diff --git a/Email/NMSReportingSuite/pom.xml b/Email/NMSReportingSuite/pom.xml
index b6a03a527..0a7c9105e 100644
--- a/Email/NMSReportingSuite/pom.xml
+++ b/Email/NMSReportingSuite/pom.xml
@@ -143,34 +143,35 @@
         </dependency>
 
         <!-- Apache Shiro -->
+<!--        latest versions no longer work with our project, so changed to a version that works-->
         <dependency>
             <groupId>org.apache.shiro.samples</groupId>
             <artifactId>samples-spring-client</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-core</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-ehcache</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-spring</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-web</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
diff --git a/Email/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/EmailController.java b/Email/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/EmailController.java
index a399e2914..ea3587404 100644
--- a/Email/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/EmailController.java
+++ b/Email/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/EmailController.java
@@ -62,8 +62,12 @@ String sendPassword(@PathVariable String encoded) throws Exception {
     //changed the 'from' emailId from beehyv domain address to govt domain address
         String email = tokenItems[0];
         String password = tokenItems[1];
-        String subject = "Reset Password for MIS Portal";
-        String message = "\"Dear user,<br/><br/><p>As per your request, your password has been reset to: <b>" +
+        String type = tokenItems[2];
+        String subject = "Password for MIS Portal";
+        String line = "As per your request, your password has been reset to:";
+        if(type.equals("new")) line = "The password for your newly created MIS account is:";
+        else if(type.equals("admin")) line = "The password for your MIS account has been reset by the admin to:";
+        String message = "\"Dear user,<br/><br/><p>"+line+"<b>" +
                password +
               "</b></p><br/><p>Once you login to the MIS portal with the above password, the system will direct you to change the default password as it is mandatory.</p><br/>" +
              "<p>Thanks,</p>" +"<p>NSP Support</p>\"";
@@ -81,19 +85,6 @@ String sendPassword(@PathVariable String encoded) throws Exception {
                 return "failure";
             }
         }catch (InterruptedException e){return "failure";}
-//        EmailInfo newMail = new EmailInfo();
-//        newMail.setFrom("nsp-reports@beehyv.com");
-//        newMail.setTo(email);
-//        Calendar c = Calendar.getInstance();   // this takes current date
-//        c.add(Calendar.MONTH, -1);
-//        c.set(Calendar.DATE, 1);
-//        newMail.setSubject("Reset Password for MIS Portal");
-//        newMail.setBody("Dear user,<br/><br/><p>As per your request, your password has been reset to: <b>" +
-//                password +
-//                "</b></p><br/><p>Once you login to the MIS portal with the above password, the system will direct you to change the default password as it is mandatory.</p><br/>" +
-//                "<p>Thanks,</p>" +
-//                "<p>NSP Support</p>");
-//        return emailService.sendMailPassword(newMail);
     }
 
     @RequestMapping(value = "/sendCaptcha/{captchaResponse}", method = RequestMethod.GET)
diff --git a/NMSReportingSuite/pom.xml b/NMSReportingSuite/pom.xml
index 01c74c980..ba6b91f9e 100644
--- a/NMSReportingSuite/pom.xml
+++ b/NMSReportingSuite/pom.xml
@@ -159,34 +159,35 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/ma
         </dependency>
 
         <!-- Apache Shiro -->
+<!--        latest versions no longer work with our projects, so switched to the lastest working version-->
         <dependency>
             <groupId>org.apache.shiro.samples</groupId>
             <artifactId>samples-spring-client</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-core</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-ehcache</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-spring</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
             <groupId>org.apache.shiro</groupId>
             <artifactId>shiro-web</artifactId>
-            <version>LATEST</version>
+            <version>1.4.1</version>
         </dependency>
 
         <dependency>
diff --git a/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/business/impl/CsrfInterceptor.java b/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/business/impl/CsrfInterceptor.java
new file mode 100644
index 000000000..81e10a222
--- /dev/null
+++ b/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/business/impl/CsrfInterceptor.java
@@ -0,0 +1,38 @@
+package com.beehyv.nmsreporting.business.impl;
+
+import com.beehyv.nmsreporting.business.UserService;
+import com.beehyv.nmsreporting.model.User;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class CsrfInterceptor extends HandlerInterceptorAdapter {
+    @Autowired
+    private UserService userService;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        User currentUser = userService.getCurrentUser();
+
+        if(currentUser == null) {
+            return false;
+        }
+        String token = "dhty" + currentUser.getUserId().toString() + "alkihkf";
+        return request.getHeader("csrfToken").equals(token);
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+    }
+
+    @Override
+    public void afterConcurrentHandlingStarted(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+    }
+}
diff --git a/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/business/impl/UserServiceImpl.java b/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/business/impl/UserServiceImpl.java
index 8c837c582..f22855fe2 100644
--- a/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/business/impl/UserServiceImpl.java
+++ b/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/business/impl/UserServiceImpl.java
@@ -11,6 +11,7 @@
 import com.beehyv.nmsreporting.enums.ModificationType;
 import com.beehyv.nmsreporting.model.*;
 import com.beehyv.nmsreporting.utils.LoginUser;
+import com.beehyv.nmsreporting.utils.ServiceFunctions;
 import org.apache.shiro.SecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -55,6 +56,8 @@ public class UserServiceImpl implements UserService{
     @Autowired
     private AggregateCumulativeMADao aggregateCumulativeMADao;
 
+    private ServiceFunctions serviceFunctions = new ServiceFunctions();
+
     private Role getAdminRole(){
         return roleDao.findByRoleDescription(AccessType.ADMIN.getAccessType()).get(0);
     }
@@ -140,11 +143,6 @@ public Map<Integer, String> createNewUser(User user) {
             responseMap.put(rowNum, userNameError);
             return responseMap;
         }
-        if (userDao.findByUserName(user.getUsername()) != null) {
-            String userNameError = "Username already exists.";
-            responseMap.put(rowNum, userNameError);
-            return responseMap;
-        }
 
         String userPhone = user.getPhoneNumber();
         String regexStr1 = "^[0-9]*$";
@@ -311,8 +309,13 @@ else if (user.getAccessLevel().equalsIgnoreCase(AccessLevel.DISTRICT.getAccessLe
 //                return responseMap;
 //            }
         }
-
-        user.setPassword(passwordEncoder.encode(user.getPhoneNumber()));
+        if (userDao.findByUserName(user.getUsername()) != null) {
+            String userNameError = "Username already exists.";
+            responseMap.put(rowNum, userNameError);
+            return responseMap;
+        }
+        String password = serviceFunctions.generatePassword();
+        user.setPassword(passwordEncoder.encode(password));
         user.setCreationDate(new Date());
         user.setCreatedByUser(currentUser);
         user.setAccountStatus(AccountStatus.ACTIVE.getAccountStatus());
@@ -321,6 +324,7 @@ else if (user.getAccessLevel().equalsIgnoreCase(AccessLevel.DISTRICT.getAccessLe
         userDao.saveUser(user);
         String authorityError = "User Created";
         responseMap.put(rowNum, authorityError);
+        responseMap.put(1,password);
         return responseMap;
     }
 
