protected void LoginButton_Click(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection();
//string hh = "select *from tbuser where uname='" + Login1.UserName + "' and upass='******'";
con.ConnectionString = ConfigurationManager.ConnectionStrings["forest_depoConnectionString"].ConnectionString;
con.Open();
SqlCommand cmd = new SqlCommand();
cmd.CommandText = "user_log";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Connection = con;
cmd.Parameters.Add("@un", SqlDbType.VarChar, 50).Value = LoginUser.UserName.ToString();
cmd.Parameters.Add("@up", SqlDbType.VarChar, 50).Value = LoginUser.Password.ToString();
SqlDataReader dr = cmd.ExecuteReader();
dr.Read();
if (dr.HasRows)
{
FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(1, LoginUser.UserName, DateTime.Now, DateTime.Now.AddHours(2), false, dr[3].ToString(), FormsAuthentication.FormsCookiePath);
string st1;
st1 = FormsAuthentication.Encrypt(tkt);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, st1);
Response.Cookies.Add(ck);
string role = dr[3].ToString();
//if (dr[3].ToString() == "admin".ToString())
//{
// //Response.Redirect("focus1/admin/");
Session["start_a"] = "start";
if (dr["role"].ToString() == "admin")
{
Response.Redirect("../admin/speces_size_type.aspx");
}
if (dr["role"].ToString() == "admin2")
{
Response.Redirect("../admin2/auc_cal.aspx");
}
if (dr["role"].ToString() == "admin3")
{
Response.Redirect("../admin3/gate_pass.aspx");
}
if (dr["role"].ToString() == "admin4")
{
Response.Redirect("../admin4/");
}
}
// else
// {
// Session["start_u"] = "start";
// // Response.Redirect("focus1/user/");
// Response.Redirect("user/");
// }
//}
else
{
//LoginUser.FailureText= "Wrong UserName or Password";
Response.Redirect("error.aspx");
}
}
public void RaiseCallbackEvent(string eventArgument)
{
//匿名用户登录
if (String.IsNullOrEmpty(eventArgument)) {
FormsAuthentication.SetAuthCookie("Anonymous", true);
callBackResult = FormsAuthentication.DefaultUrl;
WriteLoginLog("Anonymous");
return;
}
String[] arguments = eventArgument.Split(',');
String userAccount = arguments[0];
String password = FormsAuthentication.HashPasswordForStoringInConfigFile(arguments[1], "MD5");
using (SysUserBusiness user = new SysUserBusiness()) {
bool passed = user.Authentication(userAccount, password);
if (passed) {
FormsAuthentication.SetAuthCookie(userAccount, true);
HttpCookie authCookie = FormsAuthentication.GetAuthCookie(userAccount, true);
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);
FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration, ticket.IsPersistent, "");
authCookie.Value = FormsAuthentication.Encrypt(newTicket);
Response.Cookies.Add(authCookie);
callBackResult = FormsAuthentication.DefaultUrl;
WriteLoginLog(userAccount);
}
}
}
protected void btnValidar_Click(object sender, EventArgs e)
{
ClaseValidacion c = new ClaseValidacion();
if (c.validarUser(this.txtusuario.Text, this.txtpassword.Text))
{
//CREAMOS EL TICKET
FormsAuthenticationTicket ticket =
new FormsAuthenticationTicket(1,
this.txtusuario.Text
, DateTime.Now
, DateTime.Now.AddMinutes(30)
, true
, c.role);
//ENCRIPTAR LOS DATOS DEL TICKET
String informacion = FormsAuthentication.Encrypt(ticket);
//CREAR LA COOKIE
HttpCookie cookie =
new HttpCookie(FormsAuthentication.FormsCookieName
, informacion);
//ALMACENAR LA COOKIE
Response.Cookies.Add(cookie);
//RECUPERAR LA PAGINA DE DESTINO
String destino =
FormsAuthentication.GetRedirectUrl(this.txtusuario.Text
, true);
//REDIRECCIONAMOS AL DESTINO
Response.Redirect(destino);
}
else
{
this.lblmensaje.Text = "Usuario/Password incorrectos.";
}
}
private void cmdLogin_ServerClick(object sender, System.EventArgs e)
{
if (ValidateUser(txtUserName.Value, txtUserPass.Value))
{
FormsAuthenticationTicket tkt;
string cookiestr;
HttpCookie ck;
tkt = new FormsAuthenticationTicket(1, txtUserName.Value, DateTime.Now, DateTime.Now.AddMinutes(30), chkPersistCookie.Checked, "your custom data");
cookiestr = FormsAuthentication.Encrypt(tkt);
ck = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr);
if (chkPersistCookie.Checked)
ck.Expires = tkt.Expiration;
ck.Path = FormsAuthentication.FormsCookiePath;
Response.Cookies.Add(ck);
string strRedirect;
strRedirect = Request["ReturnUrl"];
if (strRedirect == null)
strRedirect = "default.aspx";
Response.Redirect(strRedirect, false);
}
else
{
Response.Redirect("logon.aspx", false);
}
}
private static void SignIn(string loginName, object userData)
{
var jser = new JavaScriptSerializer();
var data = jser.Serialize(userData);
//创建一个FormsAuthenticationTicket,它包含登录名以及额外的用户数据。
var ticket = new FormsAuthenticationTicket(2,
loginName, DateTime.Now, DateTime.Now.AddDays(1), true, data);
//加密Ticket,变成一个加密的字符串。
var cookieValue = FormsAuthentication.Encrypt(ticket);
//根据加密结果创建登录Cookie
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieValue)
{
HttpOnly = true,
Secure = FormsAuthentication.RequireSSL,
Domain = FormsAuthentication.CookieDomain,
Path = FormsAuthentication.FormsCookiePath
};
//在配置文件里读取Cookie保存的时间
double expireHours = Convert.ToDouble(ConfigurationManager.AppSettings["loginExpireHours"]);
if (expireHours > 0)
cookie.Expires = DateTime.Now.AddHours(expireHours);
var context = System.Web.HttpContext.Current;
if (context == null)
throw new InvalidOperationException();
//写登录Cookie
context.Response.Cookies.Remove(cookie.Name);
context.Response.Cookies.Add(cookie);
}
protected void cmdLogin_Click (object sender, EventArgs e)
{
LoginResponse response;
Master.ClearLogin ();
try {
WebServiceLogin login = new WebServiceLogin ();
login.User = txtUser.Text;
login.Password = txtPassword.Text;
Console.WriteLine ("Trying to log in with {0}/{1}", login.User, login.Password);
login.Ip4 = Utilities.GetExternalIP (Context.Request);
response = Master.WebService.Login (login);
if (response == null) {
lblMessage.Text = "Could not log in.";
txtPassword.Text = "";
} else {
Console.WriteLine ("Login.aspx: Saved cookie!");
FormsAuthenticationTicket cookie = new FormsAuthenticationTicket ("cookie", true, 60 * 24);
Response.Cookies.Add (new HttpCookie ("cookie", response.Cookie));
Response.Cookies ["cookie"].Expires = DateTime.Now.AddDays (1);
Response.Cookies.Add (new HttpCookie ("user", login.User));
FormsAuthentication.SetAuthCookie (response.User, true);
Response.Redirect (txtReferrer.Value, false);
}
} catch (Exception) {
lblMessage.Text = "Invalid user/password.";
txtPassword.Text = "";
}
}
protected void Prijava_OnClick(object sender, ImageClickEventArgs e)
{
Korisnici korisnik = korisniciService.PrijaviKorisnikaPoKorisnickomImenuLozinci(tbKorisnickoIme.Text, tbLozinka.Text);
if (korisnik != null)
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, tbKorisnickoIme.Text, DateTime.Now,
DateTime.Now.AddMinutes(120), chkZapamtiMe.Checked, "custom data");
string cookieStr = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieStr);
if (chkZapamtiMe.Checked)
cookie.Expires = ticket.Expiration;
cookie.Path = FormsAuthentication.FormsCookiePath;
Response.Cookies.Add(cookie);
Response.Redirect("User/Default.aspx", true);
}
else
{
phStatusPrijave.Visible = true;
lblStatusPrijave.Text = "Pogresni korisnicko ime ili lozinka!";
}
}
private void CreateFormsAuthTicket(string username, int ValidMinutes, bool rememberMe)
{
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
username,
DateTime.Now,
DateTime.Now.AddMinutes(ValidMinutes),
rememberMe,
username
);
// Bileti şifrele.
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
// Bileti sakla.
HttpCookie formsCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContext.Current.Response.Cookies.Add(formsCookie);
// FormsAuthentication kimliğini yarat.
FormsIdentity formsId = new FormsIdentity(ticket);
//roles
string[] roles = new string[] { "user" };
// Yeni kullanıcı bilgisini yarat.
HttpContext.Current.User = new GenericPrincipal(formsId, roles);
}
protected override Task<HttpResponseMessage> SendAsync(
HttpRequestMessage request, CancellationToken cancellationToken)
{
if (request.Method == HttpMethod.Get && request.RequestUri.Segments.Last() == "authtoken")
{
string querystring = request.RequestUri.Query.Substring(1);
string[] queryParams = querystring.Split(new[] { '&' });
var queryStringParams = request.RequestUri.ParseQueryString();
if (queryStringParams.Count > 0)
{
string code = queryParams.Where(p => p.StartsWith("code")).First().Split(new[] { '=' })[1];
return Task.Factory.StartNew(
() =>
{
string accessToken = this.GetFacebookAccessToken(code, request);
string username = GetFacebookUsername(accessToken);
var ticket = new FormsAuthenticationTicket(username, false, 60);
string s = FormsAuthentication.Encrypt(ticket);
var response = new HttpResponseMessage();
response.Headers.Add("Set-Cookie", string.Format("ticket={0}; path=/", s));
var responseContentBuilder = new StringBuilder();
responseContentBuilder.AppendLine("<html>");
responseContentBuilder.AppendLine(" <head>");
responseContentBuilder.AppendLine(" <title>Login Callback</title>");
responseContentBuilder.AppendLine(" </head>");
responseContentBuilder.AppendLine(" <body>");
responseContentBuilder.AppendLine(" <script type=\"text/javascript\">");
responseContentBuilder.AppendLine(
" if(window.opener){");
if (queryStringParams["callback"] != null)
{
responseContentBuilder.AppendLine(queryStringParams["callback"] + "();");
}
responseContentBuilder.AppendLine(" window.close()';");
responseContentBuilder.AppendLine(" }");
responseContentBuilder.AppendLine(" </script>");
responseContentBuilder.AppendLine(" </body>");
responseContentBuilder.AppendLine("</html>");
response.Content = new StringContent(responseContentBuilder.ToString());
response.Content.Headers.ContentType = new MediaTypeHeaderValue("text/html");
response.Headers.CacheControl = new CacheControlHeaderValue { NoCache = true };
return response;
});
}
return Task.Factory.StartNew(() => new HttpResponseMessage(HttpStatusCode.InternalServerError));
}
return base.SendAsync(request, cancellationToken);
}
public static string Encrypt(string plaintext)
{
FormsAuthenticationTicket ticket;
ticket = new FormsAuthenticationTicket(1, "", DateTime.Now,
DateTime.Now, false, plaintext, "");
return FormsAuthentication.Encrypt(ticket);
}
protected void btnLogin_Click(object sender, EventArgs e)
{
//Activate the message if login is failed
lblMessage.Visible = true;
AppSecurity temp = new AppSecurity();
temp = AppSecurity.login(txtUsername.Text, txtPassword.Text);
if (!string.IsNullOrEmpty(txtUsername.Text) & !string.IsNullOrEmpty(txtPassword.Text))
{
//set string value to class function that returns string
temp = AppSecurity.login(txtUsername.Text.Trim(), txtPassword.Text.Trim());
}
else
{
lblMessage.Text = temp.ErrorLogin.ToString();
return;
}
if (temp.UserId > 0)
{
// Use .NET built in security system to set the UserID
//within a client-side Cookie
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(temp.UserId.ToString(), false, 480);
//For security reasons we may hash the cookies
string encrytpedTicket = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrytpedTicket);
Response.Cookies.Add(cookie);
//set the username to a client side cookie for future reference
HttpCookie MyCookie = new HttpCookie("UserEmail");
DateTime now = DateTime.Now;
MyCookie.Value = temp.UserEmail.ToString();
MyCookie.Expires = now.AddDays(1);
Response.Cookies.Add(MyCookie);
//set the userrole to a session variable for future reference
Session["Role"] = temp.UserRole.ToString();
// Redirect browser back to home page
Response.Redirect("~/Default.aspx");
}
else
{
//or else display the failed login message
lblMessage.Text = "Login Failed!";
}
}
protected void Button1_Click(object sender, EventArgs e)
{
FormsAuthentication.Initialize(); // Initializes the FormsAuthentication object based on the configuration settings for the application.
