private void OnLogin(WebComponent source, WebSubmission values)
{
string username = values.PostData["username"][0];
string password = values.PostData["password"][0];
bool auth_valid = false;
if (!this.AuthRequired)
{
return;
}
using (LdapConnection ldc = new LdapConnection(this.AuthDomainController)) {
try {
NetworkCredential cred = new NetworkCredential(username, password, this.AuthDomain);
ldc.Credential = cred;
ldc.Bind();
auth_valid = true;
} catch (LdapException ex) {
Trace.TraceError(ex.ServerErrorMessage);
Trace.TraceError(ex.Message);
auth_valid = false;
}
}
if (!auth_valid)
{
throw new WebHTTPException(WebHTTPResponseCode.WEB_HTTP_401_BAD_AUTH, values.RawUrl);
}
else
{
string auth_token = Guid.NewGuid().ToString();
values.SetCookieOut("auth_token", auth_token);
this._auth_pairs.Add(new Tuple <string, string>(values.ClientHostname, auth_token));
throw new WebRedirectException("/");
}
}
public override string Render(WebSubmission values)
{
StringBuilder outstr = new StringBuilder();
string xsrf_token = Guid.NewGuid().ToString();
outstr.Append(String.Format("{0}", base.RenderOpenTag()));
outstr.Append(RenderPair("method", "post"));
outstr.Append(RenderPair("action", this.Action));
outstr.Append(">");
// Free XSRF protection.
outstr.Append(String.Format("<input type=\"hidden\" name=\"proc_xsrf_{0}\" value=\"{1}\" />", this.ID, xsrf_token));
values.SetCookieOut(String.Format("proc_xsrf_{0}", this.ID), xsrf_token);
foreach (WebComponent child in this._children)
{
outstr.Append(child.Render(values));
}
if (null != this._tagname)
{
outstr.Append(String.Format("</{0}>", this._tagname));
}
return(outstr.ToString());
}
