public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var sessionCookie = filterContext.HttpContext.Request.Cookies["SESSION_ID"];
if (sessionCookie != null)
{
var accountService = new AccountService();
var sessionId = new Guid(sessionCookie.Value);
if (accountService.ValidateSession(sessionId))
{
return;
}
}
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary { { "controller", "Account" }, { "action", "Login" } });
}
public ActionResult Login(Account account)
{
var sessionID = Guid.NewGuid();
var sessionExpiresAt = DateTime.Now.AddHours(5);
account.sessionID = sessionID;
account.sessionExpiresAt = sessionExpiresAt;
var accountService = new AccountService();
if (accountService.Login(account))
{
var sessionCookie = new HttpCookie("SESSION_ID")
{
Value = sessionID.ToString(),
Expires = sessionExpiresAt
};
Response.Cookies.Add(sessionCookie);
var redirectURI = Url.Action("Index");
return Json(new { redirect = redirectURI });
}
return new HttpStatusCodeResult((int)HttpStatusCode.InternalServerError);
}