SqlConnection con = new SqlConnection("server=saurabh-pc;database=ss;integrated security=true");
SqlCommand cmd = new SqlCommand("select role from roles r inner join users u on r.ID=u.roleid where u.username=@username and u.password=@password",con);
cmd.Parameters.Add("@username", SqlDbType.VarChar, 30).Value = TextBox1.Text;
cmd.Parameters.Add("@password", SqlDbType.VarChar, 30).Value = TextBox2.Text;
FormsAuthentication.HashPasswordForStoringInConfigFile(TextBox2.Text, "md5"); // Or "sha1"
con.Open();
SqlDataReader dr = cmd.ExecuteReader();
if (dr.Read())
{
// Create a new ticket used for authentication
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // Ticket version
TextBox1.Text, // Username associated with ticket
DateTime.Now, // Date/time issued
DateTime.Now.AddMinutes(30), // Date/time to expire
true, // "true" for a persistent user cookie
dr.GetString(0), // User-data, in this case the roles
FormsAuthentication.FormsCookiePath // Path cookie valid for
);
// Encrypt the cookie using the machine key for secure transport
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName,// Name of auth cookie
hash); // Hashed ticket
// Set the cookie's expiration time to the tickets expiration time
if (ticket.IsPersistent)
{
ck.Expires = ticket.Expiration;
}
// Add the cookie to the list for outgoing response
Response.Cookies.Add(ck);
// Redirect to requested URL, or homepage if no previous page
// requested
string returnUrl=Request.QueryString["ReturnUrl"];
if (returnUrl == null)
{
returnUrl = "home.aspx";
}
// Don't call FormsAuthentication.RedirectFromLoginPage since it
// could
// replace the authentication ticket (cookie) we just added
Response.Redirect(returnUrl);
}
else
{
Label1.Text = "incorrect username/password";
}
}
protected void buttonLogin_Click(object sender, EventArgs e)
{
// Try to authenticate credentials supplied by user.
if (FormsAuthentication.Authenticate(UserName.Text, Password.Text))
{
FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(UserName.Text, false, 5000);
FormsAuthentication.RedirectFromLoginPage(UserName.Text, RememberMe.Checked);
}
}
//驗證函數
void SetAuthenTicket(string userData, string userId)
{
//宣告一個驗證票
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userId, DateTime.Now, DateTime.Now.AddHours(3), false, userData);
//加密驗證票
string encryptedTicket = FormsAuthentication.Encrypt(ticket);
//建立Cookie
HttpCookie authenticationcookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
//將Cookie寫入回應
Response.Cookies.Add(authenticationcookie);
}
protected void btnLogin_Click(object sender, EventArgs e)
{
if (txtUserName.Text == "admin" && txtPassword.Text == "123")
{
Session["UserName"] = "******";
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, txtUserName.Text, DateTime.Now, DateTime.Now.AddMinutes(120), false, @"\");
string strRedirectionUrl = "~/Admin/Default.aspx";
FormsAuthentication.RedirectFromLoginPage("Admin", false);
Response.Redirect(strRedirectionUrl);
}
}
/// <summary>
/// Bring access if the User information is correct, else revoke access.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (ValidateUser(Security.cleanSQL(Login1.UserName), Security.encrypt(Login1.Password)))
{
FormsAuthentication.Initialize();
String strRole = AssignRoles(Security.cleanSQL(Login1.UserName));
FormsAuthenticationTicket fat = new FormsAuthenticationTicket(1, Login1.UserName, DateTime.Now, DateTime.Now.AddMinutes(3600), false, strRole, FormsAuthentication.FormsCookiePath);
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(fat)));
Response.Redirect(FormsAuthentication.GetRedirectUrl(Security.cleanSQL(Login1.UserName), false));
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
//string adPath = "LDAP://DC=mb,DC=com"; //Path to your LDAP directory server
LdapAuthentication adAuth = new LdapAuthentication(txtDomain.Text);
try
{
if (true == adAuth.IsAuthenticated(txtDomain.Text, txtUsername.Text, txtPassword.Text))
//if(true)
{
// string groups = adAuth.GetGroups();
string groups = "";
//Create the ticket, and add the groups.
bool isCookiePersistent = chkPersist.Checked;
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,
txtUsername.Text, DateTime.Now, DateTime.Now.AddMinutes(60), isCookiePersistent, groups);
//Encrypt the ticket.
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
//Create a cookie, and then add the encrypted ticket to the cookie as data.
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpCookie loginNameCookie = new HttpCookie(ESB_COOKIE_LOGINNAME, txtUsername.Text);
if (true == isCookiePersistent)
{
authCookie.Expires = authTicket.Expiration;
loginNameCookie.Expires = DateTime.Now.AddDays(30);
}
//Add the cookie to the outgoing cookies collection.
Response.Cookies.Add(authCookie);
Response.Cookies.Add(loginNameCookie);
//Esb授权校验
EsbAuthen(txtUsername.Text);
//Server.Transfer("Default.aspx");
//You can redirect now.
//Response.Redirect(FormsAuthentication.GetRedirectUrl(txtUsername.Text, false));
Response.Redirect("Default.aspx", false);
}
else
{
errorLabel.Text = "登录失败,请检查用户名和密码!";
}
}
catch (System.Exception ex)
{
errorLabel.Text = "登录失败,请检查用户名和密码!";
}
}
protected void loginButton_Click(object sender, EventArgs e)
{
if (IsValid)
{
string encryptPass;
ActiveDirectoryResourceService activeDirectoryResourceService = new ActiveDirectoryResourceService();
User user = null;
user = activeDirectoryResourceService.AuthenticateUser(this.userNameTextBox.Text, this.passwordTextBox.Text);
//if (FormsAuthentication.Authenticate(this.userNameTextBox.Text, this.passwordTextBox.Text) == false)
//{
// loginMessage.Text = Resources.UIResource.ErrorLoginMessage;
// return;
//}
if (user != null)
{
WebSession.Profile = AuthenticationHelper.MakeUserProfile(this.userNameTextBox.Text);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // Ticket version
this.userNameTextBox.Text, // Username to be associated with this ticket
DateTime.Now, // Date/time issued
DateTime.Now.AddHours(7), // Date/time to expire
false, // "true" for a persistent user cookie (could be a checkbox on form)
"WebSurfer", // User-data (the roles from this user record in our database)
FormsAuthentication.FormsCookiePath); // Path cookie is valid for
// Hash the cookie for transport over the wire
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName, // Name of auth cookie (it's the name specified in web.config)
hash); // Hashed ticket
// Add the cookie to the list for outbound response
Response.Cookies.Add(cookie);
String returnUrl = Request.QueryString["ReturnUrl"];
if ((returnUrl == null)) returnUrl = (FormsAuthentication.DefaultUrl);
if (returnUrl == null) returnUrl = ResolveClientUrl(Request.AppRelativeCurrentExecutionFilePath);
//Response.Redirect(returnUrl);
FormsAuthentication.RedirectFromLoginPage(this.userNameTextBox.Text, false);
}
else
{
loginMessage.Text = Resources.UIResource.ErrorLoginMessage;
}
}
}
protected void LoginButton_Click1(object sender, EventArgs e)
{
SqlConnection con = new SqlConnection();
//string hh = "select *from tbuser where uname='" + Login1.UserName + "' and upass='******'";
con.ConnectionString = ConfigurationManager.ConnectionStrings["hpieConnectionString"].ConnectionString;
con.Open();
SqlCommand cmd = new SqlCommand();
cmd.CommandText = "user_log";
cmd.CommandType = CommandType.StoredProcedure;
cmd.Connection = con;
cmd.Parameters.Add("@un", SqlDbType.VarChar, 50).Value = LoginUser.UserName.ToString();
cmd.Parameters.Add("@up", SqlDbType.VarChar, 50).Value = LoginUser.Password.ToString();
SqlDataReader dr = cmd.ExecuteReader();
dr.Read();
if (dr.HasRows)
{
FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(1, LoginUser.UserName, DateTime.Now, DateTime.Now.AddMinutes(160), false, dr["role"].ToString(), FormsAuthentication.FormsCookiePath);
string st1;
st1 = FormsAuthentication.Encrypt(tkt);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, st1);
Response.Cookies.Add(ck);
trac();
string cc1 = dr[5].ToString();
Session["start_a"] = dr[5].ToString();
if (dr["role"].ToString() == "admin")
{
Response.Redirect("~/admin/reportcard_all.aspx");
}
if (dr["role"].ToString() == "user")
{
Response.Redirect("~/user/Details.aspx");
}
if (dr["role"].ToString() == "support")
{
Response.Redirect("~/support/");
}
if (dr["role"].ToString() == "rep")
{
Response.Redirect("~/reports/reportcard_all.aspx");
}
}
else
{
trac2();
//Label1.Text = "Wrong UserName or Password";
}
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
UsuarioDAO obj = new UsuarioDAO();
Usuario usuario = new Usuario();
usuario.Login = Login1.UserName;
usuario.Senha = Login1.Password;
try
{
if (obj.EfetuarLogin(usuario))
{
Login1.Visible = false;
Session["LOGIN"] = usuario.Login;
e.Authenticated = true;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // versão
this.Login1.UserName.Trim(), // login
DateTime.Now, // hora atual
DateTime.Now.AddMinutes(10), // tempo para expirar
false, // cookie is not persistent
"PGTO" // role - se houver
);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket));
Response.Cookies.Add(cookie);
String returnUrl1;
if (Request.QueryString["ReturnUrl"] == null)
{
returnUrl1 = "Paginas/Home.aspx";
}
else
{
returnUrl1 = Request.QueryString["ReturnUrl"];
}
Response.Redirect(returnUrl1);
}
else
{
e.Authenticated = false;
}
}
catch (Exception ex)
{
ClientScript.RegisterStartupScript(this.GetType(), "alert", "<script>alert('" + ex.Message.ToString() + "');</script>");
}
}
protected void imgSubmit_Click(object sender, EventArgs e)
{
OSAEObject obj = OSAEObjectManager.GetObjectByName(txtUserName.Text);
if (obj != null)
{
string pass = obj.Property("Password").Value;
if (pass == txtPassword.Text)
{
if (pass != "")
{
// Success, create non-persistent authentication cookie.