@@ -609,10 +613,13 @@ public Map<Integer, String> updatePassword(PasswordDto passwordDto) {
             responseMap.put(rowNum, authorityError);
             return responseMap;
         }
-        entity.setPassword(passwordEncoder.encode(entity.getPhoneNumber()));
+        String password = serviceFunctions.generatePassword();
+        entity.setPassword(passwordEncoder.encode(password));
         entity.setDefault(true);
 
         responseMap.put(rowNum, "Password changed successfully");
+        responseMap.put(1,password);
+        responseMap.put(2, entity.getEmailId());
         return responseMap;
     }
 
diff --git a/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/AdminController.java b/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/AdminController.java
index 162c8ede5..531d058d5 100644
--- a/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/AdminController.java
+++ b/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/AdminController.java
@@ -11,6 +11,7 @@
 import com.beehyv.nmsreporting.model.ModificationTracker;
 import com.beehyv.nmsreporting.model.State;
 import com.beehyv.nmsreporting.model.User;
+import org.apache.commons.codec.binary.Base64;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.expression.ParseException;
 import org.springframework.stereotype.Controller;
@@ -19,6 +20,8 @@
 
 import javax.servlet.http.HttpServletResponse;
 import java.io.*;
+import java.net.HttpURLConnection;
+import java.net.URL;
 import java.util.*;
 
 import static com.beehyv.nmsreporting.enums.ReportType.maCourse;
@@ -104,7 +107,12 @@ public Map uploadFileHandler(@RequestParam("bulkCsv") MultipartFile file) {
     @ResponseBody
     public String getBulkDataImportCSV(HttpServletResponse response) throws ParseException, java.text.ParseException{
 
-       response.setContentType("APPLICATION/OCTECT-STREAM");
+        User user = userService.getCurrentUser();
+        if(user==null||!(user.getRoleName().equals("MASTER ADMIN"))&&!(user.getRoleName().equals("ADMIN"))){
+            return "Not Authorized";
+        }
+
+        response.setContentType("APPLICATION/OCTECT-STREAM");
         try {
             PrintWriter out=response.getWriter();
             String filename="BulkImportData.csv";
@@ -137,7 +145,7 @@ public String getCumulativeCourseCompletion(@PathVariable("state") String State,
     }*/
 
     @RequestMapping(value = {"/changePassword"}, method = RequestMethod.POST)
-    @ResponseBody public Map resetPassword(@RequestBody PasswordDto passwordDto){
+    @ResponseBody public Map resetPassword(@RequestBody PasswordDto passwordDto) throws Exception{
         //        String trackModification = mapper.convertValue(node.get("modification"), String.class);
 //
 //        ModificationTracker modification = new ModificationTracker();
@@ -148,9 +156,39 @@ public String getCumulativeCourseCompletion(@PathVariable("state") String State,
 //        modification.setModifiedField(trackModification);
 //        modificationTrackerService.saveModification(modification);
 
-//        return "redirect:http://localhost:8080/app/#!/";
+//        return "redirect:https://rchivrreports.in/app/#!/";
         Map<Integer, String> map= userService.updatePassword(passwordDto);
         if(map.get(0).equals("Password changed successfully")){
+            String password = map.get(1);
+            String email = map.get(2);
+            byte[] encoded = Base64.encodeBase64((email + "||" + password + "||admin").getBytes());
+            String encrypted = new String(encoded);
+            String url = "http://192.168.200.4:8080/NMSReportingSuite/nms/mail/sendPassword/" + encrypted;
+            URL obj = new URL(url);
+            HttpURLConnection con = (HttpURLConnection) obj.openConnection();
+
+            // optional default is GET
+            con.setRequestMethod("GET");
+
+            //add request header
+            con.setRequestProperty("User-Agent", "Mozilla/5.0");
+
+            int responseCode = con.getResponseCode();
+            System.out.println("\nSending 'GET' request to URL : " + url);
+            System.out.println("Response Code : " + responseCode);
+
+            BufferedReader in = new BufferedReader(
+                    new InputStreamReader(con.getInputStream()));
+            String inputLine;
+            StringBuffer response = new StringBuffer();
+
+            while ((inputLine = in.readLine()) != null) {
+                response.append(inputLine);
+            }
+            in.close();
+
+            //print result
+            System.out.println(response.toString());
             ModificationTracker modification = new ModificationTracker();
             modification.setModificationDate(new Date(System.currentTimeMillis()));
             modification.setModificationType(ModificationType.UPDATE.getModificationType());
@@ -159,7 +197,9 @@ public String getCumulativeCourseCompletion(@PathVariable("state") String State,
             modification.setModifiedByUserId(userService.getCurrentUser().getUserId());
             modificationTrackerService.saveModification(modification);
         }
-        return map;
+        Map<Integer, String> requiredmap=new HashMap<>();
+        requiredmap.put(0,map.get(0));
+        return requiredmap;
     }
     @RequestMapping(value = "/create", method = RequestMethod.GET)
     @ResponseBody
diff --git a/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/UserController.java b/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/UserController.java
index 565dc9c21..b7b74d76b 100644
--- a/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/UserController.java
+++ b/NMSReportingSuite/src/main/java/com/beehyv/nmsreporting/controller/UserController.java
@@ -136,7 +136,7 @@ public class UserController {
     @RequestMapping(value={"/roles"} , method = RequestMethod.POST)
     public @ResponseBody List<Role> getRoles() {
         User currentUser = userService.getCurrentUser();
-        if(currentUser.getUserId() != null){
+        if(currentUser.getUserId() != null&&((currentUser.getRoleName().equals("MASTER ADMIN"))||(currentUser.getRoleName().equals("ADMIN")))){
             return roleService.getRoles();
         } else
             return null;
@@ -256,13 +256,16 @@ public class UserController {
 
 
     }
-
+//returning a user only if current user is the creator, this api is used only during edit user
     @RequestMapping(value={"/user/{userId}"})
     public @ResponseBody User getUserById(@PathVariable("userId") Integer userId) {
-        User currentUser = userService.getCurrentUser();
-        if(currentUser.getUserId() != null){
-            return userService.findUserByUserId(userId);
-        } else
+        if(getCurrentUser() != null){
+            User user = userService.findUserByUserId(userId);
+            if(getCurrentUser().getUserId().equals(user.getCreatedByUser().getUserId())) {
+                return user;
+            }
+            return null;
+        }
             return null;
     }
 
