored procedure here + @iUserId int +AS +BEGIN + -- SET NOCOUNT ON added to prevent extra result sets from + -- interfering with SELECT statements. + SET NOCOUNT ON; + + -- Insert statements for procedure here + SELECT LicenseId, EditionId FROM LicenseToEdition + INNER JOIN AIAUserToLicenseEdition on AIAUserToLicenseEdition.LicenseEditionId = LicenseToEdition.Id + WHERE AIAUserToLicenseEdition.UserId = @iUserId +END +GO diff --git a/150-DOCUMENTATION/002-DBScripts/GetUserDetailsByLoginId.sql b/150-DOCUMENTATION/002-DBScripts/GetUserDetailsByLoginId.sql new file mode 100644 index 0000000..c3854a9 --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/GetUserDetailsByLoginId.sql @@ -0,0 +1,19 @@ +-- ============================================= +-- Author: +-- Create date: <07/18/2017> +-- Description: +-- ============================================= +CREATE PROCEDURE GetUserDetailsByLoginId + -- Add the parameters for the stored procedure here + @sLoginId VARCHAR(50) +AS +BEGIN + -- SET NOCOUNT ON added to prevent extra result sets from + -- interfering with SELECT statements. + SET NOCOUNT OFF; + + -- Insert statements for procedure here + SELECT CreationDate, CreatorId, DeactivationDate, EmailId, FirstName, Id, IsActive, LastName, LoginId, ModifiedDate, ModifierId, Password, SecurityAnswer, SecurityQuestionId, UserTypeId FROM AIAUser WHERE (LoginId = @sLoginId) + +END + \ No newline at end of file diff --git a/150-DOCUMENTATION/002-DBScripts/InsertIncorrectLoginAttempts.sql b/150-DOCUMENTATION/002-DBScripts/InsertIncorrectLoginAttempts.sql new file mode 100644 index 0000000..6105105 --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/InsertIncorrectLoginAttempts.sql @@ -0,0 +1,33 @@ +-- ================================================ +-- Template generated from Template Explorer using: +-- Create Procedure (New Menu).SQL +-- +-- Use the Specify Values for Template Parameters +-- command (Ctrl-Shift-M) to fill in the parameter +-- values below. +-- +-- This block of comments will not be included in +-- the definition of the procedure. +-- ================================================ +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +-- ============================================= +-- Author: +-- Create date: <7/27/2017> +-- Description: +-- ============================================= +CREATE PROCEDURE InsertIncorrectLoginAttempts + -- Add the parameters for the stored procedure here + @iUserId INT +AS +BEGIN + -- SET NOCOUNT ON added to prevent extra result sets from + -- interfering with SELECT statements. + SET NOCOUNT ON; + + -- Insert statements for procedure here + INSERT into IncorrectLoginAttempts ([UserId] , LoginTime , CntIncorrectLogins) values (@iUserId, getdate(), 1) +END +GO diff --git a/150-DOCUMENTATION/002-DBScripts/InsertLoginDetail.sql b/150-DOCUMENTATION/002-DBScripts/InsertLoginDetail.sql new file mode 100644 index 0000000..461b934 --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/InsertLoginDetail.sql @@ -0,0 +1,33 @@ +-- ================================================ +-- Template generated from Template Explorer using: +-- Create Procedure (New Menu).SQL +-- +-- Use the Specify Values for Template Parameters +-- command (Ctrl-Shift-M) to fill in the parameter +-- values below. +-- +-- This block of comments will not be included in +-- the definition of the procedure. +-- ================================================ +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +-- ============================================= +-- Author: +-- Create date: +-- Description: +-- ============================================= +CREATE PROCEDURE InsertLoginDetail + -- Add the parameters for the stored procedure here + @iUserId INT +AS +BEGIN + -- SET NOCOUNT ON added to prevent extra result sets from + -- interfering with SELECT statements. + SET NOCOUNT ON; + + -- Insert statements for procedure here + INSERT INTO LoginDetail (UserId, LoginTime) VALUES (@iUserId, GETDATE()) +END +GO diff --git a/150-DOCUMENTATION/002-DBScripts/UpdateIncorrectLoginAttempts.sql b/150-DOCUMENTATION/002-DBScripts/UpdateIncorrectLoginAttempts.sql new file mode 100644 index 0000000..dbc36e4 --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/UpdateIncorrectLoginAttempts.sql @@ -0,0 +1,33 @@ +-- ================================================ +-- Template generated from Template Explorer using: +-- Create Procedure (New Menu).SQL +-- +-- Use the Specify Values for Template Parameters +-- command (Ctrl-Shift-M) to fill in the parameter +-- values below. +-- +-- This block of comments will not be included in +-- the definition of the procedure. +-- ================================================ +SET ANSI_NULLS ON +GO +SET QUOTED_IDENTIFIER ON +GO +-- ============================================= +-- Author: +-- Create date: +-- Description: +-- ============================================= +CREATE PROCEDURE UpdateIncorrectLoginAttempts + -- Add the parameters for the stored procedure here + @iUserId INT +AS +BEGIN + -- SET NOCOUNT ON added to prevent extra result sets from + -- interfering with SELECT statements. + SET NOCOUNT OFF; + + -- Insert statements for procedure here + UPDATE IncorrectLoginAttempts set LoginTime = getdate(), CntIncorrectLogins = CntIncorrectLogins+1 where UserId = @iUserId +END +GO diff --git a/150-DOCUMENTATION/002-DBScripts/UpdateLicenseTermAcceptedStatus.sql b/150-DOCUMENTATION/002-DBScripts/UpdateLicenseTermAcceptedStatus.sql new file mode 100644 index 0000000..9f12401 --- /dev/null +++ b/150-DOCUMENTATION/002-DBScripts/UpdateLicenseTermAcceptedStatus.sql @@ -0,0 +1,17 @@ +-- ============================================= +-- Author: +-- Create date: <07/21/2017> +-- Description: +-- ============================================= +CREATE PROCEDURE UpdateLicenseTermAcceptedStatus + -- Add the parameters for the stored procedure here + @sAccountNumber char(16) +AS +BEGIN + -- SET NOCOUNT ON added to prevent extra result sets from + -- interfering with SELECT statements. + SET NOCOUNT OFF; + + -- Insert statements for procedure here + UPDATE License SET IsTermsAccepted =1 WHERE AccountNumber = @sAccountNumber +END \ No newline at end of file diff --git a/400-SOURCECODE/AIAHTML5.API/AIAHTML5.API.csproj b/400-SOURCECODE/AIAHTML5.API/AIAHTML5.API.csproj index 5f014a3..7291cd2 100644 --- a/400-SOURCECODE/AIAHTML5.API/AIAHTML5.API.csproj +++ b/400-SOURCECODE/AIAHTML5.API/AIAHTML5.API.csproj @@ -100,6 +100,7 @@ + Designer @@ -107,12 +108,14 @@ + + Global.asax diff --git a/400-SOURCECODE/AIAHTML5.API/Constants/AIAConstants.cs b/400-SOURCECODE/AIAHTML5.API/Constants/AIAConstants.cs index 93891e5..7ff5537 100644 --- a/400-SOURCECODE/AIAHTML5.API/Constants/AIAConstants.cs +++ b/400-SOURCECODE/AIAHTML5.API/Constants/AIAConstants.cs @@ -16,6 +16,7 @@ namespace AIAHTML5.API.Constants public const string KEY_TITLE = "title"; public const string KEY_NAME = "name"; public const string KEY_SLUG = "slug"; + public const string KEY_DESCRIPTION = "Description"; public const string PASSWORD_UPDATE_SUCCESS = "Password updated successfully"; public const string PASSWORD_UPDATE_FAILED = "Password update failed"; @@ -26,5 +27,12 @@ namespace AIAHTML5.API.Constants public const string LICENSE_TERM_CONDITION_UPDATE_FAILED = "License Term Accepted field update failed."; public const string KEY_CONTENT = "content"; + + public const string