FormsAuthentication.SetAuthCookie(txtUserName.Text.Trim(), false);
Int32 cto = Convert.ToInt32(OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value);
FormsAuthenticationTicket ticket1 = new FormsAuthenticationTicket(txtUserName.Text.Trim(), true, cto);
HttpCookie cookie1 = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket1));
Response.Cookies.Add(cookie1);
Session["UserName"] = OSAEObjectManager.GetObjectByName(this.txtUserName.Text.Trim()).Name;
Session["TrustLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Trust Level").Value;
Session["SecurityLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Security Level").Value;
}
else
{
FormsAuthentication.SetAuthCookie(txtUserName.Text.Trim(), false);
Int32 cto = Convert.ToInt32(OSAEObjectPropertyManager.GetObjectPropertyValue("Web Server", "Timeout").Value);
FormsAuthenticationTicket ticket1 = new FormsAuthenticationTicket(txtUserName.Text.Trim(), true, cto);
HttpCookie cookie1 = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket1));
Response.Cookies.Add(cookie1);
Session["UserName"] = OSAEObjectManager.GetObjectByName(this.txtUserName.Text.Trim()).Name;
Session["TrustLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Trust Level").Value;
Session["SecurityLevel"] = OSAEObjectPropertyManager.GetObjectPropertyValue(this.txtUserName.Text.Trim(), "Security Level").Value;
}
// Do the redirect.
string returnUrl1;
OSAEAdmin adSet = OSAEAdminManager.GetAdminSettings();
int tLevel = Convert.ToInt32(Session["TrustLevel"].ToString());
if (Session["SecurityLevel"].ToString() != "Admin" & tLevel < adSet.ObjectsTrust)
returnUrl1 = "screens.aspx?id=" + adSet.defaultScreen;
else
{
if (Request.QueryString["ReturnUrl"] == null) returnUrl1 = "objects.aspx"; // the login is successful
else returnUrl1 = Request.QueryString["ReturnUrl"]; //login not unsuccessful
}
Response.Redirect(returnUrl1);
}
else lblError.Visible = true;
}
lblError.Visible = true;
}
protected void log_me_in(object sender, EventArgs e)
{
try
{
string salt = BCrypt.Net.BCrypt.GenerateSalt();
string hash = BCrypt.Net.BCrypt.HashPassword(pass.Value, salt);
SqlConnection cn = new SqlConnection();
cn.ConnectionString = ConfigurationManager.ConnectionStrings["login_connection_str"].ConnectionString;
string query = string.Format("SELECT [hackers_choice].[tumi],[hackers_choice].[passwd],[sign_up].[firstname],[sign_up].[lastname] FROM [hackers_choice] INNER JOIN [sign_up] ON [hackers_choice].[tumi]=[sign_up].[username] WHERE [hackers_choice].[tumi]='{0}'", usrname.Value.Trim());
SqlCommand mycommand = new SqlCommand(query, cn);
cn.Open();
SqlDataReader myreader = mycommand.ExecuteReader();
if (myreader.HasRows)
{
myreader.Read();
if (BCrypt.Net.BCrypt.Verify(pass.Value, string.Format("{0}", myreader[1])))
{
log_in.Style["visibility"] = "hidden";
bool isPersistent = false;
string userData = "ApplicationSpecific data for this user.";
string u = BCrypt.Net.BCrypt.HashPassword("logged_in", salt);
string name = Convert.ToString(myreader[0]);
string fullname = Convert.ToString(myreader[2]) + " " + Convert.ToString(myreader[3]);
myreader.Close();
cn.Close();
Session["username"] = name;
Session["fullname"] = fullname;
Session["active"] = "active";
Session["handling"] = "true";
Session.Timeout = 60;
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, name, DateTime.Now, DateTime.Now.AddHours(1), isPersistent, userData, FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
Server.Transfer("~/index.aspx?login=active");
}
else
login_invalid.InnerText = "Login username or password is invalid";
cn.Close();
myreader.Close();
}
}
catch(Exception e1)
{
banner_msg.InnerText = "The server request is timed out";
}
}
public static void RedirecionaPaginaInicial(int MinutosDuracaoSessao,
HttpResponse Response, string ID)
{
FormsAuthentication.Initialize();
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, ID,
DateTime.Now,
DateTime.Now.AddMinutes(MinutosDuracaoSessao),
true,
FormsAuthentication.FormsCookiePath);
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
Response.Cookies.Add(cookie);
Response.Redirect(PaginasAplicacao.GetPaginaInicial());
}
protected void Button1_Click(object sender, EventArgs e)
{
SqlCommand comm = new SqlCommand();
try
{
string dbConnectionString = ConfigurationManager.ConnectionStrings["conn"].ConnectionString;
comm.CommandText = "select * from tblLogin where emailid =@emailid and pwd=@pwd";
comm.CommandType = CommandType.Text;
comm.Connection = new SqlConnection(dbConnectionString);
comm.Parameters.AddWithValue("@emailid", TextBox1.Text);
comm.Parameters.AddWithValue("@pwd", TextBox2.Text);
comm.Connection.Open();
if (comm.Connection.State == ConnectionState.Open)
{
SqlDataReader dr = comm.ExecuteReader(CommandBehavior.SingleRow);
if (dr.HasRows)
{
dr.Read();
FormsAuthenticationTicket ticket = new
FormsAuthenticationTicket(1, TextBox1.Text, DateTime.Now, DateTime.Now.AddMinutes(30),
false, dr["roleName"].ToString(), FormsAuthentication.FormsCookiePath);
string hash = FormsAuthentication.Encrypt(ticket);
HttpCookie ht = new HttpCookie(FormsAuthentication.FormsCookieName);
Session["emailid"] = TextBox1.Text;
ht.Value = hash;
Response.Cookies.Add(ht);
// Response.Write("Ok");
Response.Redirect("frmcheckrole.aspx");
}
else
Response.Write("Invalid Details");
}
}
catch (Exception)
{
throw;
}
}
protected void btnLogin_Click(object sender, EventArgs e)
{
string username = txtUserName.Text.Trim();
string password = Encryptor.EncryptText(txtPassword.Text.Trim());
tbllogintable = adplogin_table.GetUserByUsernamePassword(username, password);
if (tbllogintable.Count == 1)
{
var row = tbllogintable[0]; // read the only row
// initialize FormsAuthentication
FormsAuthentication.Initialize();
// create a new ticket used for authentication
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1, // ticket version
username, // username associated with ticket
DateTime.Now, // date/time issued
DateTime.Now.AddMinutes(30), // date/time to expire
chkRememberMe.Checked, // "true" for a persistent user cookie
row.role, // user-data, in this case the roles
FormsAuthentication.FormsCookiePath); // path cookie is valid for
// encrypt the ticket using the machine key for secure transport
string hashedTicket = FormsAuthentication.Encrypt(ticket);
// create cookie
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hashedTicket);
// set the cookie's expiration time to the ticket's expiration time
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
// add the cookie to the list for outgoing response
Response.Cookies.Add(cookie);
// redirect to requested URL, or to the role's homepage
string returnUrl = Request.QueryString["ReturnUrl"];
if (returnUrl == null)
{
if (row.role == "admin")
{
returnUrl = "~/Admin/";
}
else if (row.role == "member")
{
returnUrl = "~/Member/";
}
else if (row.role == "librarian")
{
returnUrl = "~/Librarian/";
}
else
{
returnUrl = "~/";
}
}
Session["Username"] = username;
Session["Role"] = row.role;
Response.Redirect(returnUrl);
}
else
{
lblMessage.Text = "Login failed. Please try again.";
}
}
private string SetFirstName(FormsAuthenticationTicket ticket)
{
string[] data = ticket.UserData.Split('|');
return(data[2]);
}
protected void Page_Load(object sender, EventArgs e)
{
HttpContext.Current.Response.Cache.SetAllowResponseInBrowserHistory(false);
HttpContext.Current.Response.Cache.SetCacheability(HttpCacheability.NoCache);
HttpContext.Current.Response.Cache.SetNoStore();
Response.Cache.SetExpires(DateTime.Now);
Response.Cache.SetValidUntilExpires(true);
Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
Response.Cache.SetNoStore();
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);
if (ticket.Expiration <= DateTime.Now)
{
Response.Redirect("~/PL/Membership/Login.aspx");
}//end if
else
{
Session sessionObject = new Session();
FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(ticket.Version, ticket.Name, DateTime.Now, DateTime.Now.AddMinutes(sessionObject.getSessionTimeLimit()), ticket.IsPersistent, ticket.UserData);
string encryptedTicket = FormsAuthentication.Encrypt(newTicket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
cookie.Expires = newTicket.Expiration;
Response.Cookies.Add(cookie);
}//end else
}//end if
else
{
Response.Redirect("~/PL/Membership/Login.aspx");
}//end else
HttpCookie _authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
FormsAuthenticationTicket _ticket = FormsAuthentication.Decrypt(_authCookie.Value);
string username = _ticket.Name;
bool recordExists;
string errorMessage;
Select selectObject = new Select();
recordExists = Select.Select_Focus_Analysis_Worksheet(username);
errorMessage = selectObject.getErrorMessage();
if (errorMessage != null)
{
lblError.Text = errorMessage;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists == true)
{
string errorMessage2;
ArrayList record = new ArrayList();
Select selectObject2 = new Select();
record = Select.Select_Focus_Analysis_Record(username);
errorMessage2 = selectObject2.getErrorMessage();
if (errorMessage2 != null)
{
lblError.Text = errorMessage2;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label1.Text = record[188].ToString();
Label2.Text = record[189].ToString();
Label3.Text = record[190].ToString();
Label4.Text = record[191].ToString();
Label5.Text = record[192].ToString();
Label6.Text = record[193].ToString();
}//end else
}//end if
}//end else
bool recordExists2;
string errorMessage3;
Select selectObject3 = new Select();
recordExists2 = Select.Select_Education_Inventory(username);
errorMessage3 = selectObject3.getErrorMessage();
if (errorMessage3 != null)
{
lblError.Text = errorMessage3;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists2 == true)
{
string errorMessage4;
ArrayList record2 = new ArrayList();
Select selectObject4 = new Select();
record2 = Select.Select_Education_Inventory_Record(username);
errorMessage4 = selectObject4.getErrorMessage();
if (errorMessage4 != null)
{
lblError.Text = errorMessage4;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label33.Text = record2[15].ToString();
Label34.Text = record2[16].ToString();
Label35.Text = record2[17].ToString();
}//end else
}//end if
}//end else
bool recordExists3;
string errorMessage5;
Select selectObject5 = new Select();
recordExists3 = Select.Select_Natural_Talents(username);
errorMessage5 = selectObject5.getErrorMessage();
if (errorMessage5 != null)
{
lblError.Text = errorMessage5;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists3 == true)
{
string errorMessage6;
ArrayList record3 = new ArrayList();
Select selectObject6 = new Select();
record3 = Select.Select_Natural_Talents_Record(username);
errorMessage6 = selectObject6.getErrorMessage();
if (errorMessage6 != null)
{
lblError.Text = errorMessage6;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label7.Text = record3[1].ToString();
Label8.Text = record3[2].ToString();
Label9.Text = record3[3].ToString();
}//end else
}//end if
}//end else
bool recordExists4;
string errorMessage7;
Select selectObject7 = new Select();
recordExists4 = Select.Select_Sharegiver_Talents(username);
errorMessage7 = selectObject7.getErrorMessage();
if (errorMessage7 != null)
{
lblError.Text = errorMessage7;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists4 == true)
{
string errorMessage8;
ArrayList record4 = new ArrayList();
Select selectObject8 = new Select();
record4 = Select.Select_Sharegiver_Talents_Record(username);
errorMessage8 = selectObject8.getErrorMessage();
if (errorMessage8 != null)
{
lblError.Text = errorMessage8;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label36.Text = record4[76].ToString();