@@ -298,13 +301,43 @@ public class UserController {
 //    }
 
     @RequestMapping(value = {"/createUser"}, method = RequestMethod.POST)
-    @ResponseBody public Map<Integer, String> createNewUser(@RequestBody User user) {
+    @ResponseBody public Map<Integer, String> createNewUser(@RequestBody User user) throws Exception {
 
         User currentUser = userService.getCurrentUser();
         if(currentUser != null){
             user = locationService.SetLocations(user);
             Map<Integer,String> map = userService.createNewUser(user);
             if(map.get(0).equals("User Created")){
+                String password = map.get(1);
+                String email = user.getEmailId();
+                byte[] encoded = Base64.encodeBase64((email + "||" + password + "||new").getBytes());
+                String encrypted = new String(encoded);
+                String url = "http://192.168.200.4:8080/NMSReportingSuite/nms/mail/sendPassword/" + encrypted;
+                URL obj = new URL(url);
+                HttpURLConnection con = (HttpURLConnection) obj.openConnection();
+
+                // optional default is GET
+                con.setRequestMethod("GET");
+
+                //add request header
+                con.setRequestProperty("User-Agent", USER_AGENT);
+
+                int responseCode = con.getResponseCode();
+                System.out.println("\nSending 'GET' request to URL : " + url);
+                System.out.println("Response Code : " + responseCode);
+
+                BufferedReader in = new BufferedReader(
+                        new InputStreamReader(con.getInputStream()));
+                String inputLine;
+                StringBuffer response = new StringBuffer();
+
+                while ((inputLine = in.readLine()) != null) {
+                    response.append(inputLine);
+                }
+                in.close();
+
+                //print result
+                System.out.println(response.toString());
                 ModificationTracker modification = new ModificationTracker();
                 modification.setModificationDate(new Date(System.currentTimeMillis()));
                 modification.setModificationType(ModificationType.CREATE.getModificationType());
@@ -456,7 +489,7 @@ public String forgotPassword(@RequestBody ForgotPasswordDto forgotPasswordDto, H
                 if (user != null) {
                     String email = user.getEmailId();
                     String password = serviceFunctions.generatePassword();
-                    byte[] encoded = Base64.encodeBase64((email + "||" + password).getBytes());
+                    byte[] encoded = Base64.encodeBase64((email + "||" + password + "||forgot").getBytes());
                     String encrypted = new String(encoded);
                     String url = "http://192.168.200.4:8080/NMSReportingSuite/nms/mail/sendPassword/" + encrypted;
                     URL obj = new URL(url);
@@ -510,12 +543,13 @@ public String forgotPassword(@RequestBody ForgotPasswordDto forgotPasswordDto, H
 
 
 
-
-    @RequestMapping(value = {"/deleteUser/{id}"}, method = RequestMethod.GET)
+//changed delete user to post, added a token verification
+    @RequestMapping(value = {"/deleteUser"}, method = RequestMethod.POST)
     @ResponseBody
-    public Map deleteExistingUser(@PathVariable("id") Integer id) {
+    public Map deleteExistingUser(HttpServletRequest request, @RequestBody Integer id) {
         User currentUser = userService.getCurrentUser();
-        if(currentUser != null){
+        String token = "dhty" + currentUser.getUserId().toString() + "alkihkf";
+        if(currentUser != null && request.getHeader("csrfToken").equals(token)){
             Map<Integer, String> map=userService.deleteExistingUser(id);
             if(map.get(0).equals("User deleted")) {
                 ModificationTracker modification = new ModificationTracker();
diff --git a/NMSReportingSuite/src/main/webapp/WEB-INF/applicationContext.xml b/NMSReportingSuite/src/main/webapp/WEB-INF/applicationContext.xml
index 4923f463e..aaa0fa38a 100644
--- a/NMSReportingSuite/src/main/webapp/WEB-INF/applicationContext.xml
+++ b/NMSReportingSuite/src/main/webapp/WEB-INF/applicationContext.xml
@@ -135,6 +135,84 @@
         </property>
     </bean>
 