LICENSE_KEY_ID = "LicenseId"; + public const string EDITION_KEY_ID = "EditionId"; + + public const string USER_UNBLOCK_SUCCESS = "User unblocked"; + public const string USER_UNBLOCK_FAILED = "Unblock operation failed"; + public const string USER_ALREADY_UNBLOCKED = "User already unblocked."; } } \ No newline at end of file diff --git a/400-SOURCECODE/AIAHTML5.API/Constants/ErrorHelper.cs b/400-SOURCECODE/AIAHTML5.API/Constants/ErrorHelper.cs new file mode 100644 index 0000000..ef97db0 --- /dev/null +++ b/400-SOURCECODE/AIAHTML5.API/Constants/ErrorHelper.cs @@ -0,0 +1,137 @@ +using System; +using System.Collections.Generic; +using System.Collections; +using System.Linq; +using System.Web; + +namespace AIAHTML5.API.Constants +{ + /// + /// This class is used to provide error description. This class contain + /// different type of error code and its description. + /// + public class ErrorHelper + { + private static ErrorHelper _instance; + private Hashtable objHash = new Hashtable(); + + + /* error Id Const */ + public const Int16 E_NO_ERROR = 0; + public const Int16 E_USER_NOT_EXIST = 1; + public const Int16 E_PASSWORD_NOT_MATCH = 2; + public const Int16 E_USER_ID_BLOCKED_24_HRS = 3; + public const Int16 E_USER_NOT_ACTIVE = 4; + public const Int16 E_USER_ID_WILL_BLOCKED = 5; + public const Int16 E_EMAIL_ID_NOT_EXIT = 6; + public const Int16 E_LICENCE_IS_INACTIVE = 7; + public const Int16 E_USER_NOT_MAP_TO_LICENCE_EDITION = 8; + public const Int16 E_NO_ROW_FOUND_LICENCE_TO_EDITION_TABLE = 9; + public const Int16 E_NO_ROW_FOUND_LICENCE_TABLE = 10; + public const Int16 E_SECURITY_QUEST_NOT_MATCH = 11; + public const Int16 E_SEQURITY_ANSWER_NOT_MATCH = 12; + public const Int16 E_FORGOT_USER_ID_EMAIL_ID_NOT_EXIT = 13; + public const Int16 E_TOTAL_NUMBER_LOGIN_EXCEED = 14; + public const Int16 E_FORGOT_PASSWORD_EMAIL_ID_NOT_EXIST = 15; + public const Int16 E_TEST_SETUP_ACCOUNT_USER_NAME_EXIST = 16; + public const Int16 E_TEST_SETUP_ACCOUNT_EMAILID_EXIST = 17; + public const Int16 E_SP_ERROR = 18; + public const Int16 E_ACCOUNT_NUMBER_NOT_EXIST = 19; + public const Int16 E_ACCOUNT_NUMBER_ALREADY_EXIST = 20; + public const Int16 E_TEST_ACCOUNT_CREATED_MAIL_COULD_NOT_SENT = 21; + public const Int16 E_MAIL_COULD_NOT_SENT = 22; + public const Int16 E_RESELLER_ACCOUNT_CREATED_MAIL_COULD_NOT_SENT = 23; + public const Int16 E_LICENSE_TERM_CONDITION = 24; + public const Int16 E_EDITION_NOT_LINKED_WITH_SITE = 25; + public const Int16 E_LOGIN_SESSION_EXPIRE = 26; + public const Int16 E_DISCOUNT_CODE_NOT_EXIST = 27; + public const Int16 E_DISCOUNT_CODE_ALREADY_EXIST = 28; + + public const Int16 E_SITE_IP_NOT_NULL = 29; + public const Int16 E_EDITION_ID_NOT_NULL = 30; + public const Int16 E_MASTER_SITEIP_NOT_EXIST = 31; + public const Int16 EDITION_ID_NOT_EXIST = 32; + public const Int16 E_ERROR_LOG = 33; + public const Int16 E_MASTER_SITE_ALREADY_EXIST = 34; + public const Int16 E_ACCOUNT_NUMBER_NOT_NULL = 35; + public const Int16 E_SITE_IP_ALREADY_EXIST = 36; + + + public const Int16 E_LICENCE_IS_EXPIRED = 37; + public const Int16 E_SINGLEACCOUNT_IS_BEING_USED = 38; + + + public const Int16 E_DATA_BASE_CONNECTION = 4060; + + + //login failure error constant + public const int ACCOUNT_NUMBER_NOT_NULL = 4; + public const int EDITION_ID_NOT_NULL = 5; + public const int ACCOUNT_NUMBER_NOT_EXIST = 1; + public const int EDITION_NOT_EXIST = 3; + public const int MASTER_SITEIP_NOT_EXIST = 2; + public const int LICENSE_INACTIVE = 6; + + + /// + /// constructor + /// + private ErrorHelper() + { + objHash.Add(E_NO_ERROR, "No Error."); + objHash.Add(E_USER_NOT_EXIST, "Invalid User ID."); + objHash.Add(E_PASSWORD_NOT_MATCH, "Invalid Password. User ID and password will be disabled if your password is entered incorrectly for five consecutive attempts. If you have forgotten your password, please click on the forgot password link. "); + objHash.Add(E_USER_ID_BLOCKED_24_HRS, "User Id is blocked."); + objHash.Add(E_USER_NOT_ACTIVE, "User Id is Inactive."); + objHash.Add(E_USER_ID_WILL_BLOCKED, "Invalid Password. Your login will be blocked for a day if you enter wrong password one more time. Click on forgot password link if you have forgotten your password. "); + objHash.Add(E_EMAIL_ID_NOT_EXIT, "Invalid e-mail ID. If you do not know your correct e-mail ID please contact A.D.A.M. technical support at techsupport@adamcorp.com or your institution's site administrator. "); + objHash.Add(E_LICENCE_IS_INACTIVE, "Your Licence Is inactive."); + objHash.Add(E_USER_NOT_MAP_TO_LICENCE_EDITION, "User is not mapped with licence edition."); + objHash.Add(E_NO_ROW_FOUND_LICENCE_TO_EDITION_TABLE, "No row found in Licence to edition table."); + objHash.Add(E_NO_ROW_FOUND_LICENCE_TABLE, "No row found in Licence table."); + objHash.Add(E_SECURITY_QUEST_NOT_MATCH, "Your security question is incorrect. "); + objHash.Add(E_SEQURITY_ANSWER_NOT_MATCH, "Your answer is incorrect. "); + objHash.Add(E_FORGOT_USER_ID_EMAIL_ID_NOT_EXIT, "Invalid e-mail ID. If you do not know your correct e-mail ID please contact A.D.A.M. technical support at {0} or your institution's site administrator. "); + //objHash.Add(E_TOTAL_NUMBER_LOGIN_EXCEED, "User ID and password has been accessed by another user. Your session is currently timed out."); + objHash.Add(E_TOTAL_NUMBER_LOGIN_EXCEED, "Currently all licenses are in use. Any account that improperly logged out should automatically reset within 5 minutes."); + objHash.Add(E_FORGOT_PASSWORD_EMAIL_ID_NOT_EXIST, "Invalid e-mail ID. Please be sure to enter the e-mail ID used when you registered your license. "); + objHash.Add(E_TEST_SETUP_ACCOUNT_USER_NAME_EXIST, "User Name already exist in system."); + objHash.Add(E_TEST_SETUP_ACCOUNT_EMAILID_EXIST, "Email Id already exist system."); + objHash.Add(E_SP_ERROR, "Error occured in store procedure."); + objHash.Add(E_ACCOUNT_NUMBER_NOT_EXIST, "Account Number does not exist in the system. "); + objHash.Add(E_ACCOUNT_NUMBER_ALREADY_EXIST, "Account Number already exist in the system."); + objHash.Add(E_TEST_ACCOUNT_CREATED_MAIL_COULD_NOT_SENT, "Test account has been created. Account number is: {0}. Mail could not be sent due to some mail server error. "); + objHash.Add(E_MAIL_COULD_NOT_SENT, "Mail could not sent due to some mail server error."); + objHash.Add(E_RESELLER_ACCOUNT_CREATED_MAIL_COULD_NOT_SENT, "Licenses Have been created. Mail could not be sent due to some mail server error. "); + objHash.Add(E_LICENSE_TERM_CONDITION, "Your license is not enabled yet. Please contact your administrator to accept the term & condition."); + objHash.Add(E_EDITION_NOT_LINKED_WITH_SITE, "Your credentials are invalid. Please contact the site administrator of your institution or contact A.D.A.M. technical support at techsupport@adamcorp.com. "); + objHash.Add(E_LOGIN_SESSION_EXPIRE, "Your session has expired. Please log in."); + objHash.Add(E_DISCOUNT_CODE_NOT_EXIST, "Discount code not exist in the system."); + objHash.Add(E_DISCOUNT_CODE_ALREADY_EXIST, "Discount code already exist in the system."); + objHash.Add(E_SITE_IP_NOT_NULL, "SiteIP cannot be null."); + objHash.Add(E_DATA_BASE_CONNECTION, "Could not connect to Database."); + objHash.Add(E_EDITION_ID_NOT_NULL, "Edition Id cannot be zero."); + objHash.Add(E_MASTER_SITEIP_NOT_EXIST, "Master Site IP does not exist in the system."); + objHash.Add(EDITION_ID_NOT_EXIST, "Edition ID does not exist in the