Label37.Text = record4[77].ToString();
Label38.Text = record4[78].ToString();
}//end else
}//end if
}//end else
bool recordExists5;
string errorMessage9;
Select selectObject9 = new Select();
recordExists5 = Select.Select_Total_Spiritual_Gifts(username);
errorMessage9 = selectObject9.getErrorMessage();
if (errorMessage9 != null)
{
lblError.Text = errorMessage9;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists5 == true)
{
string errorMessage10;
ArrayList record5 = new ArrayList();
Select selectObject10 = new Select();
record5 = Select.Select_Total_Spiritual_Gifts_Record(username);
errorMessage10 = selectObject10.getErrorMessage();
if (errorMessage10 != null)
{
lblError.Text = errorMessage10;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label10.Text = record5[21].ToString();
Label11.Text = record5[24].ToString();
Label12.Text = record5[22].ToString();
Label13.Text = record5[25].ToString();
Label14.Text = record5[23].ToString();
Label15.Text = record5[26].ToString();
}//end else
}//end if
}//end else
bool recordExists6;
string errorMessage11;
Select selectObject11 = new Select();
recordExists6 = Select.Select_Personal_Management_Style(username);
errorMessage11 = selectObject11.getErrorMessage();
if (errorMessage11 != null)
{
lblError.Text = errorMessage11;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists6 == true)
{
string errorMessage12;
ArrayList record6 = new ArrayList();
Select selectObject12 = new Select();
record6 = Select.Select_Personal_Management_Style_Record(username);
errorMessage12 = selectObject12.getErrorMessage();
if (errorMessage12 != null)
{
lblError.Text = errorMessage12;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label16.Text = record6[38].ToString();
Label17.Text = record6[40].ToString();
Label18.Text = record6[41].ToString();
Label19.Text = record6[43].ToString();
Label20.Text = record6[44].ToString();
Label21.Text = record6[46].ToString();
Label22.Text = record6[47].ToString();
Label23.Text = record6[49].ToString();
}//end else
}//end if
}//end else
bool recordExists7;
string errorMessage13;
Select selectObject13 = new Select();
recordExists7 = Select.Select_Perception_Response_Summary(username);
errorMessage13 = selectObject13.getErrorMessage();
if (errorMessage13 != null)
{
lblError.Text = errorMessage13;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists7 == true)
{
string errorMessage14;
ArrayList record7 = new ArrayList();
Select selectObject14 = new Select();
record7 = Select.Select_Perception_Response_Summary_Record(username);
errorMessage14 = selectObject14.getErrorMessage();
if (errorMessage14 != null)
{
lblError.Text = errorMessage14;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label24.Text = record7[0].ToString();
Label25.Text = record7[1].ToString();
Label26.Text = record7[2].ToString();
Label27.Text = record7[3].ToString();
Label28.Text = record7[4].ToString();
Label29.Text = record7[5].ToString();
}//end else
}//end if
}//end else
bool recordExists8;
string errorMessage15;
Select selectObject15 = new Select();
recordExists8 = Select.Select_Fundamental_Life_Motivators(username);
errorMessage15 = selectObject15.getErrorMessage();
if (errorMessage15 != null)
{
lblError.Text = errorMessage15;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists8 == true)
{
string errorMessage16;
ArrayList record8 = new ArrayList();
Select selectObject16 = new Select();
record8 = Select.Select_Fundamental_Life_Motivators_Record(username);
errorMessage16 = selectObject16.getErrorMessage();
if (errorMessage16 != null)
{
lblError.Text = errorMessage16;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label30.Text = record8[0].ToString();
Label31.Text = record8[1].ToString();
Label32.Text = record8[2].ToString();
}//end else
}//end if
}//end else
bool recordExists9;
string errorMessage17;
Select selectObject17 = new Select();
recordExists9 = Select.Select_Expressing_Personal_Genius(username);
errorMessage17 = selectObject17.getErrorMessage();
if (errorMessage17 != null)
{
lblError.Text = errorMessage17;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists9 == true)
{
string errorMessage18;
ArrayList record9 = new ArrayList();
Select selectObject18 = new Select();
record9 = Select.Select_Expressing_Personal_Genius_Record(username);
errorMessage18 = selectObject18.getErrorMessage();
if (errorMessage18 != null)
{
lblError.Text = errorMessage18;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label39.Text = record9[0].ToString();
Label40.Text = record9[3].ToString();
Label41.Text = record9[1].ToString();
Label42.Text = record9[4].ToString();
Label43.Text = record9[2].ToString();
Label44.Text = record9[5].ToString();
}//end else
}//end if
}//end else
bool recordExists10;
string errorMessage19;
Select selectObject19 = new Select();
recordExists10 = Select.Select_Creativity_Cycle(username);
errorMessage19 = selectObject19.getErrorMessage();
if (errorMessage19 != null)
{
lblError.Text = errorMessage19;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
if (recordExists10 == true)
{
string errorMessage20;
ArrayList record10 = new ArrayList();
Select selectObject20 = new Select();
record10 = Select.Select_Creativity_Cycle_Record(username);
errorMessage20 = selectObject20.getErrorMessage();
if (errorMessage20 != null)
{
lblError.Text = errorMessage20;
lblError.Visible = true;
ErrorMessage message = new ErrorMessage();
MsgBox(message.SQLServerErrorMessage);
}//end if
else
{
Label45.Text = record10[0].ToString();
}//end else
}//end if
}//end else
}//end event
public void SignIn(string username, string password, out int errorCode, out string errorMessage)
{
errorCode = 0;
errorMessage = null;
if (string.IsNullOrEmpty(password))
{
errorMessage = "Please enter password";
}
if (string.IsNullOrEmpty(username))
{
errorMessage = "Please enter user name";
}
if (string.IsNullOrEmpty(errorMessage))
{
// Here must be validation with password. You can add third party validation here;
bool success = Membership.ValidateUser(username, password);
if (!success)
{
errorMessage = string.Format("Validation failed. User name '{0}' was not found.", username);
}
}
var values = new KeyValueList();
if (!string.IsNullOrEmpty(errorMessage))
{
errorCode = 1;
return;
}
FormsAuthentication.Initialize();
var user = Membership.GetUser(username, true);
if (user == null)
{
errorCode = 1;
errorMessage = string.Format("'{0}' was not found.", username);
return;
}
var roles = Roles.GetRolesForUser(username);
string rolesString = string.Empty;
for (int i = 0; i < roles.Length; i++)
{
if (i > 0)
{
rolesString += ",";
}
rolesString += roles[i];
}
var loginRememberMinutes = 30;
var ticket = new FormsAuthenticationTicket(1, user.UserName, DateTime.Now, DateTime.Now.AddMinutes(loginRememberMinutes), true, rolesString, FormsAuthentication.FormsCookiePath);
// Encrypt the cookie using the machine key for secure transport.
var hash = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash); // Hashed ticket
if (ticket.IsPersistent)
{
cookie.Expires = ticket.Expiration;
}
HttpContext.Current.Response.Cookies.Add(cookie);
// Create Identity.
var identity = new System.Security.Principal.GenericIdentity(user.UserName);
// Create Principal.
var principal = new RolePrincipal(identity);
System.Threading.Thread.CurrentPrincipal = principal;
// Create User.
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(identity, roles);
errorMessage = "Welcome!";
}
protected void Page_Load(object sender, EventArgs e)
{
if (!User.Identity.IsAuthenticated)
{
Response.Redirect("index.aspx");
}
else if (User.Identity.IsAuthenticated)
{
if (HttpContext.Current.User.Identity is FormsIdentity)
{
string rola;
FormsIdentity id =
(FormsIdentity)HttpContext.Current.User.Identity;
FormsAuthenticationTicket bilet = id.Ticket;
Label1.Text = "Zalogowany jako: " + User.Identity.Name;
// Get the stored user-data, in this case, our roles
rola = bilet.UserData;
NpgsqlConnection conn = new NpgsqlConnection("Server=127.0.0.1;Port=5432;User Id=postgres;Password=projekt;Database=projekt;");
conn.Open();
NpgsqlCommand command1 = new NpgsqlCommand("select * from sala", conn);
NpgsqlCommand command2 = new NpgsqlCommand("select * from wyposazenie", conn);
try
{
if (DropDownList1.Items.Count == 0 && DropDownList2.Items.Count == 0)
{
NpgsqlCommand count = new NpgsqlCommand("select count(id_wyp) from wyposazenie", conn);
string liczba = count.ExecuteScalar().ToString();
int coun = System.Int32.Parse(liczba);
string[] tab1 = new string[50];
NpgsqlDataReader dr1 = command1.ExecuteReader();
int i = 0;
{
while (dr1.Read())
{
tab1[i] = Convert.ToString(dr1[0]);
DropDownList1.Items.Insert(i, tab1[i]);
i++;
}
}
NpgsqlDataReader dr2 = command2.ExecuteReader();
string[] tab2 = new string[500];
int j = 0;
{
while (dr2.Read())
{
tab2[j] = Convert.ToString(dr2[0]);
DropDownList2.Items.Insert(j, tab2[j]);
j++;
}
}
}
}
finally
{
conn.Close();
}
if (rola != "admins")
{
Response.Redirect("index.aspx");
}
}
}
}
public ActionResult Login(VLogin login, string ReturnUrl = "")
{
string message = "";
using (PhotoGraphyDbContext dc = new PhotoGraphyDbContext())
{
var v = dc.Clients.Where(a => a.Email == login.EmailID).FirstOrDefault();
var p = dc.PhotoGraphers.Where(x => x.Email == login.EmailID).FirstOrDefault();
if (v != null)
{
if (string.Compare(login.Password, v.Password) == 0)
{
int timeout = login.RememberMe ? 2 : 3;
var ticket = new FormsAuthenticationTicket(login.EmailID, login.RememberMe, timeout);
string encrypted = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
cookie.Expires = DateTime.Now.AddMinutes(timeout);
cookie.HttpOnly = true;
Response.Cookies.Add(cookie);
if (Url.IsLocalUrl(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
else
{
Session["useremail"] = v.ClientId;
Session["FullName"] = v.Name;
return(RedirectToAction("Index", "Client"));
// Response.Write("<script>alert('Welcome to User')</script>");
}
}
else
{
message = "Invalid Email Or Password";
}
}
else if (p != null)
{
if (string.Compare(login.Password, p.Password) == 0)
{
int timeout = login.RememberMe ? 2 : 5;
var ticket = new FormsAuthenticationTicket(login.EmailID, login.RememberMe, timeout);
string encrypted = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypted);
cookie.Expires = DateTime.Now.AddMinutes(timeout);
cookie.HttpOnly = true;
Response.Cookies.Add(cookie);
if (Url.IsLocalUrl(ReturnUrl))
{
return(Redirect(ReturnUrl));
}
else
{
Session["useremail"] = p.PhotoGrapherId;
Session["FullName"] = p.FullName;
return(RedirectToAction("Index", "PhotoGrapher"));
// Response.Write("<script>alert('Welcome to User')</script>");
}
}
else
{
message = "Invalid Email Or Password";
}
}
else
{
message = "Invalid UserName Or Password";
}
}
ViewBag.Message = message;
return(View());
}
protected void Page_Load(object sender, EventArgs e)
{
IncludeJs("LoginEncrytDecryt", "/Modules/Admin/LoginControl/js/AESEncrytDecryt.js");
IncludeJs("loginanimation", "/Modules/Admin/LoginControl/js/login.js");
// IncludeCss("loginCss", "/Modules/Admin/LoginControl/css/module.css");
IncludeLanguageJS();
Extension = SageFrameSettingKeys.PageExtension;
if (!IsPostBack)
{
int logHit = Convert.ToInt32(Session[SessionKeys.LoginHitCount]);
if (logHit >= 3)
{
dvCaptchaField.Visible = true;
InitializeCaptcha();
objCaptcha.GenerateCaptcha();
}
else
{
dvCaptchaField.Visible = false;
}
Password.Attributes.Add("onkeypress", "return clickButton(event,'" + LoginButton.ClientID + "')");
if (!IsParent)
{
hypForgotPassword.NavigateUrl =
GetParentURL + "/portal/" + GetPortalSEOName + "/" +
pagebase.GetSettingValueByIndividualKey(SageFrameSettingKeys.PortalForgotPassword) + Extension;