+<mvc:interceptors>
+
+<!--    Csrf Interceptor Open-->
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/admin/changePassword"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/admin/uploadFile"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/mail/sendEmailForContactUs"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/mail/sendFeedback"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/user/createUser"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/user/deleteUser"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/user/downloadAggPdf"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/user/generateAgg"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/user/getReport"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/user/resetPassword"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/user/updateContacts"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+    <mvc:interceptor>
+        <mvc:mapping path="/nms/user/updateUser"/>
+        <bean class="com.beehyv.nmsreporting.business.impl.CsrfInterceptor">
+        </bean>
+    </mvc:interceptor>
+
+<!--    Csrf Interceptor clode-->
+
+</mvc:interceptors>
     <bean id="autoReportMail" class="com.beehyv.nmsreporting.job.AutoReportEmailGeneration"/>
     <task:scheduled-tasks>
         <task:scheduled ref="autoReportMail" method="executeInternal" cron="0 0 9 1 * ?"/>
diff --git a/app/views/aboutKilkari.html b/app/htpagesmis/aboutKilkari.html
similarity index 100%
rename from app/views/aboutKilkari.html
rename to app/htpagesmis/aboutKilkari.html
diff --git a/app/views/aboutMA.html b/app/htpagesmis/aboutMA.html
similarity index 100%
rename from app/views/aboutMA.html
rename to app/htpagesmis/aboutMA.html
diff --git a/app/views/aboutUs.html b/app/htpagesmis/aboutUs.html
similarity index 100%
rename from app/views/aboutUs.html
rename to app/htpagesmis/aboutUs.html
diff --git a/app/views/bulkUser.html b/app/htpagesmis/bulkUser.html
similarity index 100%
rename from app/views/bulkUser.html
rename to app/htpagesmis/bulkUser.html
diff --git a/app/views/changePassword.html b/app/htpagesmis/changePassword.html
similarity index 100%
rename from app/views/changePassword.html
rename to app/htpagesmis/changePassword.html
diff --git a/app/views/contactUs.html b/app/htpagesmis/contactUs.html
similarity index 100%
rename from app/views/contactUs.html
rename to app/htpagesmis/contactUs.html
diff --git a/app/views/contactUsResponse.html b/app/htpagesmis/contactUsResponse.html
similarity index 100%
rename from app/views/contactUsResponse.html
rename to app/htpagesmis/contactUsResponse.html
diff --git a/app/views/copyrightPolicy.html b/app/htpagesmis/copyrightPolicy.html
similarity index 100%
rename from app/views/copyrightPolicy.html
rename to app/htpagesmis/copyrightPolicy.html
diff --git a/app/views/createUser.html b/app/htpagesmis/createUser.html
similarity index 100%
rename from app/views/createUser.html
rename to app/htpagesmis/createUser.html
diff --git a/app/views/disclaimer.html b/app/htpagesmis/disclaimer.html
similarity index 100%
rename from app/views/disclaimer.html
rename to app/htpagesmis/disclaimer.html
diff --git a/app/views/downloads.html b/app/htpagesmis/downloads.html
similarity index 100%
rename from app/views/downloads.html
rename to app/htpagesmis/downloads.html
diff --git a/app/views/editUser.html b/app/htpagesmis/editUser.html
similarity index 100%
rename from app/views/editUser.html
rename to app/htpagesmis/editUser.html
diff --git a/app/views/faq.html b/app/htpagesmis/faq.html
similarity index 100%
rename from app/views/faq.html
rename to app/htpagesmis/faq.html
diff --git a/app/views/faqAggregateInfo.html b/app/htpagesmis/faqAggregateInfo.html
similarity index 100%
rename from app/views/faqAggregateInfo.html
rename to app/htpagesmis/faqAggregateInfo.html
diff --git a/app/views/faqGeneralInfo.html b/app/htpagesmis/faqGeneralInfo.html
similarity index 100%
rename from app/views/faqGeneralInfo.html
rename to app/htpagesmis/faqGeneralInfo.html
diff --git a/app/views/faqLineListingInfo.html b/app/htpagesmis/faqLineListingInfo.html
similarity index 100%
rename from app/views/faqLineListingInfo.html
rename to app/htpagesmis/faqLineListingInfo.html
diff --git a/app/views/faqLoginInfo.html b/app/htpagesmis/faqLoginInfo.html
similarity index 100%
rename from app/views/faqLoginInfo.html
rename to app/htpagesmis/faqLoginInfo.html
diff --git a/app/views/faqReportsInfo.html b/app/htpagesmis/faqReportsInfo.html
similarity index 100%
rename from app/views/faqReportsInfo.html
rename to app/htpagesmis/faqReportsInfo.html
diff --git a/app/views/feedbackForm.html b/app/htpagesmis/feedbackForm.html
similarity index 100%
rename from app/views/feedbackForm.html
rename to app/htpagesmis/feedbackForm.html
diff --git a/app/views/feedbackResponse.html b/app/htpagesmis/feedbackResponse.html
similarity index 100%
rename from app/views/feedbackResponse.html
rename to app/htpagesmis/feedbackResponse.html
diff --git a/app/views/forgotPassword.html b/app/htpagesmis/forgotPassword.html
similarity index 100%
rename from app/views/forgotPassword.html
rename to app/htpagesmis/forgotPassword.html
diff --git a/app/views/helpPage.html b/app/htpagesmis/helpPage.html
similarity index 100%
rename from app/views/helpPage.html
rename to app/htpagesmis/helpPage.html
diff --git a/app/views/hyperLinkingPolicy.html b/app/htpagesmis/hyperLinkingPolicy.html
similarity index 100%
rename from app/views/hyperLinkingPolicy.html
rename to app/htpagesmis/hyperLinkingPolicy.html
diff --git a/app/views/login.html b/app/htpagesmis/login.html
similarity index 93%
rename from app/views/login.html
rename to app/htpagesmis/login.html
index 005061d82..cb97fd15f 100644
--- a/app/views/login.html
+++ b/app/htpagesmis/login.html
@@ -68,14 +68,15 @@
 				<!--</div>-->
 				<div class="form-group" >
 					<span class="login-texts" >Login Id</span>
-					<input type="text" class="form-control input input-sm login-inputs" data-ng-model="user.username" name="username" placeholder="Username"  autocomplete="new-password" >
+					<input type="text" class="form-control input input-sm login-inputs" data-ng-model="user.username" name="username" placeholder="Username">
 
 				</div>
+<!--	changes for disbaling autocomplete for login-->
 				<div class="form-group" >
 					<span class="login-texts">Password</span>
-					<input name="password0" type="password"  value="Dummy" style="display: none" />
-					<input type="password" class="form-control password-input input input-sm login-inputs" id="divID" data-ng-model="user.password"  name="password" placeholder="Password"	 autocomplete="new-password" value="Dummy">
-					<input name="password1" type="password"  value="Dbmnmummy" style="display: none" />
+<!--					<input name="password0" type="password"  value="Dummy" style="display: none" />-->
+					<input type="password" class="form-control text-input input input-sm login-inputs" id="divID" data-ng-model="user.password"  name="password" placeholder="Password" value="Dummy">
+<!--					<input name="password1" type="password"  value="Dbmnmummy" style="display: none" />-->
 						   <!--onfocus="angular.element( document.querySelector( '#divID' )).removeAttr('readonly');"-->
 						   <!--onblur="angular.element( document.querySelector( '#divID' )).attr('readonly',true);">-->
 