system."); + objHash.Add(E_ERROR_LOG, "Problem in database."); + objHash.Add(E_MASTER_SITE_ALREADY_EXIST, "Account already created from this URL."); + objHash.Add(E_ACCOUNT_NUMBER_NOT_NULL, "Account number cannot be null."); + objHash.Add(E_SITE_IP_ALREADY_EXIST, "Site IP already exist."); + objHash.Add(E_LICENCE_IS_EXPIRED, "Your licence is expired since {licenseExpirationDate}."); + objHash.Add(E_SINGLEACCOUNT_IS_BEING_USED, "This account is currently locked due to improper logout or another active browser session. The account should automatically reset within 5 minutes."); + } + /// + /// This method checks if instance of ErrorHelper class is exist then it returns + /// the exist instance else it creates the ErrorHelper class instance and return it. + /// + /// ErrorHelper instance + public static ErrorHelper GetInstance() + { + if (_instance == null) + { + _instance = new ErrorHelper(); + } + return _instance; + } + } +} \ No newline at end of file diff --git a/400-SOURCECODE/AIAHTML5.API/Controllers/ForgotUserController.cs b/400-SOURCECODE/AIAHTML5.API/Controllers/ForgotUserController.cs index 17bac89..8847dd5 100644 --- a/400-SOURCECODE/AIAHTML5.API/Controllers/ForgotUserController.cs +++ b/400-SOURCECODE/AIAHTML5.API/Controllers/ForgotUserController.cs @@ -75,7 +75,7 @@ namespace AIAHTML5.API.Controllers ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); logger.Debug("inside POST in ForgotUserController for emailId = " + userInfo["emailId"]); - User userData = AIAHTML5.API.Models.Users.GetUserByEmail(userInfo); + dynamic userData = AIAHTML5.API.Models.Users.GetUserByEmail(userInfo); if (Convert.ToString(userData) != AIAConstants.USER_NOT_FOUND && Convert.ToString(userData) != AIAConstants.ERROR_IN_FECTHING_DETAILS) { //logger.Debug("inside if in ForgotUserController userData.loginId= " + userData.LoginId); @@ -85,9 +85,17 @@ namespace AIAHTML5.API.Controllers if (Convert.ToBoolean(userInfo["havePassword"])) { - logger.Debug("2. havePassword= " + Convert.ToBoolean(userInfo["havePassword"])); + if (Convert.ToBoolean(userInfo["unblockUser"])) + { + logger.Debug("2. unblockUser= " + Convert.ToBoolean(userInfo["unblockUser"])); + isMailSent = AIAHTML5.API.Models.UserUtility.SendEmail(userData, Convert.ToBoolean(userInfo["havePassword"]), Convert.ToBoolean(userInfo["unblockUser"])); + } + else + { + logger.Debug("2. havePassword= " + Convert.ToBoolean(userInfo["havePassword"])); + isMailSent = AIAHTML5.API.Models.UserUtility.SendEmail(userData, Convert.ToBoolean(userInfo["havePassword"])); + } - isMailSent = AIAHTML5.API.Models.UserUtility.SendEmail(userData, Convert.ToBoolean(userInfo["havePassword"])); } else { diff --git a/400-SOURCECODE/AIAHTML5.API/Controllers/UnblockUserController.cs b/400-SOURCECODE/AIAHTML5.API/Controllers/UnblockUserController.cs new file mode 100644 index 0000000..408b184 --- /dev/null +++ b/400-SOURCECODE/AIAHTML5.API/Controllers/UnblockUserController.cs @@ -0,0 +1,68 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Net.Http; +using System.Web.Http; +using AIAHTML5.API.Constants; +using AIAHTML5.API.Models; +using AIAHTML5.API.Utility; +using log4net; + +namespace AIAHTML5.API.Controllers +{ + public class UnblockUserController : ApiController + { + // GET api/unblockuser + public IEnumerable Get() + { + return new string[] { "value1", "value2" }; + } + + // GET api/unblockuser/5 + public string Get(int id) + { + return "value"; + } + + // POST api/unblockuser + public HttpResponseMessage Post([FromBody]string emailId) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug("inside POST in UnblockUserController for emailId = " + emailId); + + HttpResponseMessage response = null; + + dynamic user = AIAHTML5.API.Models.DBModel.GetUserDetailsByEmailId(emailId); + if (Convert.ToString(user) != AIAConstants.USER_NOT_FOUND && Convert.ToString(user) != AIAConstants.ERROR_IN_FECTHING_DETAILS) + { + int result = 0; + + logger.Debug("1. inside if in UnblockUserController userDetails= " + user.ToString()); + + result = AIAHTML5.API.Models.DBModel.UnblockUser(user.Id); + + if (result > 0) + response = new HttpResponseMessage { StatusCode = HttpStatusCode.OK, Content = new StringContent(AIAConstants.USER_UNBLOCK_SUCCESS) }; + else + response = new HttpResponseMessage { StatusCode = HttpStatusCode.OK, Content = new StringContent(AIAConstants.USER_ALREADY_UNBLOCKED) }; + } + //else + //{ + // logger.Debug("inside else in UnblockUserController userData= " + user); + // return new HttpResponseMessage { StatusCode = HttpStatusCode.OK, Content = new StringContent(user.ToString()) }; + //} + return response; + } + + // PUT api/unblockuser/5 + public void Put(int id, [FromBody]string value) + { + } + + // DELETE api/unblockuser/5 + public void Delete(int id) + { + } + } +} \ No newline at end of file diff --git a/400-SOURCECODE/AIAHTML5.API/Models/DBModel.cs b/400-SOURCECODE/AIAHTML5.API/Models/DBModel.cs index c7a1be5..234b351 100644 --- a/400-SOURCECODE/AIAHTML5.API/Models/DBModel.cs +++ b/400-SOURCECODE/AIAHTML5.API/Models/DBModel.cs @@ -33,8 +33,8 @@ namespace AIAHTML5.API.Models protected static DataSet GetSQLData(string commandText, bool isSp) { ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); - logger.Debug(" inside GetSQLData for command text = " + commandText); - DataSet ds= null; + logger.Debug(" Inside GetSQLData for command text = " + commandText); + DataSet ds = null; try { conn = new SqlConnection(dbConnectionString); @@ -54,7 +54,7 @@ namespace AIAHTML5.API.Models } catch (SqlException ex) { - logger.Fatal("Exception in GetSQLData for command text =" + commandText + ", Exception= " + ex.Message); + logger.Fatal("Exception in GetSQLData for command text =" + commandText + ", Exception= " + ex.Message + ", STACKTRACE= "+ ex.StackTrace); } return ds; } @@ -92,7 +92,7 @@ namespace AIAHTML5.API.Models DataSet ds = new DataSet(); cmd.Connection = conn; - cmd.CommandText = "GetUserDetailsByLoginIdAndPassword"; + cmd.CommandText = "GetUserDetailsByLoginId"; cmd.CommandType = CommandType.StoredProcedure; param = new SqlParameter("@sLoginId", loginId); @@ -100,11 +100,6 @@ namespace AIAHTML5.API.Models param.DbType = DbType.String; cmd.Parameters.Add(param); - param = new SqlParameter("@sPassword", password); - param.Direction = ParameterDirection.Input; - param.DbType = DbType.String; - cmd.Parameters.Add(param); - da.SelectCommand = cmd; DataTable dt = new DataTable(); da.Fill(dt); @@ -167,14 +162,16 @@ namespace AIAHTML5.API.Models objUser.ModifiedDate = date; } if (dc.ColumnName == "UserTypeId") + { + objUser.UserTypeId = Convert.ToInt32(dr[dc]); objUser.UserType = objModel.GetUserTypeStringById(Convert.ToInt32(dr[dc])); + } if (dc.ColumnName == "IsActive") objUser.IsActive = Convert.ToBoolean(dr[dc]); } } } - else { objUser = null; @@ -182,18 +179,30 @@ namespace AIAHTML5.API.Models if (objUser != null) { + Hashtable licenseEditionHash = objModel.GetUserLicenseIdEditionIdByUserId(objUser.Id); + foreach (DictionaryEntry de in licenseEditionHash) + { + if (de.Key.ToString() == AIAConstants.LICENSE_KEY_ID) + objUser.LicenseId = Convert.ToInt32(de.Value); + if (de.Key.ToString() == AIAConstants.EDITION_KEY_ID) + objUser.EditionId = Convert.ToInt32(de.Value); + } - int licenseId = objModel.GetUserLicenseIdByUserId(objUser.Id); - if (licenseId != 0) + if (objUser.LicenseId != 0) { - objUser.License = objModel.GetLicenseDetailsByLicenseId(licenseId); - objUser.LicenseSubscriptions = objModel.GetLicenseSubscriptionDetailsByLicenseId(licenseId); + objUser.License = objModel.GetLicenseDetailsByLicenseId(objUser.LicenseId); + objUser.LicenseSubscriptions = objModel.GetLicenseSubscriptionDetailsByLicenseId(objUser.LicenseId); } else { objUser.License = null; } + objUser.IncorrectLoginAttemptCount = objModel.GetIncorrectLoginAttempts(objUser.Id); + if (objUser.IncorrectLoginAttemptCount >= 5) + objUser.IsBlocked = true; + + if (objUser.UserType == User.SUPER_ADMIN || objUser.UserType == User.GENERAL_ADMIN) { objUser.Modules = objModel.GetUserModules(); @@ -208,18 +217,18 @@ namespace AIAHTML5.API.Models if (subscriptionValidThrough != null && subscriptionValidThrough.Value.Date >= DateTime.Now.Date) { ArrayList allModulesList = objModel.GetUserModules(); - ArrayList licensedModulesList = objModel.GetModuleStatusByLicenseId(licenseId); + ArrayList licensedModulesList = objModel.GetModuleStatusByLicenseId(objUser.LicenseId); ArrayList userModuleList = objModel.GetUserModulesList(allModulesList, licensedModulesList); objUser.Modules = userModuleList; if (!objUser.License.IsTermAccepted) - { + { ArrayList termsList = DBModel.GetTermsOfServiceText(); - foreach(Hashtable item in termsList) + foreach (Hashtable item in termsList) { - objUser.TermsOfServiceTitle = item["title"].ToString(); - objUser.TermsOfServiceText = item["content"].ToString(); + objUser.TermsOfServiceTitle = item["title"].ToString(); + objUser.TermsOfServiceText = item["content"].ToString(); } } } @@ -231,14 +240,102 @@ namespace AIAHTML5.API.Models } } } - } + if (!string.Equals(objUser.Password, password)) + { + objUser.IsCorrectPassword = false; + objUser.IncorrectLoginAttemptCount = objModel.GetIncorrectLoginAttempts(objUser.Id) + 1; + + objUser.LoginFailureCauseId = ErrorHelper.E_PASSWORD_NOT_MATCH; + + if (objUser.IncorrectLoginAttemptCount == 1) + { + objModel.InsertIncorrectLoginAttempts(objUser.Id); + } + else + { + if (!objUser.IsBlocked) + objModel.UpdateIncorrectLoginAttempts(objUser.Id); + + if (objUser.IncorrectLoginAttemptCount > 4) + { + objUser.IsBlocked = true; + objUser.LoginFailureCauseId = ErrorHelper.E_USER_ID_BLOCKED_24_HRS; + } + } + if (objUser.License != null && !string.IsNullOrEmpty(objUser.License.AccountNumber)) + objModel.InsertUserLoginLog(objUser.License.AccountNumber, objUser.LoginFailureCauseId, null, objUser.EditionId.ToString(), null); + } + else + { + if (objUser.License != null) + { + if (objUser.License.IsActive && !objUser.IsSubscriptionExpired) + { + ArrayList blockedUsersList = objModel.GetBlockedUsers(objUser.UserTypeId, objUser.License.Id); + foreach (BlockedUser bUser in blockedUsersList) + { + DateTime LoginTime = (DateTime)bUser.LoginTime; + DateTime blockTime = LoginTime.AddDays(1); + var difference = DateTime.Compare(DateTime.Now, blockTime); + if (bUser.Id == objUser.Id) + { + if (difference >= 0) + { + objUser.IsBlocked = false; + } + else + { + objUser.IsBlocked = true; + } + } + } + if (!objUser.IsBlocked) + { + objUser.IsCorrectPassword = true; + objModel.InsertLoginDetails(objUser.Id); + objModel.DeleteIncorrectLoginAttempts(objUser.Id); + } + } + else + objUser.IsCorrectPassword = true; + } + else + { + ArrayList blockedAdminUsersList = objModel.GetBlockedAdminUsers(objUser.UserTypeId); + foreach (BlockedUser bUser in blockedAdminUsersList) + { + DateTime LoginTime = (DateTime)bUser.LoginTime; + DateTime blockTime = LoginTime.AddDays(1); + var difference = DateTime.Compare(DateTime.Now, blockTime); + if (bUser.Id == objUser.Id) + { + if (difference >= 0) + { + objUser.IsBlocked = false; + } + else + { + objUser.IsBlocked = true; + } + } + } + if (!objUser.IsBlocked) + { + objUser.IsCorrectPassword = true; + objModel.InsertLoginDetails(objUser.Id); + objModel.DeleteIncorrectLoginAttempts(objUser.Id); + } + } + } + } return objUser; } - protected int GetUserLicenseIdByUserId(int userId) + protected Hashtable GetUserLicenseIdEditionIdByUserId(int userId) { - int _licenseId = 0; + Hashtable hash = new Hashtable(); + conn = new SqlConnection(dbConnectionString); cmd = new SqlCommand(); SqlDataAdapter adapter; @@ -246,7 +343,7 @@ namespace AIAHTML5.API.Models DataSet ds = new DataSet(); cmd.Connection = conn; - cmd.CommandText = "GetLicenseIdByUserId"; + cmd.CommandText = "GetLicenseIdEditionIdByUserId"; cmd.CommandType = CommandType.StoredProcedure; param = new SqlParameter("@iUserId", userId); @@ -257,8 +354,11 @@ namespace AIAHTML5.API.Models adapter = new SqlDataAdapter(cmd); adapter.Fill(ds); if (ds.Tables[0].Rows.Count > 0) - _licenseId = Convert.ToInt32(ds.Tables[0].Rows[0][0]); - return _licenseId; + { + hash.Add("LicenseId", ds.Tables[0].Rows[0][0]); + hash.Add("EditionId", ds.Tables[0].Rows[0][1]); + } + return hash; } protected ArrayList GetModuleStatusByLicenseId(int licenseId) @@ -358,6 +458,9 @@ namespace AIAHTML5.API.Models public static User GetUserDetailsByEmailId(string emailId) { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" Inside GetUserDetailsByEmailId for emailId = " + emailId); + User objUser = new User(); DBModel objModel = new DBModel(); @@ -446,7 +549,9 @@ namespace AIAHTML5.API.Models } } catch (Exception ex) - { } + { + logger.Fatal("Exception in GetUserDetailsByEmailId for emailId= " + emailId + ", Exception= " + ex.Message + ", STACKTRACE= " + ex.StackTrace); + } return objUser; } @@ -470,6 +575,9 @@ namespace AIAHTML5.API.Models protected LicenseSubscriptionDetails GetLicenseSubscriptionDetailsByLicenseId(int licenseId) { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" Inside GetLicenseSubscriptionDetailsByLicenseId for LicenseId = " + licenseId); + LicenseSubscriptionDetails lsd = new LicenseSubscriptionDetails(); try { @@ -550,7 +658,7 @@ namespace AIAHTML5.API.Models } catch (Exception ex) { - + logger.Fatal("Exception in GetLicenseSubscriptionDetailsByLicenseId for LicenseId= " + licenseId + ", Exception= " + ex.Message + ", STACKTRACE= " + ex.StackTrace); } return lsd; @@ -558,6 +666,9 @@ namespace AIAHTML5.API.Models protected License GetLicenseDetailsByLicenseId(int licenseId) { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside GetLicenseDetailsByLicenseId for LicenseId = " + licenseId); + License lic = new License(); try { @@ -643,7 +754,7 @@ namespace AIAHTML5.API.Models } catch (Exception ex) { - + logger.Fatal("Exception in GetLicenseDetailsByLicenseId for LicenseId= " + licenseId + ", Exception= " + ex.Message + ", STACKTRACE= " + ex.StackTrace); } return lic; @@ -652,7 +763,7 @@ namespace AIAHTML5.API.Models public static int UpdateLicenseTermStatus(string accountNumber) { ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); - logger.Debug(" inside UpdateTermAcceptedStatus for AccountNumber = " + accountNumber); + logger.Debug(" inside UpdateLicenseTermStatus for AccountNumber = " + accountNumber); int result = 0; try { @@ -669,7 +780,7 @@ namespace AIAHTML5.API.Models catch (SqlException ex) { conn.Close(); - logger.Fatal("Exception in UpdateLicenseTermStatus for AccountNumber =" + accountNumber + ", Exception= " + ex.Message); + logger.Fatal("Exception in UpdateLicenseTermStatus for AccountNumber =" + accountNumber + ", Exception= " + ex.Message + ", STACKTRACE=" + ex.StackTrace); } return result; } @@ -692,5 +803,314 @@ namespace AIAHTML5.API.Models } return arrTermsOfService; } + + protected int InsertLoginDetails(int