}
else
{
hypForgotPassword.NavigateUrl =
GetParentURL + "/" + pagebase.GetSettingValueByIndividualKey(SageFrameSettingKeys.PortalForgotPassword) +
Extension;
}
string registerUrl =
GetParentURL + "/" + pagebase.GetSettingValueByIndividualKey(SageFrameSettingKeys.PortalUserRegistration) +
Extension;
if (pagebase.GetSettingBoolValueByIndividualKey(SageFrameSettingKeys.RememberCheckbox))
{
chkRememberMe.Visible = true;
lblrmnt.Visible = true;
}
else
{
chkRememberMe.Visible = false;
lblrmnt.Visible = false;
}
}
SecurityPolicy objSecurity = new SecurityPolicy();
FormsAuthenticationTicket ticket = objSecurity.GetUserTicket(GetPortalID);
if (ticket != null && ticket.Name != ApplicationKeys.anonymousUser)
{
int LoggedInPortalID = int.Parse(ticket.UserData.ToString());
string[] sysRoles = SystemSetting.SUPER_ROLE;
if (GetPortalID == LoggedInPortalID || Roles.IsUserInRole(ticket.Name, sysRoles[0]))
{
RoleController _role = new RoleController();
string userinroles = _role.GetRoleNames(GetUsername, LoggedInPortalID);
if (userinroles != "" || userinroles != null)
{
MultiView1.ActiveViewIndex = 1;
}
else
{
MultiView1.ActiveViewIndex = 0;
}
}
else
{
MultiView1.ActiveViewIndex = 0;
}
}
else
{
MultiView1.ActiveViewIndex = 0;
}
// Added For openID services
divOpenIDProvider.Visible = false;
if (AllowRegistration())
{
if (pagebase.GetSettingBoolValueByIndividualKey(SageFrameSettingKeys.ShowOpenID) == true)
{
divOpenIDProvider.Visible = true;
CheckOpenID();
}
}
}
public ActionResult Login(LoginViewModel model, string returnUrl)
{
try
{
string decodedUrl = "";
if (!string.IsNullOrEmpty(returnUrl))
{
decodedUrl = Server.UrlDecode(returnUrl);
}
if (!ModelState.IsValid)
{
return(View(model));
}
var getPwdState = repository.Verify(model.Email, model.Password);//customRepository.CheckPassword(model.Password, model.Email);
if (getPwdState)
{
var getHashedPwd = repository.SelectPasswordOnSuccessfulPasswordValidation(model.Email);
var user = new CustomLoginViewModel()
{
EmailAddress = model.Email, Password = getHashedPwd
};
user = repository.GetUserLoginDetails(user);
if (user != null)
{
FormsAuthentication.SetAuthCookie(model.Email, false);
var authTicket = new FormsAuthenticationTicket(1, user.EmailAddress, DateTime.Now, DateTime.Now.AddMinutes(20), false, user.Roles);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContext.Response.Cookies.Add(authCookie);
if (Url.IsLocalUrl(decodedUrl))
{
return(Redirect(decodedUrl));
}
else
{
// Successful login by admin/event user
return(RedirectToAction("dashboard", "admin"));
}
}
else
{
ViewBag.DisplayMessage = "Info";
ModelState.AddModelError("", "Invalid username or password.");
return(View(model));
}
}
else
{
ViewBag.DisplayMessage = "Info";
ModelState.AddModelError("", "Invalid username or password.");
return(View(model));
}
}
catch (Exception ex)
{
ViewBag.DisplayMessage = "Info";
ModelState.AddModelError("", "Invalid username or password.");
return(View(model));
}
}
public async Task <ActionResult> vendorLogin(vendorViewLogin vvl)
{
try
{
if (!ModelState.IsValid)
{
return(View(vvl));
}
AdminLogin admin = new AdminLogin();
admin = db.adminlog.Where(x => x.EmailAddress == vvl.VendorEmail && (x.Passkey == vvl.VendorPassword)).FirstOrDefault();
if (admin != null)
{
//Session["superid"] = vvl.VendorEmail;
//Session["EmailId"] = vvl.VendorEmail;
//ViewBag.messg = vvl.VendorEmail;
FormsAuthentication.SetAuthCookie(vvl.VendorEmail, false);
string Roles = "admin";
var authTicket = new FormsAuthenticationTicket(1, admin.EmailAddress, DateTime.Now, DateTime.Now.AddMinutes(30), false, Roles);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContext.Response.Cookies.Add(authCookie);
return(RedirectToAction("AdminPortal", "SuperAdmin"));
}
else
{
string q = vvl.VendorPassword;
string pass = Encrypt_Password(q);
VendorModel vendor = new VendorModel();
vendor = db.vendor.Where(m => m.VendorEmail == vvl.VendorEmail && (m.VendorPassword == pass)).FirstOrDefault();
if (vendor != null)
{
var id = db.vendor.Where(m => m.VendorEmail == vvl.VendorEmail).Select(m => m.VendorId).FirstOrDefault();
int vid = Convert.ToInt32(id);
//Session["Adminid"] = vid;
//Session["EmailId"] = vvl.VendorEmail;
VendorLogInOutTime vliot = new VendorLogInOutTime();
vliot.LogInTime = DateTime.Now;
vliot.VendorId = vid;
vliot.LogOutTime = null;
db.loginouttime.Add(vliot);
var a = db.vendor.Where(m => m.VendorEmail == vvl.VendorEmail).FirstOrDefault();
a.DataCompleted = true;
var b = db.businessdetails.Where(x => x.VendorId == id).FirstOrDefault();
b.DataCompleted = true;
db.SaveChanges();
string Roles = db.userrole.Where(x => x.VendorId == vid).Select(x => x.RoleName).FirstOrDefault();
FormsAuthentication.SetAuthCookie(vvl.VendorEmail, false);
var authTicket = new FormsAuthenticationTicket(1, vendor.VendorEmail, DateTime.Now, DateTime.Now.AddMinutes(20), false, Roles);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContext.Response.Cookies.Add(authCookie);
return(RedirectToAction("Index", "VendorAccess"));
}
else
{
ViewBag.errorvalue = "Please enter valid Login Id and Password.";
return(View());
}
}
}
catch (Exception e)
{
Response.Write("<script>alert('Please enter emailId and password')</script>");
return(View());
}
}
protected void SucessFullLogin(UserInfo user)
{
RoleController role = new RoleController();
Session[SessionKeys.LoginHitCount] = null;
string userRoles = role.GetRoleIDs(user.UserName, GetPortalID);
if (userRoles.Length > 0)
{
SetUserRoles(userRoles);
MembershipController member = new MembershipController();
user.LastLoginDate = DateTime.UtcNow;
member.UpdateUserLoginActivity(user);
//SessionTracker sessionTracker = (SessionTracker)Session[SessionKeys.Tracker];
//sessionTracker.PortalID = GetPortalID.ToString();
//sessionTracker.Username = UserName.Text;
//Session[SessionKeys.Tracker] = sessionTracker;
SageFrame.Web.SessionLog SLog = new SageFrame.Web.SessionLog();
SLog.SessionTrackerUpdateUsername(UserName.Text, GetPortalID.ToString());
StringBuilder redirectURL = new StringBuilder();
SecurityPolicy objSecurity = new SecurityPolicy();
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
user.UserName,
DateTime.Now,
DateTime.Now.AddMinutes(30),
true,
GetPortalID.ToString(),
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
//generate random cookieValue
string randomCookieValue = GenerateRandomCookieValue();
Session[SessionKeys.RandomCookieValue] = randomCookieValue;
//create new cookie with random cookie name and encrypted ticket
HttpCookie cookie = new HttpCookie(objSecurity.FormsCookieName(GetPortalID), encTicket);
//get default time from setting
SageFrameConfig objConfig = new SageFrameConfig();
string ServerCookieExpiration = objConfig.GetSettingValueByIndividualKey(SageFrameSettingKeys.ServerCookieExpiration);
int expiryTime = Math.Abs(int.Parse(ServerCookieExpiration));
expiryTime = expiryTime < 5 ? 5 : expiryTime;
//set cookie expiry time
cookie.Expires = DateTime.Now.AddMinutes(expiryTime);
//add cookie to the browser
Response.Cookies.Add(cookie);
string roleRedirectURL = string.Empty;
roleRedirectURL = member.GetRedirectUrlByRoleID(strRoles);
if (roleRedirectURL == string.Empty || roleRedirectURL == null)
{
roleRedirectURL = PortalAPI.DefaultPageWithExtension;
}
if (Request.QueryString["ReturnUrl"] != null)
{
string PageNotFoundPage = PortalAPI.PageNotFoundURLWithRoot;
string UserRegistrationPage = PortalAPI.RegistrationURLWithRoot;
string PasswordRecoveryPage = PortalAPI.PasswordRecoveryURLWithRoot;
string ForgotPasswordPage = PortalAPI.ForgotPasswordURL;
string PageNotAccessiblePage = PortalAPI.PageNotAccessibleURLWithRoot;
string ReturnUrlPage = Request.QueryString["ReturnUrl"].Replace("%2f", "-").ToString();
bool IsWellFormedReturnUrlPage = Uri.IsWellFormedUriString(ReturnUrlPage, UriKind.Absolute);
string RequestURL = Request.Url.ToString();
Uri RequestURLPageUri = new Uri(RequestURL);
string portalHostURL = RequestURLPageUri.AbsolutePath.TrimStart('/');
if (IsWellFormedReturnUrlPage)
{
Uri ReturnUrlPageUri = new Uri(ReturnUrlPage);
string ReturnURl = ReturnUrlPageUri.Scheme + Uri.SchemeDelimiter + ReturnUrlPageUri.Host + ":" + ReturnUrlPageUri.Port;
string HostUrl = GetHostURL();
Uri uriHostURL = new Uri(HostUrl);
Uri uriReturnURL = new Uri(ReturnURl);
var resultCompareURL = Uri.Compare(uriHostURL, uriReturnURL,
UriComponents.Host | UriComponents.PathAndQuery,
UriFormat.SafeUnescaped, StringComparison.OrdinalIgnoreCase);
int resultComparePortalURL = 0;
if (portalHostURL.ToLower().Contains("portal") && resultCompareURL == 0)
{
Uri ReturnUrlPageHostUri = new Uri(ReturnUrlPage);
string portalReturnURL = ReturnUrlPageHostUri.AbsolutePath.TrimStart('/');
string[] portalReturnURLSplit = portalReturnURL.Split('/');
string ReturnURLSplitPortal = portalReturnURLSplit[0];
string ReturnURLSplitPortalName = portalReturnURLSplit[1];
string ReturnURLWithPortal = ReturnURLSplitPortal + "/" + ReturnURLSplitPortalName;
string[] portalHostURLSplit = portalHostURL.Split('/');
string HostURLSplitPortal = portalHostURLSplit[0];
string HostURLSplitPortalName = portalHostURLSplit[1];
string HostURLWithPortal = HostURLSplitPortal + "/" + HostURLSplitPortalName;
resultComparePortalURL = string.Compare(ReturnURLWithPortal, HostURLWithPortal);
}
if (resultCompareURL != 0 || resultComparePortalURL != 0)
{
PageNotFoundURL();
}
}
else
{
PageNotFoundURL();
}
if (ReturnUrlPage == PageNotFoundPage || ReturnUrlPage == UserRegistrationPage || ReturnUrlPage == PasswordRecoveryPage || ReturnUrlPage == ForgotPasswordPage || ReturnUrlPage == PageNotAccessiblePage)
{
redirectURL.Append(GetParentURL);
redirectURL.Append(PortalAPI.DefaultPageWithExtension);
}
else
{
redirectURL.Append(ResolveUrl(Request.QueryString["ReturnUrl"].ToString()));
}
}
else
{
if (!IsParent)
{
redirectURL.Append(GetParentURL);
redirectURL.Append("/portal/");
redirectURL.Append(GetPortalSEOName);
redirectURL.Append("/");
redirectURL.Append(roleRedirectURL);
}
else
{
redirectURL.Append(GetParentURL);
redirectURL.Append("/");
redirectURL.Append(roleRedirectURL);
}
}
HttpContext.Current.Session[SessionKeys.IsLoginClick] = true;
if (Session[SessionKeys.LoginHitCount] != null)
{
HttpContext.Current.Session.Remove(SessionKeys.LoginHitCount);
}
Response.Redirect(redirectURL.ToString(), false);
}
else
{
FailureText.Text = string.Format("<p class='sfError'>{0}</p>", GetSageMessage("UserLogin", "Youarenotauthenticatedtothisportal"));//"You are not authenticated to this portal!";
}
}
public async Task <ActionResult> Index(string username, string password)
{
if (!CheckIpControl())
{
return(Redirect("http://www.baidu.com"));
}
string notice = string.Empty;
AdminLoginModel model = new AdminLoginModel();
bool loginSuccess = false;
string path = HttpContext.Server.MapPath("/App_Data/adminconfig.xml");
XmlDocument config = new XmlDocument();
config.Load(path);
password = SecurityHelper.MD5(password);
string SuperUser = config.SelectSingleNode("root/SuperUser").InnerText;
if (username.Equals(SuperUser))
{
string SuperUserPassword = config.SelectSingleNode("root/SuperUserPassword").InnerText;
if (SuperUserPassword.Equals(password))
{
model.Id = -1;
model.UserName = SuperUser;
model.Password = SuperUserPassword;
model.OpratePwd = SuperUserPassword;
model.IsSuperUser = true;
config.SelectSingleNode("root/LastLoginTime").InnerText = config.SelectSingleNode("root/CurrentLoginTime").InnerText;
config.SelectSingleNode("root/CurrentLoginTime").InnerText = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
config.Save(path);
loginSuccess = true;
}
else
{
return(new JavaScriptResult()
{
Script = "show_message('用户名或密码错误!')"