diff --git a/app/views/pagination.html b/app/htpagesmis/pagination.html
similarity index 100%
rename from app/views/pagination.html
rename to app/htpagesmis/pagination.html
diff --git a/app/views/privacyPolicy.html b/app/htpagesmis/privacyPolicy.html
similarity index 100%
rename from app/views/privacyPolicy.html
rename to app/htpagesmis/privacyPolicy.html
diff --git a/app/views/profile.html b/app/htpagesmis/profile.html
similarity index 100%
rename from app/views/profile.html
rename to app/htpagesmis/profile.html
diff --git a/app/views/reports.html b/app/htpagesmis/reports.html
similarity index 100%
rename from app/views/reports.html
rename to app/htpagesmis/reports.html
diff --git a/app/views/sitemap.html b/app/htpagesmis/sitemap.html
similarity index 100%
rename from app/views/sitemap.html
rename to app/htpagesmis/sitemap.html
diff --git a/app/views/tAndC.html b/app/htpagesmis/tAndC.html
similarity index 100%
rename from app/views/tAndC.html
rename to app/htpagesmis/tAndC.html
diff --git a/app/views/userManagement.html b/app/htpagesmis/userManagement.html
similarity index 100%
rename from app/views/userManagement.html
rename to app/htpagesmis/userManagement.html
diff --git a/app/views/userManual.html b/app/htpagesmis/userManual.html
similarity index 100%
rename from app/views/userManual.html
rename to app/htpagesmis/userManual.html
diff --git a/app/views/userManual_Management.html b/app/htpagesmis/userManual_Management.html
similarity index 100%
rename from app/views/userManual_Management.html
rename to app/htpagesmis/userManual_Management.html
diff --git a/app/views/userManual_Profile.html b/app/htpagesmis/userManual_Profile.html
similarity index 100%
rename from app/views/userManual_Profile.html
rename to app/htpagesmis/userManual_Profile.html
diff --git a/app/views/userManual_kilkari.html b/app/htpagesmis/userManual_kilkari.html
similarity index 100%
rename from app/views/userManual_kilkari.html
rename to app/htpagesmis/userManual_kilkari.html
diff --git a/app/views/userManual_kilkariAgg.html b/app/htpagesmis/userManual_kilkariAgg.html
similarity index 100%
rename from app/views/userManual_kilkariAgg.html
rename to app/htpagesmis/userManual_kilkariAgg.html
diff --git a/app/views/userManual_mobileAcademy.html b/app/htpagesmis/userManual_mobileAcademy.html
similarity index 100%
rename from app/views/userManual_mobileAcademy.html
rename to app/htpagesmis/userManual_mobileAcademy.html
diff --git a/app/views/userManual_mobileAcademyAgg.html b/app/htpagesmis/userManual_mobileAcademyAgg.html
similarity index 100%
rename from app/views/userManual_mobileAcademyAgg.html
rename to app/htpagesmis/userManual_mobileAcademyAgg.html
diff --git a/app/views/userManual_websiteInformation.html b/app/htpagesmis/userManual_websiteInformation.html
similarity index 100%
rename from app/views/userManual_websiteInformation.html
rename to app/htpagesmis/userManual_websiteInformation.html
diff --git a/app/views/userTable.html b/app/htpagesmis/userTable.html
similarity index 100%
rename from app/views/userTable.html
rename to app/htpagesmis/userTable.html
diff --git a/app/scripts/app.js b/app/scripts/app.js
index b4d6b7f68..4a031fbbf 100644
--- a/app/scripts/app.js
+++ b/app/scripts/app.js
@@ -1,3 +1,4 @@
+
 var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap', 'ui.validate', 'ngMessages', 'ui.router', 'ui.grid', 'ngMaterial', 'ngFileUpload', 'ng.deviceDetector', 'ui.grid.exporter', 'ngStorage', 'ngAnimate', '$idle', 'mdo-angular-cryptography'])
     .run(['$rootScope', '$state', '$stateParams', '$idle', '$http', '$window', function($rootScope, $state, $stateParams, $idle, $http, $window) {
         $rootScope.$state = $state;
@@ -26,12 +27,31 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
                             if(!result.data){
                                 $state.go('login', {});
                             }
+                            else {
+                                $http.post(backend_root + 'nms/user/currentUser')
+                                    .then(function(result){
+                                        if(result.data.default){
+                                            $state.go('changePassword', {});
+                                        }
+                                    });
+                            }
                         });
                 }
             };
         }
     ])
 
+    .factory('httpRequestInterceptor',
+        function () {
+            return {
+                request: function (config) {
+                    config.headers['SameSite'] = 'Lax';
+                    return config;
+                }
+            };
+        }
+    )
+
     .factory('authorizationRole', ['$http', '$state',
         function($http, $state) {
             return {
@@ -62,15 +82,17 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
         $stateProvider.state('userManagement', {
             url: '/userManagement',
             abstract: true,
-            templateUrl: 'views/userManagement.html',
+            templateUrl: 'htpagesmis/userManagement.html',
             resolve : {
-                user : function (authorizationRole) {
-                    return authorizationRole.authorize();
+                user : function (authorizationRole,authorization){
+                    if(authorization.authorize()){
+                        return authorizationRole.authorize();
+                    }
                 }
             }
         }).state('userManagement.bulkUpload', {
             url: '/bulkUpload',
-            templateUrl: 'views/bulkUser.html',
+            templateUrl: 'htpagesmis/bulkUser.html',
             resolve : {
                 user : function (authorizationRole) {
                     return authorizationRole.authorize();
@@ -78,7 +100,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManagement.createUser', {
             url: '/create',
-            templateUrl: 'views/createUser.html',
+            templateUrl: 'htpagesmis/createUser.html',
             resolve : {
                 user : function ( authorizationRole) {
                     return authorizationRole.authorize();
@@ -86,7 +108,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManagement.userTable', {
             url: '/:pageNum',
-            templateUrl: 'views/userTable.html',
+            templateUrl: 'htpagesmis/userTable.html',
             reloadOnSearch: false,
             resolve : {
                 user : function ( authorizationRole) {
@@ -98,7 +120,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManagement.editUser', {
             url: '/:pageNum/edit/:id',
-            templateUrl: 'views/editUser.html',
+            templateUrl: 'htpagesmis/editUser.html',
             resolve : {
                 user : function ( authorizationRole) {
                     return authorizationRole.authorize();
@@ -106,13 +128,13 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('login', {
             url: '/login',
-            templateUrl: 'views/login.html'
+            templateUrl: 'htpagesmis/login.html'
         }).state('logout', {
             url: '/logout',
-            templateUrl: 'views/login.html'
+            templateUrl: 'htpagesmis/login.html'
         }).state('reports', {
             url: '/reports',
-            templateUrl: 'views/reports.html',
+            templateUrl: 'htpagesmis/reports.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -120,7 +142,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('profile', {
             url: '/profile',
-            templateUrl: 'views/profile.html',
+            templateUrl: 'htpagesmis/profile.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -128,10 +150,10 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('forgotPassword', {
             url: '/forgotPassword',
-            templateUrl: 'views/forgotPassword.html'
+            templateUrl: 'htpagesmis/forgotPassword.html'
         }).state('feedbackForm', {
             url: '/feedbackForm',
-            templateUrl: 'views/feedbackForm.html',
+            templateUrl: 'htpagesmis/feedbackForm.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -139,7 +161,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('feedbackResponse', {
             url: '/feedbackResponse',
-            templateUrl: 'views/feedbackResponse.html',
+            templateUrl: 'htpagesmis/feedbackResponse.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -147,11 +169,11 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('contactUs', {
             url: '/contactUs',
-            templateUrl: 'views/contactUs.html'
+            templateUrl: 'htpagesmis/contactUs.html'
 
         }).state('contactUsResponse', {
             url: '/contactUsResponse',
-            templateUrl: 'views/contactUsResponse.html',
+            templateUrl: 'htpagesmis/contactUsResponse.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -159,11 +181,11 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('sitemap', {
             url: '/sitemap',
-            templateUrl: 'views/sitemap.html'
+            templateUrl: 'htpagesmis/sitemap.html'
 
         }).state('AboutKilkari', {
             url: '/kilkari',
-            templateUrl: 'views/aboutKilkari.html',
+            templateUrl: 'htpagesmis/aboutKilkari.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -171,7 +193,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('AboutMA', {
             url: '/aboutMA',
-            templateUrl: 'views/aboutMA.html',
+            templateUrl: 'htpagesmis/aboutMA.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -179,27 +201,27 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('PrivacyPolicy', {
             url: '/privacyPolicy',
-            templateUrl: 'views/privacyPolicy.html'
+            templateUrl: 'htpagesmis/privacyPolicy.html'
 
         }).state('CopyrightPolicy', {
             url: '/copyrightPolicy',
-            templateUrl: 'views/copyrightPolicy.html'
+            templateUrl: 'htpagesmis/copyrightPolicy.html'
 