userId) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside InsertLoginDetails for UserId= " + userId); + + int result = 0; + try + { + conn = new SqlConnection(dbConnectionString); + cmd = new SqlCommand(); + cmd.Connection = conn; + conn.Open(); + cmd.CommandText = "InsertLoginDetail"; + cmd.CommandType = CommandType.StoredProcedure; + cmd.Parameters.AddWithValue("@iUserId", userId); + result = cmd.ExecuteNonQuery(); + conn.Close(); + } + catch (SqlException ex) + { + conn.Close(); + logger.Fatal("Exception in InsertLoginDetails for UserId= " + userId + ", Exception= " + ex.Message + ", STACKTRACE=" + ex.StackTrace); + } + return result; + } + + protected int InsertIncorrectLoginAttempts(int userId) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside InsertIncorrectLoginAttempts for UserId= " + userId); + + int result = 0; + try + { + conn = new SqlConnection(dbConnectionString); + cmd = new SqlCommand(); + cmd.Connection = conn; + conn.Open(); + cmd.CommandText = "InsertIncorrectLoginAttempt"; + cmd.CommandType = CommandType.StoredProcedure; + cmd.Parameters.AddWithValue("@iUserId", userId); + result = cmd.ExecuteNonQuery(); + conn.Close(); + } + catch (SqlException ex) + { + logger.Fatal("Exception in InsertIncorrectLoginAttempts for UserId= " + userId + ", Exception= " + ex.Message + ", STACKTRACE= "+ ex.StackTrace); + } + return result; + } + + protected int GetIncorrectLoginAttempts(int userId) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside GetIncorrectLoginAttempts for UserId = " + userId); + int count = 0; + try + { + conn = new SqlConnection(dbConnectionString); + cmd = new SqlCommand(); + cmd.Connection = conn; + cmd.CommandText = "GetIncorrectLoginAttempt"; + cmd.CommandType = CommandType.StoredProcedure; + cmd.Parameters.AddWithValue("@iUserId", userId); + SqlDataAdapter da = new SqlDataAdapter(); + da.SelectCommand = cmd; + DataSet ds = new DataSet(); + da.Fill(ds); + DataTable dt = ds.Tables[0]; + + foreach (DataRow dr in dt.Rows) + { + foreach (DataColumn dc in dt.Columns) + { + count = Convert.ToInt32(dr[dc]); + } + } + } + catch (SqlException ex) + { + logger.Fatal("Exception in GetIncorrectLoginAttempts for UserId = " + userId + " Exception= " + ex.Message + ", STACKTRACE= " + ex.StackTrace); + } + return count; + } + + protected int UpdateIncorrectLoginAttempts(int userId) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside UpdateIncorrectLoginAttempts for UserId= " + userId); + + int result = 0; + try + { + conn = new SqlConnection(dbConnectionString); + cmd = new SqlCommand(); + cmd.Connection = conn; + conn.Open(); + cmd.CommandText = "UpdateIncorrectLoginAttempts"; + cmd.CommandType = CommandType.StoredProcedure; + cmd.Parameters.AddWithValue("@iUserId", userId); + result = cmd.ExecuteNonQuery(); + conn.Close(); + } + catch (SqlException ex) + { + conn.Close(); + logger.Fatal("Exception in UpdateIncorrectLoginAttempts for UserId= " + userId + ", Exception= " + ex.Message + ", STACKTRACE=" + ex.StackTrace); + } + return result; + } + + protected int DeleteIncorrectLoginAttempts(int userId) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside DeleteIncorrectLoginAttempts for UserId= " + userId); + + int result = 0; + try + { + conn = new SqlConnection(dbConnectionString); + cmd = new SqlCommand(); + cmd.Connection = conn; + conn.Open(); + cmd.CommandText = "DeleteIncorrectLoginAttempts"; + cmd.CommandType = CommandType.StoredProcedure; + cmd.Parameters.AddWithValue("@iUserId", userId); + result = cmd.ExecuteNonQuery(); + conn.Close(); + } + catch (SqlException ex) + { + conn.Close(); + logger.Fatal("Exception in DeleteIncorrectLoginAttempts for UserId= " + userId + ", Exception= " + ex.Message + ", STACKTRACE= "+ ex.StackTrace); + } + return result; + } + + protected ArrayList GetLoginFailureCauses() + { + ArrayList failureCauseList = new ArrayList(); + Hashtable fcHash = null; + + string sp = "GetAllLoginFailureCauses"; + + DataSet ds = DBModel.GetSQLData(sp, true); + DataTable dt = ds.Tables[0]; + + foreach (DataRow drFailureCause in dt.Rows) + { + fcHash = new Hashtable(); + fcHash.Add(AIAConstants.KEY_ID, drFailureCause["Id"]); + fcHash.Add(AIAConstants.KEY_DESCRIPTION, drFailureCause["Description"]); + failureCauseList.Add(fcHash); + } + return failureCauseList; + } + + protected int InsertUserLoginLog(string accountNumber, Int16 failureId, string referalUrl, string edition, string httpReferer) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside InsertUserLoginLog for AccountNumber= " + accountNumber); + + int result = 0; + try + { + conn = new SqlConnection(dbConnectionString); + cmd = new SqlCommand(); + cmd.Connection = conn; + conn.Open(); + cmd.CommandText = "InsertLoginErrorLog"; + cmd.CommandType = CommandType.StoredProcedure; + cmd.Parameters.AddWithValue("@nvAccountNumber", accountNumber); + cmd.Parameters.AddWithValue("@dtLogDate", DateTime.Now); + cmd.Parameters.AddWithValue("@tiFailureId", failureId); + cmd.Parameters.AddWithValue("@nvReferalUrl", referalUrl); + cmd.Parameters.AddWithValue("@nvEdition", edition); + cmd.Parameters.AddWithValue("@nvHttpReferer", httpReferer); + result = cmd.ExecuteNonQuery(); + conn.Close(); + } + catch (SqlException ex) + { + logger.Fatal("Exception in InsertUserLoginLog for AccountNumber= " + accountNumber + ", Exception= " + ex.Message + ", STACKTRACE= " + ex.StackTrace); + } + return result; + } + + protected ArrayList GetBlockedUsers(int userTypeId, int licenseId) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside GetBlockedUsers for LicenseId= " + licenseId + " & UserTypeId= " + userTypeId); + + ArrayList blockedUsersList = new ArrayList(); + BlockedUser blockedUser = new BlockedUser(); + DataTable dt = null; + try + { + conn = new SqlConnection(dbConnectionString); + cmd = new SqlCommand(); + cmd.Connection = conn; + cmd.CommandText = "GetBlockedUserByAccNoAndType"; + cmd.CommandType = CommandType.StoredProcedure; + cmd.Parameters.AddWithValue("@iUserTypeId", userTypeId); + cmd.Parameters.AddWithValue("@iLicenseId", licenseId); + SqlDataAdapter da = new SqlDataAdapter(); + da.SelectCommand = cmd; + dt = new DataTable(); + da.Fill(dt); + + if (dt.Rows.Count > 0) + { + foreach (DataRow dr in dt.Rows) + { + foreach (DataColumn dc in dt.Columns) + { + if (dc.ColumnName == "Id") + blockedUser.Id = Convert.ToInt32(dr[dc]); + if (dc.ColumnName == "FirstName") + blockedUser.FirstName = dr[dc].ToString(); + if (dc.ColumnName == "LastName") + blockedUser.LastName = dr[dc].ToString(); + if (dc.ColumnName == "EmailId") + blockedUser.EmailId = dr[dc].ToString(); + if (dc.ColumnName == "LoginId") + blockedUser.LoginId = dr[dc].ToString(); + if (dc.ColumnName == "Password") + blockedUser.Password = dr[dc].ToString(); + if (dc.ColumnName == "AccountNumber") + blockedUser.AccountNumber = dr[dc].ToString(); + if (dc.ColumnName == "LoginTime") + blockedUser.LoginTime = Convert.ToDateTime(dr[dc]); + } + blockedUsersList.Add(blockedUser); + } + } + } + catch (SqlException ex) + { + logger.Fatal("Exception in GetBlockedUsers for LicenseId= " + licenseId + " & UserTypeId= " + userTypeId + ", Exception= " + ex.Message + ", STACKTRACE= " + ex.StackTrace); + } + return blockedUsersList; + } + + protected ArrayList GetBlockedAdminUsers(int userTypeId) + { + ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); + logger.Debug(" inside GetBlockedAdminUsers for