});
}
}
else
{
var user = _repositoryFactory.ISystemUser.Single(m => m.UserName == username && m.Password == password && m.Status == (int)EnumHepler.UserStatus.Available);
if (user != null)
{
model.Id = user.Id;
model.UserName = username;
model.Password = password;
model.OpratePwd = SecurityHelper.MD5(user.OpratePwd);
model.IsSuperUser = false;
model.RoleString = user.RoleList;
user.LastLoginTime = user.CurrentLoginTime;
user.CurrentLoginTime = DateTime.Now;
_repositoryFactory.ISystemUser.Modify(user, "LastLoginTime", "CurrentLoginTime");
loginSuccess = true;
}
else
{
return(new JavaScriptResult()
{
Script = "show_message('用户名或密码错误!')"
});
}
}
if (loginSuccess)
{
//写登录日志
string loginLog = $"登录账号:{model.UserName},登录IP:{CommonTools.GetIpAddress()}";
_repositoryFactory.ISysLog.Add(new Entity.SysLog()
{
CreateTime = DateTime.Now, Type = (int)EnumHepler.LogType.Login, Remark = loginLog
});
await _repositoryFactory.SaveChanges();
//序列化admin对象
string accountJson = JsonConvert.SerializeObject(model);
//创建用户票据
var ticket = new FormsAuthenticationTicket(1, model.UserName, DateTime.Now, DateTime.Now.AddDays(1), false, accountJson);
//加密
string encryptAccount = FormsAuthentication.Encrypt(ticket);
//创建cookie
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptAccount)
{
HttpOnly = true,
Secure = FormsAuthentication.RequireSSL,
Domain = FormsAuthentication.CookieDomain,
Path = FormsAuthentication.FormsCookiePath
};
cookie.Expires = DateTime.Now.AddDays(1);
//写入Cookie
Response.Cookies.Remove(cookie.Name);
Response.Cookies.Add(cookie);
return(new JavaScriptResult()
{
Script = "login_status=true;location.href='" + Url.Action("Index", "Console") + "'"
});
}
else
{
return(new JavaScriptResult()
{
Script = "show_message('登录失败!')"
});
}
}
public ActionResult LoginFormAD(string userNum, string pwd, string returnUrl)
{
//判断员工编号是否为系统用户、判断用户是否删除
var userInfo = db.UserInfo.Where(w => w.UserNum == userNum & w.UserState == 0).FirstOrDefault();
if (userInfo == null)
{
ModelState.AddModelError("", "您还不是此系统用户,如有疑问请联系管理员,电话5615713!");
return(View());
}
//将用户的全部信息存入session,便于在其他页面调用
System.Web.HttpContext.Current.Session["user"] = userInfo;
//通过考勤数据库验证员工编号、考勤密码
var result = "yes";
//result = CheckAD(userNum, pwd);//系统测试时,注释。正式运行时,取消注释。
if (result == "yes")
{
#region 加载、设置用户权限
var userRoles = from u in db.UserRole
join r in db.RoleAuthority on u.RoleID equals r.RoleID
join a in db.AuthorityInfo on r.AuthorityID equals a.AuthorityID
where u.UserID == userInfo.UserID
select a.AuthorityName;
var roles = userRoles.Distinct().ToArray();
var userAuthorityString = "";
foreach (var item in roles)
{
userAuthorityString += item + ",";
}
userAuthorityString = userAuthorityString.Substring(0, userAuthorityString.Length - 1);
//写入用户角色
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1,
userNum,
DateTime.Now,
DateTime.Now.AddMinutes(2),
false,
userAuthorityString);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
System.Web.HttpContext.Current.Response.Cookies.Add(authCookie);
#endregion
#region 设置用户姓名的cookie
var cUserName = System.Web.HttpContext.Current.Server.UrlEncode(userInfo.UserName);
System.Web.HttpCookie userNameCookie = new System.Web.HttpCookie("cUserName", cUserName);
System.Web.HttpContext.Current.Response.Cookies.Add(userNameCookie);
#endregion
return(Redirect(returnUrl ?? Url.Action("Index", "Home")));
}
else
{
ModelState.AddModelError("", "用户名或密码错误!");
return(View());
}
}
private Guid SetId(FormsAuthenticationTicket ticket)
{
string[] data = ticket.UserData.Split('|');
return(new Guid(data[4]));
}
protected void btnLogin_Click(object sender, EventArgs e)
{
// Response.Redirect("Index.aspx");
var hash = FormsAuthentication.HashPasswordForStoringInConfigFile(txtPass.Value + "~!@", "MD5");
DataSet ds = TaxiDAL.UsersClass.GetList(null, txtUserName.Value, hash, null, null, null, null, null, null, null, null, null);
if (ds.Tables[0].Rows.Count != 0)
{
//
// DError.Visible = true;
DataRow dr = ds.Tables[0].Rows[0];
Session["UserID"] = dr["userID"].ToString();
Session["FullNameUser"] = dr["FullNameUser"].ToString();
Session["Region"] = dr["Region"].ToString();
String userid = dr["UserID"].ToString();
Session["semat"] = dr["semat"].ToString();
string role;
if (dr["semat"].ToString() == "7" || dr["semat"].ToString() == "3")
{
Session["role"] = "admin";
role = "admin";
}
else if (dr["semat"].ToString() == "8" || dr["semat"].ToString() == "9" || dr["semat"].ToString() == "10" ||
dr["semat"].ToString() == "14" || dr["semat"].ToString() == "15" ||
dr["semat"].ToString() == "17" || dr["semat"].ToString() == "18")
{
Session["role"] = "cityzenrol";
role = "cityzenrol";
Session["roleid"] = "1";
}
else if (dr["semat"].ToString() == "2" || dr["semat"].ToString() == "6" || dr["semat"].ToString() == "1" ||
dr["semat"].ToString() == "13" || dr["semat"].ToString() == "4" ||
dr["semat"].ToString() == "16" || dr["semat"].ToString() == "19"
)
{
Session["sematID"] = dr["semat"].ToString();
Session["role"] = "bazras";
role = "bazras";
}
else
{
CSharp.Utility.ShowMsg(Page, CSharp.ProPertyData.MsgType.warning, "کاربر گرامی شما برای ورود به سیستم دسترسی ندارید");
return;
}
if (dr["semat"].ToString() == "8")// نقش مدیر فضای سبز
{
Session["roleid"] = "1";
}
else if (dr["semat"].ToString() == "9" || dr["semat"].ToString() == "4") //نقش مسئول فضای سبز
{
Session["roleid"] = "2";
}
else if (dr["semat"].ToString() == "10")// نقش کارشناس فضای سبز
{
Session["roleid"] = "3";
}
Session["roleid"] = "3";
HttpContext.Current.User = new GenericPrincipal(User.Identity, new string[] { role });
FormsAuthentication.Initialize();
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userid, DateTime.Now, DateTime.Now.AddMinutes(540), false, role, FormsAuthentication.FormsCookiePath);
hash = FormsAuthentication.Encrypt(ticket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash);
if (ticket.IsPersistent == true)
{
cookie.Expires = ticket.Expiration;
}
Response.Cookies.Add(cookie);
// Roles.AddUserToRole(userid, role);
// Roles.AddUserToRole(dr["UserName"].ToString(),"admin");
if (role == "admin")
{
Response.Redirect("Dashboard.aspx");
}
else if (
dr["semat"].ToString() == "8" || dr["semat"].ToString() == "9" || dr["semat"].ToString() == "10" ||
dr["semat"].ToString() == "14" || dr["semat"].ToString() == "15" ||
dr["semat"].ToString() == "17" || dr["semat"].ToString() == "18")
{
Response.Redirect("~/CityZen/Dashboard.aspx?Mode=" + Session["roleid"], false);
}
else
{
Response.Redirect("~/Bazras/AllPeyman.aspx");
}
}
else
{
lblUserPassError.Text = "نام کاربری یا کلمه عبور اشتباه میباشد";
//CSharp.Utility.ShowMsg(Page, CSharp.ProPertyData.MsgType.warning, "نام کاربری یا کلمه عبور اشتباه میباشد");
return;
}
}
public async Task <ActionResult> Login(LoginModel model, string returnUrl)
{
try
{
if (!ModelState.IsValid)
{
using (GuptaAgroDbContext db = new GuptaAgroDbContext())
{
ViewBag.Roles = db.tbl_roles.Select(r => r).ToList();
}
return(View(model));
}
using (GuptaAgroDbContext db = new GuptaAgroDbContext())
{
var user = db.tbl_employee.Where(e => (e.userid == model.UserName && e.password == model.Password) || (e.ContactNo == model.UserName && e.password == model.Password)).Select(e => e).FirstOrDefault();
if (user != null)
{
FormsAuthentication.SetAuthCookie(model.UserName, false);
var authTicket = new FormsAuthenticationTicket(1, user.EmployeeName, DateTime.Now, DateTime.Now.AddMinutes(30), false, user.Role);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
HttpContext.Response.Cookies.Add(authCookie);
Session["role"] = user.Role;
Session["ID"] = user.EmployeeID;
Session.Timeout = 30;
if (user.Role == "Admin")
{
return(RedirectToAction("BeneficiaryDetails", "Home"));
}
else if (user.Role == "Field Assitant")
{
return(RedirectToAction("OandMSheet", "Home"));
}
else if (user.Role == "Manager")
{
return(RedirectToAction("ComplaintForm", "Home"));
}
else if (user.Role == "Inventory Admin")
{
return(RedirectToAction("StockDistribution", "Home"));
}
else
{
throw new Exception();
}
}
else
{
ViewBag.Roles = db.tbl_roles.Select(r => r).ToList();
ModelState.AddModelError("", "Invalid login attempt.");
return(View(model));
}
}
}
catch (Exception ex)
{
return(View("Error"));
}
//// This doesn't count login failures towards account lockout
//// To enable password failures to trigger account lockout, change to shouldLockout: true
//var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
//switch (result)
//{
// case SignInStatus.Success:
// return RedirectToLocal(returnUrl);
// case SignInStatus.LockedOut:
// return View("Lockout");
// case SignInStatus.RequiresVerification:
// return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
// case SignInStatus.Failure:
// default:
// ModelState.AddModelError("", "Invalid login attempt.");
// return View(model);
//}
}
protected void btnCommit_Click(object sender, EventArgs e)
{
string userName = tbName.Text.Trim();
string psw = tbPsw.Text.Trim();
//string sVc = tbVc.Text.Trim();
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(psw))
{
WebHelper.MessageBox.Messager(this.Page, btnCommit, "用户名或密码输入不能为空!", "操作错误", "error");
return;
}
//if (string.IsNullOrEmpty(sVc))
//{
// WebHelper.MessageBox.Show(this.Page, btnCommit, "验证码输入不能为空!");
// return;
//}
//if (sVc.ToLower() != Request.Cookies["LoginVc"].Value.ToLower())
//{
// WebHelper.MessageBox.Show(this.Page, btnCommit, "验证码输入不正确,请检查!");
// return;
//}
string userData = string.Empty;
try
{
MembershipUser userInfo = Membership.GetUser(userName);
if (!Membership.ValidateUser(userName, psw))
{
if (userInfo == null)
{
WebHelper.MessageBox.Messager(this.Page, btnCommit, "用户名不存在!", "系统提示");
return;
}
if (userInfo.IsLockedOut)
{
WebHelper.MessageBox.Messager(this.Page, btnCommit, "您的账号已被锁定,请联系管理员先解锁后才能登录!", "系统提示");
return;
}
if (!userInfo.IsApproved)
{
WebHelper.MessageBox.Messager(this.Page, btnCommit, "您的帐户尚未获得批准。您无法登录,直到管理员批准您的帐户!", "系统提示");
return;
}
else
{
WebHelper.MessageBox.Messager(this.Page, btnCommit, "密码不正确,请检查!", "系统提示");
return;
}
}
userData = userInfo.ProviderUserKey.ToString() + "|";
}
catch (Exception ex)
{
WebHelper.MessageBox.Messager(this.Page, btnCommit, ex.Message, "系统提示");
return;
}
//登录成功,则
bool isPersistent = true;
//bool isRemember = true;
bool isAuto = false;
double d = 180;
//if (cbRememberMe.Checked) isAuto = true;
//自动登录 设置时间为1年
if (isAuto)
{
d = 525600;
}
string[] roles = Roles.GetRolesForUser(userName);
foreach (string role in roles)
{
userData += role + ",";
}
userData = userData.Trim(',');
//创建票证
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, userName, DateTime.Now, DateTime.Now.AddMinutes(d),
isPersistent, userData, FormsAuthentication.FormsCookiePath);
//加密票证
string encTicket = FormsAuthentication.Encrypt(ticket);
//创建cookie
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
//FormsAuthentication.RedirectFromLoginPage(userName, isPersistent);//使用此行会清空ticket中的userData ?!!!