         }).state('TandC', {
             url: '/termsAndConditions',
-            templateUrl: 'views/tAndC.html'
+            templateUrl: 'htpagesmis/tAndC.html'
 
         }).state('HLPolicy', {
             url: '/hyperLinkingPolicy',
-            templateUrl: 'views/hyperLinkingPolicy.html'
+            templateUrl: 'htpagesmis/hyperLinkingPolicy.html'
 
         }).state('Disclaimer', {
             url: '/disclaimer',
-            templateUrl: 'views/disclaimer.html'
+            templateUrl: 'htpagesmis/disclaimer.html'
 
         }).state('Help', {
             url: '/help',
-            templateUrl: 'views/helpPage.html',
+            templateUrl: 'htpagesmis/helpPage.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -207,7 +229,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('changePassword', {
             url: '/changePassword',
-            templateUrl: 'views/changePassword.html',
+            templateUrl: 'htpagesmis/changePassword.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -215,7 +237,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManual', {
             url: '/userManual',
-            templateUrl: 'views/userManual.html',
+            templateUrl: 'htpagesmis/userManual.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -223,7 +245,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManual.kilkari', {
             url: '/kilkari',
-            templateUrl: 'views/userManual_kilkari.html',
+            templateUrl: 'htpagesmis/userManual_kilkari.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -231,7 +253,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManual.kilkariAggregate', {
             url: '/kilkariAggregate',
-            templateUrl: 'views/userManual_kilkariAgg.html',
+            templateUrl: 'htpagesmis/userManual_kilkariAgg.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -239,7 +261,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManual.websiteInformation', {
             url: '/WebsiteInformation',
-            templateUrl: 'views/userManual_websiteInformation.html',
+            templateUrl: 'htpagesmis/userManual_websiteInformation.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -247,7 +269,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManual.mobileAcademy', {
             url: '/mobileAcademy',
-            templateUrl: 'views/userManual_mobileAcademy.html',
+            templateUrl: 'htpagesmis/userManual_mobileAcademy.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -255,7 +277,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManual.mobileAcademyAggregate', {
             url: '/mobileAcademyAggregate',
-            templateUrl: 'views/userManual_mobileAcademyAgg.html',
+            templateUrl: 'htpagesmis/userManual_mobileAcademyAgg.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -263,7 +285,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManual.userManual_Management', {
             url: '/userManual_Management',
-            templateUrl: 'views/userManual_Management.html',
+            templateUrl: 'htpagesmis/userManual_Management.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -271,7 +293,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('userManual.userManual_Profile', {
             url: '/userManual_Profile',
-            templateUrl: 'views/userManual_Profile.html',
+            templateUrl: 'htpagesmis/userManual_Profile.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -279,7 +301,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('faq', {
             url: '/faq',
-            templateUrl: 'views/faq.html',
+            templateUrl: 'htpagesmis/faq.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -287,7 +309,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('faq.faqGeneralInfo', {
             url: '/general-info',
-            templateUrl: 'views/faqGeneralInfo.html',
+            templateUrl: 'htpagesmis/faqGeneralInfo.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -295,7 +317,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('faq.faqLoginInfo', {
             url: '/login-info',
-            templateUrl: 'views/faqLoginInfo.html',
+            templateUrl: 'htpagesmis/faqLoginInfo.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -303,7 +325,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('faq.faqReportsInfo', {
             url: '/reports-info',
-            templateUrl: 'views/faqReportsInfo.html',
+            templateUrl: 'htpagesmis/faqReportsInfo.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -311,7 +333,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('faq.faqLineListingInfo', {
             url: '/line-listing-info',
-            templateUrl: 'views/faqLineListingInfo.html',
+            templateUrl: 'htpagesmis/faqLineListingInfo.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -319,7 +341,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('faq.faqAggregateInfo', {
             url: '/aggregate-info',
-            templateUrl: 'views/faqAggregateInfo.html',
+            templateUrl: 'htpagesmis/faqAggregateInfo.html',
             resolve : {
                 user : function ( authorization) {
                     return authorization.authorize();
@@ -327,7 +349,7 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
             }
         }).state('Downloads', {
             url: '/Downloads',
-            templateUrl: 'views/downloads.html'
+            templateUrl: 'htpagesmis/downloads.html'
         });
         $urlRouterProvider.otherwise('/login');
         $httpProvider.defaults.headers.common = {};
@@ -350,6 +372,11 @@ var nmsReportsApp = angular.module('nmsReports', ['vcRecaptcha','ui.bootstrap',
         $idleProvider.interrupt('keydown mousedown touchstart touchmove');
         $idleProvider.setIdleTime(1800);
     }])
+
+    .config(function ($httpProvider) {
+        $httpProvider.interceptors.push('httpRequestInterceptor');
+    })
+
     .config(['$cryptoProvider', function($cryptoProvider) {
         $cryptoProvider.setCryptographyKey('ABCD123');
     }]);
\ No newline at end of file
diff --git a/app/scripts/controllers/bulkUser.js b/app/scripts/controllers/bulkUser.js
index ad7f79f4a..c62e13efe 100644
--- a/app/scripts/controllers/bulkUser.js
+++ b/app/scripts/controllers/bulkUser.js
@@ -37,9 +37,10 @@
 	//We can send anything in name parameter,
 //it is hard coded to abc as it is irrelavant in this case.
 				var uploadUrl = backend_root + "nms/admin/uploadFile";
+				var token = 'dhty'+UserFormFactory.getCurrentUser().userId+'alkihkf';
 				$http.post(uploadUrl, fd, {
 					transformRequest: angular.identity,
-					headers: {'Content-Type': undefined}
+					headers: {'Content-Type': undefined, 'csrfToken': token}
 				})
 				.then(function(result){
 					$scope.listErrors(result.data)
diff --git a/app/scripts/controllers/changePassword.js b/app/scripts/controllers/changePassword.js
index f2f0e4f8f..9f4391972 100644
--- a/app/scripts/controllers/changePassword.js
+++ b/app/scripts/controllers/changePassword.js
@@ -43,11 +43,12 @@
                     //"cipherTextHexOld": encryptedOld.ciphertext.toString(),
                     //"saltHexOld":newPassword encryptedOld.salt.toString()
                     };
+                    var token = 'dhty'+UserFormFactory.getCurrentUser().userId+'alkihkf';
                     $http({
                         method: 'POST',
                         url: backend_root + 'nms/user/resetPassword',
                         data: JSON.stringify(data),
-                        headers: {'Content-Type': 'application/json'}
+                        headers: {'Content-Type': 'application/json', 'csrfToken': token}
                     }).then(function(result){
 //                    $http({
 //                        method  : 'POST',
diff --git a/app/scripts/controllers/contactUs.js b/app/scripts/controllers/contactUs.js
index de1e99fa3..04bc4b2e0 100644
--- a/app/scripts/controllers/contactUs.js
+++ b/app/scripts/controllers/contactUs.js
@@ -202,11 +202,13 @@
                         "subject" : $scope.email.subject,
                         "phoneNo" : $scope.email.phoneNo
                     };
+                    var token = 'dhty'+UserFormFactory.getCurrentUser().userId+'alkihkf';
+
                     $http({
                         method  : 'POST',
                         url     : backend_root + 'nms/mail/sendEmailForContactUs',
                         data    : JSON.stringify(data), //forms user object
-                        headers : {'Content-Type': 'application/json'}
+                        headers : {'Content-Type': 'application/json', 'csrfToken': token}
                     }).then(function(){
                         if(UserFormFactory.isInternetExplorer()){
                             alert('Contact-us form submitted successfully')
diff --git a/app/scripts/controllers/createUser.js b/app/scripts/controllers/createUser.js
index a27880614..fc63d2ee7 100644
--- a/app/scripts/controllers/createUser.js
+++ b/app/scripts/controllers/createUser.js
@@ -106,11 +106,12 @@
 			$scope.createUserSubmit = function() {
 				if ($scope.createUserForm.$valid) {
 					delete $scope.newUser.$$hashKey;
+					var token = 'dhty'+UserFormFactory.getCurrentUser().userId+'alkihkf';
 					$http({
 						method  : 'post',
 						url     : backend_root + 'nms/user/createUser',
 						data    : $scope.newUser, //forms user object
-						headers : {'Content-Type': 'application/json'} 
+						headers : {'Content-Type': 'application/json', 'csrfToken': token}
 					}).then(function(result){
 					    if(UserFormFactory.isInternetExplorer()){
                             alert(result.data['0'])
diff --git a/app/scripts/controllers/editUser.js b/app/scripts/controllers/editUser.js
index 50c04463f..5b8b8147e 100644
--- a/app/scripts/controllers/editUser.js
+++ b/app/scripts/controllers/editUser.js
@@ -12,10 +12,16 @@
 			UserFormFactory.downloadCurrentUser().then(function(result){
 				UserFormFactory.setCurrentUser(result.data);
 				UserFormFactory.getUser($stateParams.id).then(function(result) {
+					//added null check, redirecting to usermangement table if null
+					if(result.data)
 					$scope.editUser = result.data;
+					else {
+						alert("Not authorized");
+						$state.go('userManagement.userTable', {});
+					}
 				});
 			});
-
+			var token = 'dhty'+UserFormFactory.getCurrentUser().userId+'alkihkf';
 			$scope.editUser = {};
 			$scope.place = {};
 			$scope.accessLevelList = ["NATIONAL", "STATE", "DISTRICT", "BLOCK"];
@@ -138,7 +144,7 @@
 						method  : 'POST',
 						url     : backend_root + 'nms/user/updateUser',
 						data    : $scope.editUser, //forms user object
-						headers : {'Content-Type': 'application/json'} 
+						headers : {'Content-Type': 'application/json', 'csrfToken': token}
 					}).then(function(result){
                         if (UserFormFactory.isInternetExplorer()) {
                             alert(result.data['0']);
@@ -171,7 +177,7 @@
                     method  : 'POST',
                     url     : backend_root + 'nms/admin/changePassword',
                     data    : password, //forms user object
-                    headers : {'Content-Type': 'application/json'}
+                    headers : {'Content-Type': 'application/json', 'csrfToken': token}
                 }).then(function(result){
                     if(UserFormFactory.isInternetExplorer()){
                         alert(result.data['0']);
@@ -187,9 +193,14 @@
                 })
 