UserTypeId= " + userTypeId); + + ArrayList blockedUsersList = new ArrayList(); + BlockedUser blockedUser = null; + DataTable dt = null; + try + { + conn = new SqlConnection(dbConnectionString); + cmd = new SqlCommand(); + cmd.Connection = conn; + cmd.CommandText = "GetBlockedUserByUserType"; + cmd.CommandType = CommandType.StoredProcedure; + cmd.Parameters.AddWithValue("@iUserTypeId", userTypeId); + SqlDataAdapter da = new SqlDataAdapter(); + da.SelectCommand = cmd; + dt = new DataTable(); + da.Fill(dt); + + if (dt.Rows.Count > 0) + { + foreach (DataRow dr in dt.Rows) + { + blockedUser = new BlockedUser(); + foreach (DataColumn dc in dt.Columns) + { + if (dc.ColumnName == "Id") + blockedUser.Id = Convert.ToInt32(dr[dc]); + if (dc.ColumnName == "FirstName") + blockedUser.FirstName = dr[dc].ToString(); + if (dc.ColumnName == "LastName") + blockedUser.LastName = dr[dc].ToString(); + if (dc.ColumnName == "EmailId") + blockedUser.EmailId = dr[dc].ToString(); + if (dc.ColumnName == "LoginId") + blockedUser.LoginId = dr[dc].ToString(); + if (dc.ColumnName == "Password") + blockedUser.Password = dr[dc].ToString(); + if (dc.ColumnName == "AccountNumber") + blockedUser.AccountNumber = dr[dc].ToString(); + if (dc.ColumnName == "LoginTime") + blockedUser.LoginTime = Convert.ToDateTime(dr[dc]); + } + blockedUsersList.Add(blockedUser); + } + } + } + catch (SqlException ex) + { + logger.Fatal("Exception in GetBlockedAdminUsers for UserTypeId= " + userTypeId + ", Exception= " + ex.Message + ", STACKTRACE= " + ex.StackTrace); + } + return blockedUsersList; + } + + public static int UnblockUser(int userId) + { + int result = 0; + DBModel objModel = new DBModel(); + + result = objModel.DeleteIncorrectLoginAttempts(userId); + + return result; + } } } \ No newline at end of file diff --git a/400-SOURCECODE/AIAHTML5.API/Models/User.cs b/400-SOURCECODE/AIAHTML5.API/Models/User.cs index 7746e48..176f703 100644 --- a/400-SOURCECODE/AIAHTML5.API/Models/User.cs +++ b/400-SOURCECODE/AIAHTML5.API/Models/User.cs @@ -22,7 +22,14 @@ namespace AIAHTML5.API.Models public int? ModifierId { get; set; } public DateTime? ModifiedDate { get; set; } public string UserType { get; set; } + public int UserTypeId { get; set; } public bool IsActive { get; set; } + public bool IsCorrectPassword { get; set; } + public int IncorrectLoginAttemptCount { get; set; } + public bool IsBlocked { get; set; } + public int LicenseId { get; set; } + public int EditionId { get; set; } + public Int16 LoginFailureCauseId { get; set; } public ArrayList Modules { get; set; } @@ -89,4 +96,16 @@ namespace AIAHTML5.API.Models public double AmountPending { get; set; } public int NoOfImages { get; set; } } + + public class BlockedUser + { + public int Id { get; set; } + public string FirstName { get; set; } + public string LastName { get; set; } + public string LoginId { get; set; } + public string Password { get; set; } + public string EmailId { get; set; } + public string AccountNumber { get; set; } + public DateTime LoginTime { get; set; } + } } \ No newline at end of file diff --git a/400-SOURCECODE/AIAHTML5.API/Models/UserUtility.cs b/400-SOURCECODE/AIAHTML5.API/Models/UserUtility.cs index 782fb28..e43fee0 100644 --- a/400-SOURCECODE/AIAHTML5.API/Models/UserUtility.cs +++ b/400-SOURCECODE/AIAHTML5.API/Models/UserUtility.cs @@ -18,7 +18,7 @@ namespace AIAHTML5.API.Models { public class UserUtility { - public static bool SendEmail(dynamic UserDetails, bool havePassword) + public static bool SendEmail(dynamic UserDetails, bool havePassword, bool unbLockUser = false) { ILog logger = log4net.LogManager.GetLogger((System.Reflection.MethodBase.GetCurrentMethod().DeclaringType)); logger.Debug("inside SendEmail in for havePassword =" + havePassword); @@ -71,8 +71,16 @@ namespace AIAHTML5.API.Models if (havePassword) { - templatePath = "~/Templates/forgot-Password.html"; - resetPasswordLink = site_url + "?em:" + HttpUtility.UrlEncode(userMail); + if (unbLockUser) + { + templatePath = "~/Templates/unblock-User.html"; + resetPasswordLink = site_url + "?unb:" + HttpUtility.UrlEncode(userMail); + } + else + { + templatePath = "~/Templates/forgot-Password.html"; + resetPasswordLink = site_url + "?em:" + HttpUtility.UrlEncode(userMail); + } } else templatePath = "~/Templates/forgot-UserId.html"; @@ -105,8 +113,12 @@ namespace AIAHTML5.API.Models if (!havePassword) mailSubject = "UserID recovery mail for: "; else - mailSubject = "Password recovery mail for: "; - + { + if (unbLockUser) + mailSubject = "Unblock user request mail for: "; + else + mailSubject = "Password recovery mail for: "; + } emailUtility.sHostName = Convert.ToString(ConfigurationManager.AppSettings["HostAddress"]); emailUtility.sFromAddress = Convert.ToString(ConfigurationManager.AppSettings["SenderEmailAddress"]); diff --git a/400-SOURCECODE/AIAHTML5.API/Models/Users.cs b/400-SOURCECODE/AIAHTML5.API/Models/Users.cs index b8d4022..7f60c7b 100644 --- a/400-SOURCECODE/AIAHTML5.API/Models/Users.cs +++ b/400-SOURCECODE/AIAHTML5.API/Models/Users.cs @@ -60,11 +60,11 @@ namespace AIAHTML5.API.Models catch (Exception e) { - logger.Fatal("Exception in AuthenticateUser for loginId =" + credentials["username"].ToString() + " and password= " + credentials["password"].ToString() + "Exception= " + e.Message); + logger.Fatal("Exception in AuthenticateUser for loginId =" + credentials["username"].ToString() + " and password= " + credentials["password"].ToString() + "Exception= " + e.Message + ", STACKTRACE: " + e.StackTrace); string errorMessage = AIAConstants.ERROR_IN_FECTHING_DETAILS; string error = "Message: " + e.Message + ", STACKTRACE: " + e.StackTrace; - userDetails = error; + userDetails = errorMessage; } return userDetails; } @@ -122,7 +122,7 @@ namespace AIAHTML5.API.Models } catch (Exception ex) { - logger.Fatal("Exception in Gettting UserDetailsByEmailId for EmailId =" + userInfo["emailId"].ToString() + " Exception= " + ex.Message); + logger.Fatal("Exception in Gettting UserDetailsByEmailId for EmailId =" + userInfo["emailId"].ToString() + " Exception= " + ex.Message + ", STACKTRACE: " + ex.StackTrace); string errorMessage = AIAConstants.ERROR_IN_FECTHING_DETAILS; return errorMessage; @@ -146,14 +146,14 @@ namespace AIAHTML5.API.Models int result = DBModel.UpdateUserPassword(userInfo); - if (result != null) + if (result > 0) return result; else return AIAConstants.USER_NOT_FOUND; } catch (Exception e) { - logger.Fatal("Exception= " + e.Message); + logger.Fatal("Exception= " + e.Message + ", STACKTRACE: " + e.StackTrace); return AIAConstants.ERROR_IN_FECTHING_DETAILS; } } diff --git a/400-SOURCECODE/AIAHTML5.API/Templates/unblock-User.html b/400-SOURCECODE/AIAHTML5.API/Templates/unblock-User.html new file mode 100644 index 0000000..a076de8 --- /dev/null +++ b/400-SOURCECODE/AIAHTML5.API/Templates/unblock-User.html @@ -0,0 +1,87 @@ + + + + + + + + + + + + + +
+ AIA +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Unblock Account
 
Hi,
 
You have requested to unblock your account for emailId: {emailId}
 
Click the Unblock button below to unblock your A.D.A.M. Interactive Anatomy™ account
 
+ Unblock +  
 
 
 
 
+
+ + + + + + + + + + + + + + + + + +
A.D.A.M. – the company that pioneered online health content – is dedicated to creating and offering the most effective and innovative educational solutions possible for teaching medical science and improving health literacy.