Response.Redirect(FormsAuthentication.GetRedirectUrl(userName, isPersistent));
}
public ActionResult PasswordUpdate()
{
HttpCookie authCookie = Request.Cookies["a"]; // 获取cookie
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value); // 解密
var user = SerializeHelper.FromJson <Tab_User>(ticket.UserData);
//var nvc = Request.Form;
//string[] keys = nvc.AllKeys;
//var a = keys.Contains("pwd1");
//var b = keys.Contains("pwd2");
//var c = keys.Contains("pwd3");
var pwd1 = Request.Form["pwd1"]; // 旧密码
var pwd2 = Request.Form["pwd2"]; // 新密码
var pwd3 = Request.Form["pwd3"]; // 确认密码
if (pwd1 == null || pwd1.Length < 6 || pwd1.Length > 20)
{
return(Json(new DWZJson()
{
statusCode = (int)DWZStatusCode.ERROR, message = "旧密码长度必须大于6个字符小于20字符"
}));
}
if (pwd2 == null || pwd2.Length < 6 || pwd2.Length > 20)
{
return(Json(new DWZJson()
{
statusCode = (int)DWZStatusCode.ERROR, message = "新密码长度必须大于6个字符小于20字符"
}));
}
if (pwd3 == null || pwd3.Length < 6 || pwd3.Length > 20)
{
return(Json(new DWZJson()
{
statusCode = (int)DWZStatusCode.ERROR, message = "新密码长度必须大于6个字符小于20字符"
}));
}
if (pwd2 != pwd3)
{
return(Json(new DWZJson()
{
statusCode = (int)DWZStatusCode.ERROR, message = "密码不一致"
}));
}
if (pwd1 == pwd2)
{
return(Json(new DWZJson()
{
statusCode = (int)DWZStatusCode.ERROR, message = "新旧密码不能相同"
}));
}
var oldpwd = Tools.MD5Encrypt32(pwd1);
var newpwd = Tools.MD5Encrypt32(pwd2);
var i = _us.UpdatePassword(user.F_Id, oldpwd, newpwd);
if (i == 1)
{
var now = DateTime.Now;
user.F_CreateDate = DateTime.Now;
user.F_Password = newpwd;
string UserData = SerializeHelper.ToJson <Tab_User>(user); // 序列化用户实体
ticket = new FormsAuthenticationTicket(1, "user", now, now, true, UserData);
HttpCookie cookie = new HttpCookie("a", FormsAuthentication.Encrypt(ticket).ToLower()); // 加密身份信息,保存至Cookie
cookie.HttpOnly = true;
Response.SetCookie(cookie);
return(Json(new DWZJson()
{
statusCode = (int)DWZStatusCode.OK, message = "操作成功"
}));
}
else
{
return(Json(new DWZJson()
{
statusCode = (int)DWZStatusCode.ERROR, message = "旧密码不正确"
}));
}
}
/// <summary>
/// 系统管理员登陆系统
/// </summary>
/// <param name="adminName"></param>
/// <param name="adminPwd"></param>
/// <returns></returns>
public bool AdminLogin(string adminName, string adminPwd)
{
SOSOshop.BLL.Administrators bll = new SOSOshop.BLL.Administrators();
SOSOshop.Model.Administrators model = bll.GetModelByAdminName(adminName);
//无数据
if (model == null)
{
message = "用户名或密码错误!";
return(false);
}
//密码错误
if (!model.PassWord.ToLower().Equals(adminPwd.ToLower()))
{
message = "用户名或密码错误!";
model = null;
return(false);
}
//帐号被冻结
if (model.State.Equals(1))
{
message = "您输入的账户以被冻结!";
model = null;
return(false);
}
//帐号已经过期
if (model.ManageEndTime < DateTime.Now)
{
message = "你的帐户已经过期!";
model = null;
return(false);
}
//一人一机登陆验证
//ChangeHope.Common.DEncryptHelper.Encrypt(model.Name, 1);
//if (model.Name != "admin")
//{
// object AllowOtherLogin = new SOSOshop.BLL.Db().ExecuteScalar("select top (1) AllowOtherLogin from yxs_CustomerSetting");
// if (AllowOtherLogin != null && AllowOtherLogin.ToString() == "0")
// {
// //查询登陆日志
// object adminid = new SOSOshop.BLL.Db().ExecuteScalar("select top (1) id from yxs_adminloginlog where " +
// "adminname = '" + model.Name + "' " +
// "and convert(char(10),loginintime,120) = '" + DateTime.Now.ToString("yyyy-MM-dd") + "' and loginintime = loginouttime " +
// "and loginip != '" + Request.UserHostAddress + "' " +
// "and operatenote = '登陆成功!' order by loginintime desc");
// if (adminid != null)
// {
// message = "你的帐户已经登陆!";
// model = null;
// return false;
// }
// }
//}
string DstMobile = Convert.ToString(new SOSOshop.BLL.Db().ExecuteScalar("select LoginAuthenticationOfficePhone from yxs_administrators where adminid = " + model.AdminId)).Trim();
if (DstMobile.Trim() != "" && false)
{
//发送短信
ArrayList smsRecord = new ArrayList();
if (Session["smsRecord"] != null)
{
smsRecord = Session["smsRecord"] as ArrayList;
}
bool ok = smsRecord != null && smsRecord.Count > 0 && txtCheckCode.Text.ToUpper() == smsRecord[smsRecord.Count - 1].ToString().ToUpper();
if (!ok)
{
message = "验证码错误!";
model = null;
return(false);
}
}
//初始化权限
SOSOshop.Model.AdminInfo admin = new SOSOshop.Model.AdminInfo();
if (model.Power.Equals(0))
{
admin.AdminPowerType = "all";
}
else
{
//非管理员权限,等待添加相关内容
admin.AdminPowerType = "";
}
admin.AdminId = model.AdminId;
admin.AdminName = model.Name;
admin.AdminRole = model.Role;
SOSOshop.BLL.AdministrorManager.Set(admin);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
admin.AdminName,
DateTime.Now,
DateTime.Now.AddMinutes(1000),
true,
""
);
HttpCookie cookie = new System.Web.HttpCookie(FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket));
cookie.Domain = System.Configuration.ConfigurationManager.AppSettings["Domain"];
cookie.Expires = DateTime.Now.AddHours(10);
System.Web.HttpContext.Current.Response.Cookies.Add(cookie);
admin = null;
message = "登陆成功!";
return(true);
}
public async Task <ActionResult> Index()
{
List <string> upperCarousel = new List <string>();
List <string> lowerCarousel = new List <string>();
var clients = obj.Clients.Where(x => x.Status != 0 && x.Image != null).ToList();
foreach (var details in clients)
{
var clientPackages = obj.ClientPakages.Where(x => x.ClientId.Equals(details.Id)).ToList();
foreach (var details1 in clientPackages)
{
if (details1.Pakage.PakageType == "gold")
{
upperCarousel.Add(details.Image);
}
else if (details1.Pakage.PakageType == "silver")
{
lowerCarousel.Add(details.Image);
}
}
}
ViewBag.upperCarousel = upperCarousel;
ViewBag.lowerCarousel = lowerCarousel;
try
{
ViewBag.ErrorMessage = (string)TempData["ErrorMessage"];
}
catch (Exception ee) { }
try
{
HttpCookie authCookie = Request.Cookies["TraineeHellodjfdshfsdanfkjdsfsfwgbhwvifbwsdjwiufdn"];
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);
string cookiePath = ticket.CookiePath;
DateTime expiration = ticket.Expiration;
bool expired = ticket.Expired;
bool isPersistent = ticket.IsPersistent;
DateTime issueDate = ticket.IssueDate;
string CookieId = ticket.Name;
string userData = ticket.UserData;
int version = ticket.Version;
if (!expired)
{
ViewBag.UserId = CookieId;
}
}
catch (Exception e) { }
var value = obj.AccessTokens.First();
var accessToken = value.AccessToken1;
if (accessToken == "")
{
return(View("Index2"));
}
//curly braces
string s = accessToken;
string url = String.Format("https://graph.facebook.com/me?fields=id,name,groups{{feed.limit(1000){{from,message,story,created_time,attachments{{description,type,url,title,media,target}},likes{{pic}},comments}}}}&access_token={0}", accessToken);
HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest;
request.Method = "GET";
//curly braces
try
{
using (HttpWebResponse response = await request.GetResponseAsync() as HttpWebResponse)
{
StreamReader reader = new StreamReader(response.GetResponseStream());
string result = await reader.ReadToEndAsync();
dynamic jsonObj = System.Web.Helpers.Json.Decode(result);
Models.SocialMedia.SocialMedia.posts posts = new Models.SocialMedia.SocialMedia.posts(jsonObj);
List <string> pictures = new List <string>();
List <string> comments_pictures = new List <string>();
foreach (var post in posts.feed.data)
{
if (post.comments != null)
{
foreach (var id in post.comments.data)
{
comments_pictures.Add(id.from.id);
}
}
}
foreach (var post in posts.feed.data)
{
pictures.Add(post.From.id);
}
foreach (var id in comments_pictures)
{
string url2 = String.Format("https://graph.facebook.com/" + id + "?fields=picture&access_token={0}", accessToken);
HttpWebRequest request2 = WebRequest.Create(url2) as HttpWebRequest;
request2.Method = "GET";
using (HttpWebResponse response2 = await request2.GetResponseAsync() as HttpWebResponse)
{
StreamReader reader2 = new StreamReader(response2.GetResponseStream());
string result2 = await reader2.ReadToEndAsync();
dynamic jsonObj2 = System.Web.Helpers.Json.Decode(result2);
Models.SocialMedia.SocialMedia.Profile from2 = new Models.SocialMedia.SocialMedia.Profile(jsonObj2);
comment_profile.Add(from2.profile);
}
}
foreach (var from in pictures)
{
string url1 = String.Format("https://graph.facebook.com/" + from + "?fields=picture&access_token={0}", accessToken);
HttpWebRequest request1 = WebRequest.Create(url1) as HttpWebRequest;
request1.Method = "GET";
using (HttpWebResponse response1 = await request1.GetResponseAsync() as HttpWebResponse)
{
StreamReader reader1 = new StreamReader(response1.GetResponseStream());
string result1 = await reader1.ReadToEndAsync();
dynamic jsonObj1 = System.Web.Helpers.Json.Decode(result1);
Models.SocialMedia.SocialMedia.Profile from1 = new Models.SocialMedia.SocialMedia.Profile(jsonObj1);
profile.Add(from1.profile);
}
}
Models.SocialMedia.SocialMedia.Pictures pics = new Models.SocialMedia.SocialMedia.Pictures(profile, comment_profile);
return(View(Tuple.Create(pics, posts)));
}
}
catch (Exception exs)
{ return(RedirectToAction("Index2")); }
}
public ActionResult LogOnCallback(string state, string code)
{
var returnUrl = state;
if (string.IsNullOrEmpty(code))
{
return(RedirectToAction("Error", new { returnUrl = returnUrl, error = "Response status is not Authenticated" }));
}
string email = RetrieveUserEmail(code);
if (string.IsNullOrWhiteSpace(email))
{
return(RedirectToAction("Error", new { returnUrl = returnUrl, error = "Response Email is empty" }));
}
if (!email.EndsWith(EmailSuffix))