             };
-
+	//changed delete user to post, added a token for verification
             $scope.deactivateUserSubmit = function() {
-                UserFormFactory.deactivateUser($scope.editUser.userId)
+				$http({
+					method  : 'POST',
+					url     : backend_root + 'nms/user/deleteUser',
+					data    : $scope.editUser.userId,
+					headers : {'Content-Type': 'application/json', 'csrfToken': token}
+				})
                 .then(function(result){
                     if (UserFormFactory.isInternetExplorer()) {
                         alert(result.data['0']);
diff --git a/app/scripts/controllers/feedbackForm.js b/app/scripts/controllers/feedbackForm.js
index 5ac80b636..6944a8e4b 100644
--- a/app/scripts/controllers/feedbackForm.js
+++ b/app/scripts/controllers/feedbackForm.js
@@ -194,11 +194,12 @@ UserFormFactory.downloadCurrentUser()
                         "body" : $scope.email.body,
                         "phoneNo" : $scope.email.phoneNo
                     };
+                    var token = 'dhty'+UserFormFactory.getCurrentUser().userId+'alkihkf';
                     $http({
                         method  : 'POST',
                         url     : backend_root + 'nms/mail/sendFeedback',
                         data    : JSON.stringify(data), //forms user object
-                        headers : {'Content-Type': 'application/json'}
+                        headers : {'Content-Type': 'application/json', 'csrfToken': token}
                     }).then(function(){
                         if(UserFormFactory.isInternetExplorer()){
                             alert('feedback form submitted successfully')
diff --git a/app/scripts/controllers/profile.js b/app/scripts/controllers/profile.js
index 6d270028b..aa36cd404 100644
--- a/app/scripts/controllers/profile.js
+++ b/app/scripts/controllers/profile.js
@@ -8,7 +8,7 @@
 					$state.go('login', {});
 				}
 			})
-
+			var token = 'dhty'+UserFormFactory.getCurrentUser().userId+'alkihkf';
 			$http.get(backend_root + 'nms/user/profile')
 			.then(function(result){
 				$scope.user = result.data;
@@ -51,7 +51,7 @@
 						method  : 'POST',
 						url     : backend_root + 'nms/user/updateContacts',
 						data    : $scope.contact, //forms user object
-						headers : {'Content-Type': 'application/json'} 
+						headers : {'Content-Type': 'application/json', 'csrfToken': token}
 					}).then(function(result){
                         if(UserFormFactory.isInternetExplorer()){
                             alert(result.data['0'])
@@ -89,7 +89,7 @@
 						method  : 'POST',
 						url     : backend_root + 'nms/user/resetPassword',
 						data    : $scope.password, //forms user object
-						headers : {'Content-Type': 'application/json'} 
+						headers : {'Content-Type': 'application/json', 'csrfToken': token}
 					}).then(function(result){
 						if(UserFormFactory.isInternetExplorer()){
                             alert(result.data['0'])
diff --git a/app/scripts/controllers/reports.js b/app/scripts/controllers/reports.js
index 2bce7feeb..09aae9a14 100644
--- a/app/scripts/controllers/reports.js
+++ b/app/scripts/controllers/reports.js
@@ -40,7 +40,7 @@
 					})
 				}
 			})
-
+            var token = 'dhty'+UserFormFactory.getCurrentUser().userId+'alkihkf';
 			var reportRequest = {};
 			var ExcelData = {};
             $scope.sundays = [];
@@ -1245,7 +1245,7 @@
 					method  : 'POST',
 					url     : $scope.getReportUrl,
 					data    : reportRequest, //forms user object
-					headers : {'Content-Type': 'application/json'}
+					headers : {'Content-Type': 'application/json' , 'csrfToken': token}
 				})
 				.then(function(result){
 