 
Give us a call toll-free at 1-888-278-9614 or send us an email if you have any questions or if you need help. It will be our pleasure to help you.
 
 
© 2017 Ebix, Inc. All Rights Reserved.
+
\ No newline at end of file diff --git a/400-SOURCECODE/AIAHTML5.Web/app/controllers/HomeController.js b/400-SOURCECODE/AIAHTML5.Web/app/controllers/HomeController.js index 96404cb..e681eb1 100644 --- a/400-SOURCECODE/AIAHTML5.Web/app/controllers/HomeController.js +++ b/400-SOURCECODE/AIAHTML5.Web/app/controllers/HomeController.js @@ -83,7 +83,8 @@ function ($rootScope, Modules, $log, $location, $timeout, DataService, Authentic havePassword: null, newPassword: null, confirmPassword: null, - userMessage: null + userMessage: null, + unblockUser: null }; $rootScope.userData; $rootScope.userModules; @@ -113,6 +114,8 @@ function ($rootScope, Modules, $log, $location, $timeout, DataService, Authentic //$rootScope.isVisibleLogin = false; //$rootScope.isVisibleResetPass = true; VerifyUrlForQuerystring(); + if ($location.url().indexOf('?unb:') != -1) + $rootScope.UnblockUser(); getUserDetails(); } @@ -140,7 +143,7 @@ function ($rootScope, Modules, $log, $location, $timeout, DataService, Authentic if (result == LoginConstants.USER_NOT_FOUND) { $rootScope.isVisibleLogin = true; // alert(LoginMessageConstants.USER_OR_PASSWORD_INCORRECT); - $rootScope.errorMessage = LoginMessageConstants.USER_OR_PASSWORD_INCORRECT; + $rootScope.errorMessage = LoginMessageConstants.INVALID_USER; $("#messageModal").modal('show'); } else if (result == LoginConstants.ERROR_IN_FECTHING_DETAILS) { @@ -160,6 +163,18 @@ function ($rootScope, Modules, $log, $location, $timeout, DataService, Authentic $rootScope.errorMessage = LoginMessageConstants.INVALID_USER; $("#messageModal").modal('show'); } + else if (!result.IsCorrectPassword) { + if (result.IncorrectLoginAttemptCount < 5) { + $rootScope.isVisibleLogin = true; + $rootScope.errorMessage = LoginMessageConstants.INVALID_PASSWORD; + $("#messageModal").modal('show'); + } + else { + $rootScope.isVisibleLogin = true; + $rootScope.errorMessage = LoginMessageConstants.USER_BLOCKED; + $("#messageModal").modal('show'); + } + } else { if ((!result.IsSubscriptionExpired) && (result.UserType == UserTypeConstants.SUPER_ADMIN) || result.UserType == UserTypeConstants.GENERAL_ADMIN && result.IsActive) { $rootScope.userData = result; @@ -328,10 +343,17 @@ function ($rootScope, Modules, $log, $location, $timeout, DataService, Authentic } $rootScope.SendMailToUser = function (userInfo, isMailForPassword) { + var selectedOption = $("input[name='inlineRadioOptions']:checked").val(); if ((userInfo.emailId != null) && (userInfo.emailId != '')) { if (validateEmail(userInfo.emailId)) { - if (isMailForPassword == true) + if (isMailForPassword == true && selectedOption == LoginMessageConstants.UNBLOCK_SELECTED) { + userInfo.unblockUser = true; userInfo.havePassword = true; + } + else if (isMailForPassword == true && selectedOption == LoginMessageConstants.FORGOT_PASSWORD_SELECTED) { + userInfo.unblockUser = false; + userInfo.havePassword = true; + } else userInfo.havePassword = false; @@ -363,8 +385,12 @@ function ($rootScope, Modules, $log, $location, $timeout, DataService, Authentic $('.forgot-sm1').fadeOut(); $('.forgot-sm1').modal('hide'); } - if (isMailForPassword) - message = LoginMessageConstants.RESET_PASSWORD; + if (isMailForPassword) { + if (userInfo.unblockUser) + message = LoginMessageConstants.USER_UNBLOCK_LINK_IN_EMAIL; + else + message = LoginMessageConstants.RESET_PASSWORD; + } else message = LoginMessageConstants.USERID_SENT_IN_EMAIL //alert(message); @@ -463,6 +489,42 @@ function ($rootScope, Modules, $log, $location, $timeout, DataService, Authentic } + $rootScope.UnblockUser = function () { + var userEmailId = ''; + var url = $location.url(); + if (url.indexOf('?unb:') != -1) { + var split = url.split('?unb:'); + userEmailId = split[1]; + } + + //document.location = '/'; + + AuthenticationService.UnblockUser(userEmailId) + .then( + function (result) { + if (result == LoginMessageConstants.USER_UNBLOCK_SUCCESS) { + $rootScope.errorMessage = LoginMessageConstants.USER_UNBLOCK_SUCCESS_MESSAGE; + $("#messageModal").modal('show'); + //$('#messageModal.btn-primary').click(function () { + // document.location = '/'; + //}); + } + else { + $rootScope.errorMessage = LoginMessageConstants.USER_ALREADY_UNBLOCKED; + $("#messageModal").modal('show'); + //$('#messageModal.btn-primary').click(function () { + // document.location = '/'; + //}); + } + }, + function (error) { + console.log(' Error in authentication = ' + error.statusText); + $rootScope.errorMessage = LoginMessageConstants.ERROR_IN_FECTHING_DETAILS; + $("#messageModal").modal('show'); + } + ); + } + $rootScope.lexiconLanguageArray = []; $rootScope.lexiconLanguageArray.push({ id: "1", language: "English" }); $(document).ready(function () { diff --git a/400-SOURCECODE/AIAHTML5.Web/app/main/AIA.js b/400-SOURCECODE/AIAHTML5.Web/app/main/AIA.js index 380d783..5bc72c1 100644 --- a/400-SOURCECODE/AIAHTML5.Web/app/main/AIA.js +++ b/400-SOURCECODE/AIAHTML5.Web/app/main/AIA.js @@ -14,11 +14,11 @@ AIA.constant('pages', [ pageController: 'HomeController' }, { // id:1, - name: 'Dissectible Anatomy Views List', - pageSlug: 'da-view-list', - pageUrl: 'app/views/da/da-body-view-list.html', - pageController: 'DAController' - }, + name: 'Dissectible Anatomy Views List', + pageSlug: 'da-view-list', + pageUrl: 'app/views/da/da-body-view-list.html', + pageController: 'DAController' + }, { //id:2, name: 'Dissectible Anatomy Body View', pageSlug: 'da-body-view', @@ -40,11 +40,11 @@ AIA.constant('pages', [ }, { - // id:4, - name: 'Clinical Animations', - pageSlug: 'clinical-animations', - pageUrl: 'app/views/ca/ca-view.html', - pageController: 'CAController' + // id:4, + name: 'Clinical Animations', + pageSlug: 