@@ -1881,7 +1881,7 @@
                                     url     : backend_root + 'nms/user/generateAgg',
                                     data    : ExcelData, //forms user object
                                     //responseType: 'arraybuffer',
-                                    headers : {'Content-Type': 'application/json '}
+                                    headers : {'Content-Type': 'application/json ' , 'csrfToken': token}
                                 }).then(function(response){
                                     if(response.data =="success"){
                                     var fileName = $scope.gridApi.grid.options.exporterExcelFilename ? $scope.gridApi.grid.options.exporterExcelFilename : 'dokuman';
@@ -2121,7 +2121,7 @@
                     url     : backend_root + 'nms/user/downloadAggPdf',
                     data    : ExcelData, //forms user object
 //                                    responseType: 'arraybuffer',
-                    headers : {'Content-Type': 'application/json '}
+                    headers : {'Content-Type': 'application/json ' , 'csrfToken': token}
                 }).then(function(response){
 
                         if(response.data=="success"){
@@ -2544,7 +2544,7 @@
                             method  : 'POST',
                             url     : $scope.getReportUrl,
                             data    : reportRequest, //forms user object
-                            headers : {'Content-Type': 'application/json'}
+                            headers : {'Content-Type': 'application/json' , 'csrfToken': token}
                         })
                         .then(function(result){
 
@@ -2588,7 +2588,7 @@
                                method  : 'POST',
                                url     : $scope.getReportUrl,
                                data    : reportRequest, //forms user object
-                               headers : {'Content-Type': 'application/json'}
+                               headers : {'Content-Type': 'application/json' , 'csrfToken': token}
                            })
                            .then(function(result){
 
@@ -2631,7 +2631,7 @@
                              method  : 'POST',
                              url     : $scope.getReportUrl,
                              data    : reportRequest, //forms user object
-                             headers : {'Content-Type': 'application/json'}
+                             headers : {'Content-Type': 'application/json', 'csrfToken': token}
                          })
                          .then(function(result){
 
@@ -2672,7 +2672,7 @@
                             method  : 'POST',
                             url     : $scope.getReportUrl,
                             data    : reportRequest, //forms user object
-                            headers : {'Content-Type': 'application/json'}
+                            headers : {'Content-Type': 'application/json', 'csrfToken': token}
                         })
                         .then(function(result){
 
diff --git a/app/scripts/directives/bulkUser.js b/app/scripts/directives/bulkUser.js
index 1a4b39063..af9c81608 100644
--- a/app/scripts/directives/bulkUser.js
+++ b/app/scripts/directives/bulkUser.js
@@ -4,7 +4,7 @@
 		.directive('bulkUser', function() {
 			return {
 				restrict: 'AC',
-				templateUrl: '../views/bulkUser.html',
+				templateUrl: '../htpagesmis/bulkUser.html',
 
 			};
 		})
diff --git a/app/scripts/directives/contactUs.js b/app/scripts/directives/contactUs.js
index d5a071fdf..1aa63d015 100644
--- a/app/scripts/directives/contactUs.js
+++ b/app/scripts/directives/contactUs.js
@@ -4,7 +4,7 @@
 		.directive('contactUs', function() {
 			return {
 				restrict: 'AC',
-				templateUrl: '../views/contactUs.html',
+				templateUrl: '../htpagesmis/contactUs.html',
 			};
 		})
 
diff --git a/app/scripts/directives/createUser.js b/app/scripts/directives/createUser.js
index 0565d750e..2b8ee9be1 100644
--- a/app/scripts/directives/createUser.js
+++ b/app/scripts/directives/createUser.js
@@ -5,7 +5,7 @@
 			return {
 			    require: 'ngMessages',
 				restrict: 'AC',
-				templateUrl: '../views/createUser.html',
+				templateUrl: '../htpagesmis/createUser.html',
 				scope:{
 					'newUser':'='
 				}
diff --git a/app/scripts/directives/editUser.js b/app/scripts/directives/editUser.js
index 84e0102d7..78b855eba 100644
--- a/app/scripts/directives/editUser.js
+++ b/app/scripts/directives/editUser.js
@@ -4,7 +4,7 @@
 		.directive('editUser', function() {
 			return {
 				restrict: 'AC',
-				templateUrl: '../views/editUser.html',
+				templateUrl: '../htpagesmis/editUser.html',
 				scope:{
 					'user':'='
 				}
diff --git a/app/scripts/directives/pagination.js b/app/scripts/directives/pagination.js
index 2233a4514..43ee0fd7b 100644
--- a/app/scripts/directives/pagination.js
+++ b/app/scripts/directives/pagination.js
@@ -7,7 +7,7 @@
                 itemsPerPage: '=',
                 currentPage: '='
             },
-            templateUrl: 'views/pagination.html'
+            templateUrl: 'htpagesmis/pagination.html'
         };
     });
 })()
\ No newline at end of file
diff --git a/app/scripts/directives/reports.js b/app/scripts/directives/reports.js
index ace42a54a..a7606d20a 100644
--- a/app/scripts/directives/reports.js
+++ b/app/scripts/directives/reports.js
@@ -4,7 +4,7 @@
 		.directive('reports', function() {
 			return {
 				restrict: 'AC',
-				templateUrl: '../views/reports.html',
+				templateUrl: '../htpagesmis/reports.html',
 			};
 		})
 		
diff --git a/app/scripts/directives/userManagement.js b/app/scripts/directives/userManagement.js
index abae52617..0f9ddbabf 100644
--- a/app/scripts/directives/userManagement.js
+++ b/app/scripts/directives/userManagement.js
@@ -4,7 +4,7 @@
 		.directive('userManagement', function() {
 			return {
 				restrict: 'AC',
-				templateUrl: '../views/userManagement.html',
+				templateUrl: '../htpagesmis/userManagement.html',
 			};
 		})
 		
diff --git a/app/scripts/directives/userTable.js b/app/scripts/directives/userTable.js
index 67c5e5cbb..6e019f804 100644
--- a/app/scripts/directives/userTable.js
+++ b/app/scripts/directives/userTable.js
@@ -4,7 +4,7 @@
 		.directive('userTable', function() {
 	        return {
 	            restrict: 'EAC',
-	            templateUrl: '../views/userTable.html',
+	            templateUrl: '../htpagesmis/userTable.html',
 
 	        };
 	    })