'clinical-animations', + pageUrl: 'app/views/ca/ca-view.html', + pageController: 'CAController' }, { // id:5, @@ -139,7 +139,7 @@ AIA.constant('pages', [ pageController: 'LinkController' }, - { + { name: 'A.D.A.M OnDemand', pageSlug: 'Link/aod', pageUrl: 'app/views/Link/Link-view.html', @@ -239,8 +239,8 @@ AIA.constant('Modules', [ Name: 'Lab Exercises', }, { - Id: 9, - Name: 'ADAM Images', + Id: 9, + Name: 'ADAM Images', }, { Id: 10, @@ -249,32 +249,32 @@ AIA.constant('Modules', [ { Id: 11, Name: 'Encyclopedia', - + }, { Id: 12, Name: 'IP 10', }, - + { - Id: 13, - Name: 'In-Depth Reports', + Id: 13, + Name: 'In-Depth Reports', }, { - Id: 14, - Name: 'Complementary and Alternative Medicine', + Id: 14, + Name: 'Complementary and Alternative Medicine', }, { - Id: 15, - Name: 'Body Guide', + Id: 15, + Name: 'Body Guide', }, { - Id: 16, - Name: 'Health Navigator', + Id: 16, + Name: 'Health Navigator', }, { - Id: 17, - Name: 'The Wellness Tools', + Id: 17, + Name: 'The Wellness Tools', }, ]); @@ -291,7 +291,7 @@ AIA.constant('BodyRegions', ['Abdomen', 'Body Wall and Back', 'Head and Neck', ' AIA.constant('BodySystems', ['Cardiovascular', 'Digestive', 'Endocrine', 'Immune', 'Integumentary', 'Lymphatic', 'Muscular', 'Nervous', 'Reproductive', 'Respiratory', 'Skeletal', 'Urinary']); -AIA.constant('ViewOrientations', ['Anterior', 'Posterior', 'Lateral','Medial', 'Superior', 'Inferior', 'Non-standard']); +AIA.constant('ViewOrientations', ['Anterior', 'Posterior', 'Lateral', 'Medial', 'Superior', 'Inferior', 'Non-standard']); AIA.constant('MedicalSpecialties', ['Allergy & Immunology', 'Anesthesiology', 'Cardiology', 'Chiropractic', 'Dentistry', 'Dermatology', 'Embryology', 'Emergency Medicine', 'Endocrinology', 'First Aid', 'Gastroenterology', 'General Surgery', 'Geriatrics', 'Hematology', 'Infectious Diseases', 'Microbiology', 'Nuclear Medicine', 'Nephrology', 'Neurology', 'Nutrition', 'Obstetrics and Gynecology (OB/GYN)', 'Oncology (Cancer)', 'Opthalmology', 'Optometry', 'Orthopedics', 'Osteopathy', 'Otolaryngology (ENT)', 'Pathology', 'Pediatrics', 'Physiology', 'Plastic Surgery', 'Podiatry', 'Pulmonary Medicine', 'Radiology', 'Respiratory Therapy', 'Rheumatology', 'Sports Medicine', 'Urology', 'Vascular Medicine', 'Thoracic Surgery']); @@ -305,7 +305,7 @@ AIA.constant("LoginConstants", { "USER_NOT_FOUND": "User not found.", "ERROR_IN_FECTHING_DETAILS": "Error in fecthing details.", "MAIL_NOT_SENT": "Mail not sent." - + }) AIA.constant("LoginMessageConstants", { @@ -326,7 +326,16 @@ AIA.constant("LoginMessageConstants", { "SUBSCRIPTION_EXPIRATION_MESSAGE": "Your license has been expired since ", "LICENSE_INACTIVE_MESSAGE": "Your license is inactive.", "INVALID_USER": "Invalid UserID", - "USER_INACTIVE_MESSAGE": "User ID is inactive." + "USER_INACTIVE_MESSAGE": "User ID is inactive.", + "INVALID_PASSWORD": "Invalid Password. UserID and password will be disabled if your password is entered incorrectly for five consecutive attempts. If you have forgotten your password, please click on the forgot password link.", + "USER_BLOCKED": 'Your User ID has been disabled for 24 hours. To unblock please click on "Reset Password" link and select proper option.', + "UNBLOCK_SELECTED": "unblock", + "FORGOT_PASSWORD_SELECTED": "forgotpwd", + "USER_UNBLOCK_LINK_IN_EMAIL": "Please check you email and unblock your account.", + "USER_UNBLOCK_SUCCESS": "User unblocked", + "USER_UNBLOCK_SUCCESS_MESSAGE": "Your account has been unblocked sucessfully.", + "USER_UNBLOCK_FAILED": "Unblock operation failed", + "USER_ALREADY_UNBLOCKED": "User already unblocked." //"ERROR_IN_FECTHING_DETAILS": "Error in fecthing details.", //"MAIL_NOT_SENT": "Mail not sent." @@ -335,8 +344,7 @@ AIA.constant("AdminConstants", { "ERROR_IN_SENDING_MAIL": "Some internal error occured.", "MAIL_SENT": "Mail sent.", "MAIL_NOT_SENT": "Mail not sent.", - "MAIL_SENT_SUCCESS_MESSAGE": "We have received your request. We will get back to you soon.", - + "MAIL_SENT_SUCCESS_MESSAGE": "We have received your request. We will get back to you soon." }) AIA.constant("UserTypeConstants", { "SUPER_ADMIN": "Super Admin", @@ -351,9 +359,9 @@ AIA.constant("UserTypeConstants", { }) AIA.constant("AIAConstants", { - - "NO_BODY_SYSTEM_AVAILABLE" : "No body system available in this layer.", - + + "NO_BODY_SYSTEM_AVAILABLE": "No body system available in this layer.", + }) AIA.constant("UserModules", [ @@ -428,7 +436,7 @@ AIA.constant("UserModules", [ ]); AIA.constant("AIAConstants", { - "NO_BODY_SYSTEM_AVAILABLE" : "No body system available in this layer.", + "NO_BODY_SYSTEM_AVAILABLE": "No body system available in this layer.", }) AIA.config(function ($routeProvider, pages, $locationProvider) { diff --git a/400-SOURCECODE/AIAHTML5.Web/app/services/AuthenticationService.js b/400-SOURCECODE/AIAHTML5.Web/app/services/AuthenticationService.js index 5b8918f..9ba8f23 100644 --- a/400-SOURCECODE/AIAHTML5.Web/app/services/AuthenticationService.js +++ b/400-SOURCECODE/AIAHTML5.Web/app/services/AuthenticationService.js @@ -70,6 +70,24 @@ deferred.reject(status); }); return deferred.promise; + }, + + UnblockUser: function (userEmailId) { + var deferred = $q.defer(); + + $http.post('/API/api/UnblockUser', JSON.stringify(userEmailId), { + headers: { + 'Content-Type': 'application/json' + } + }) + .success(function (data, status, headers, config) { + console.log('success') + deferred.resolve(data); + }).error(function (data, status, headers, config) { + console.log('error') + deferred.reject(status); + }); + return deferred.promise; } } diff --git a/400-SOURCECODE/AIAHTML5.Web/index.html b/400-SOURCECODE/AIAHTML5.Web/index.html index c0cf5b2..8f405e8 100644 --- a/400-SOURCECODE/AIAHTML5.Web/index.html +++ b/400-SOURCECODE/AIAHTML5.Web/index.html @@ -159,7 +159,6 @@ #refreshBtn { color: #ffffff; } - @@ -231,7 +230,7 @@