{
return(RedirectToAction("Error", new { returnUrl = returnUrl, error = "Only emails ended with " + EmailSuffix + " are allowed" }));
}
var username = email.Substring(0, email.Length - EmailSuffix.Length);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
username,
DateTime.Now,
DateTime.Now.AddDays(2),
true,
"",
FormsAuthentication.FormsCookiePath);
string encTicket = FormsAuthentication.Encrypt(ticket);
var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)
{
// setting the Expires property to the same value in the future
// as the forms authentication ticket validity
Expires = ticket.Expiration
};
Response.Cookies.Add(cookie);
var user = RavenSession.Load <User>("Users/" + username);
log.Debug("User {0} found: {1}", username, user != null);
if (user != null)
{
log.Dump(LogLevel.Debug, user, "RavenDB User");
}
if (!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") &&
!returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return(Redirect(returnUrl));
}
else
{
return(RedirectToAction("Index", "Home"));
}
}
public ActionResult SignInTable(UserLogin u)
{
List <string> upperCarousel = new List <string>();
List <string> lowerCarousel = new List <string>();
var clients = obj.Clients.Where(x => x.Status != 0 && x.Image != null).ToList();
foreach (var details in clients)
{
var clientPackages = obj.ClientPakages.Where(x => x.ClientId.Equals(details.Id)).ToList();
foreach (var details1 in clientPackages)
{
if (details1.Pakage.PakageType == "gold")
{
upperCarousel.Add(details.Image);
}
else if (details1.Pakage.PakageType == "silver")
{
lowerCarousel.Add(details.Image);
}
}
}
ViewBag.upperCarousel = upperCarousel;
ViewBag.lowerCarousel = lowerCarousel;
Client obj2 = new Client();
var data2 = obj.Clients.Where(x => x.Status != 0 && x.Image != null).ToList();
ViewBag.details1 = data2;
string SessionValue = "";
UserLogin login = new UserLogin();
try
{
login = obj.UserLogins.First(x => x.UserName.Equals(u.UserName) && x.Password.Equals(u.Password));
}
catch (Exception e) { }
var check = "true";
User temp = new User();
try
{
temp = obj.Users.First(x => x.Id.Equals(login.UserId));
SessionValue = temp.Name;
SessionValue = SessionValue + "$";
SessionValue = SessionValue + temp.Email;
}
catch (Exception e1) { check = "false"; }
if (check == "true")
{
FormsAuthentication.SignOut();
DateTime cookieIssuedDate = DateTime.Now;
var ticket = new FormsAuthenticationTicket(0,
temp.Id.ToString(),
cookieIssuedDate,
cookieIssuedDate.AddMinutes(FormsAuthentication.Timeout.TotalMinutes),
false,
SessionValue,
FormsAuthentication.FormsCookiePath);
string encryptedCookieContent = FormsAuthentication.Encrypt(ticket);
var formsAuthenticationTicketCookie = new HttpCookie("userteripengfkansdHello1234hytusksdbsdfasdjasdidasdijnasd", encryptedCookieContent)
{
Domain = FormsAuthentication.CookieDomain,
Path = FormsAuthentication.FormsCookiePath,
HttpOnly = true,
Secure = FormsAuthentication.RequireSSL
};
System.Web.HttpContext.Current.Response.Cookies.Add(formsAuthenticationTicketCookie);
FormsAuthentication.SetAuthCookie(temp.Name, false);
return(RedirectToAction("Index", "Home"));
}
return(RedirectToAction("Index", "Home"));
}
public ActionResult Login(User obj)
{
if (string.IsNullOrEmpty(obj.UserName) || string.IsNullOrWhiteSpace(obj.Password))
{
Session["Messenger"] = new Notified {
Value = EnumNotifield.Error, Messenger = "Bạn chưa nhập tên đăng nhập hoặc mật khẩu nhập vào không đúng!"
};
return(View("/Areas/Admin/Views/Account/Login.cshtml"));
}
var user = _userRepository.GetAll().FirstOrDefault(u => u.Password == HelperEncryptor.Md5Hash(obj.Password) && u.UserName == obj.UserName);
if (user != null)
{
user.TimeLogin = DateTime.Now;
user.IPLogin = obj.IPLogin;
_userRepository.Edit(user);
if (user.Active == false)
{
Session["Messenger"] = new Notified {
Value = EnumNotifield.Error, Messenger = "Tài khoản này chưa được kích hoạt!"
};
return(View("/Areas/Admin/Views/Account/Login.cshtml"));
}
var serializeModel = new CustomPrincipalSerializeModel
{
ID = user.ID,
Username = user.UserName,
FullName = user.FullName,
Email = user.Email,
GroupUser = user.GroupUserID,
UserType = user.UserType,
isAdmin = user.isAdmin,
};
var serializer = new JavaScriptSerializer();
var userData = serializer.Serialize(serializeModel);
var authTicket = new FormsAuthenticationTicket(
1,
obj.UserName,
DateTime.Now,
DateTime.Now.AddHours(1),
false,
userData);
var encTicket = FormsAuthentication.Encrypt(authTicket);
var faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
faCookie.Name = "ADMIN_COOKIES";
Response.Cookies.Add(faCookie);
}
else
{
Session["Messenger"] = new Notified {
Value = EnumNotifield.Error, Messenger = "Bạn chưa nhập tên đăng nhập hoặc mật khẩu nhập vào không đúng!"
};
return(View("/Areas/Admin/Views/Account/Login.cshtml"));
}
var preUrl = (Uri)Session["returnUrl"];
if (preUrl != null)
{
Session["returnUrl"] = null;
return(Redirect(preUrl.ToString()));
}
return(RedirectToAction("Index", "Home", new { area = "Admin" }));
}
public ActionResult Login([Bind(Include = "SchoolId")] TblSchool tblSchool, FormCollection form)
{
//Uri currentUrl = Request.UrlReferrer;
//if (currentUrl == null)
//{
// return HttpNotFound();
//}
//Create(); //Only Called when we need to create the first PCMS User
try
{
string username = Hash(form["EmailAddress"]);
string password = form["PasswordHash"];
var user = db.TblSystemAdmins.Where(t => t.Username == username);
if (user.Any())
{
if (user.FirstOrDefault().PasswordHash == Hash(password))
{
SetGlobals(user.FirstOrDefault().UserId, user.FirstOrDefault().EmailAddress);
try
{
string userData = "";
int? schoolId = tblSchool.SchoolId;
if (schoolId == null)
{
schoolId = 0;
}
userData = EmailG + ";" + schoolId + ";" + 0 + ";" + UserIdG + ";";
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, EmailG, DateTime.Now,
DateTime.Now.AddDays(2),
true,
userData,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
HttpCookie userCookie = new HttpCookie("UserInformation", encTicket);
userCookie.Expires = DateTime.Now.AddDays(2);
Response.Cookies.Add(userCookie);
//return RedirectToAction("NavigationHomeIndex", "PCMSNavigation");
return(RedirectToAction("SelectSchool"));
}
catch (Exception e)
{
string error = e.Message;
}
//return RedirectToAction("NavigationHomeIndex", "PCMSNavigation");
return(RedirectToAction("SelectSchool"));
}
}
}
catch (Exception e)
{
string error = e.Message;
}
return(RedirectToAction("Login"));
}
public ActionResult Login(string userName, string password, string verifyCode, string isRemember)
{
ResultView <string> result;
try
{
userName = userName ?? Request.Form["userName"];
password = password ?? Request.Form["password"];
verifyCode = verifyCode ?? Request.Form["verifyCode"];
isRemember = isRemember ?? Request.Form["isRemember"];
if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(password))
{
result = (new ResultView <string> {
Flag = false, Message = "用户名或登录密码为空!"
});
return(Json(result));
}
if (string.IsNullOrWhiteSpace(verifyCode))
{
result = (new ResultView <string> {
Flag = false, Message = "请输入验证码!"
});
return(Json(result));
}
string code = (Session[ConstStr_Session.CurrValidateCode] ?? "").ToString();
if (string.IsNullOrWhiteSpace(code))
{
result = (new ResultView <string> {
Flag = false, Message = "验证码超时!"
});
return(Json(result));
}
if (!verifyCode.Equals(code))
{
result = (new ResultView <string> {
Flag = false, Message = "验证码错误,请重新输入!"
});
return(Json(result));
}
password = DesTool.DesEncrypt(password);
using (ClientSiteClientProxy proxy = new ClientSiteClientProxy(ProxyEx(Request)))
{
Result <UserView> loginResult = proxy.Login(userName, password, IsOpenSxLogin);
if (loginResult.Flag == 0)
{
Session[ConstStr_Session.CurrentUserEntity] = loginResult.Data;
//自动登录
if ("true".Equals(isRemember))
{
//保存用户名
HttpCookie cook = new HttpCookie(ConstString.COOKIEADMINNAME);
cook.Value = userName;
cook.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(cook);
//保存密码
cook = new HttpCookie(ConstString.COOKIEADMINPWD);
cook.Value = password;
cook.Expires = DateTime.Now.AddDays(7);
Response.Cookies.Add(cook);
//存储在票据中,使用User.Identity或Request 中的Cookie 解密获取Ticket
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, userName, DateTime.Now,
DateTime.Now.AddMinutes(Session.Timeout - 1), false, userName);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.HttpOnly = true;
Response.Cookies.Add(authCookie);
authTicket = new FormsAuthenticationTicket(1, password, DateTime.Now,
DateTime.Now.AddMinutes(Session.Timeout - 1), false, password);
encryptedTicket = FormsAuthentication.Encrypt(authTicket);
authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
authCookie.HttpOnly = true;
Response.Cookies.Add(authCookie);
}
else//清除cookie
{
var nameCookie = new HttpCookie(ConstString.COOKIEADMINNAME);
var pwdCookie = new HttpCookie(ConstString.COOKIEADMINPWD);
nameCookie.Expires = DateTime.Now.AddDays(-1);
pwdCookie.Expires = DateTime.Now.AddDays(-1);
Response.Cookies.Add(nameCookie);
Response.Cookies.Add(pwdCookie);
}
LoadUserRight(loginResult.Data.RoleType.ToString(), loginResult.Data.UserId);
result = (new ResultView <string> {
Flag = true, Message = "登录成功,正在跳转...", Data = "/Home/SignIndex"
});
}
else
{
result = (new ResultView <string> {
Flag = false, Message = loginResult.Exception.Decription
});
}
}
}
catch (Exception e)
{
//验证不通过,给出错误提示
return(Json(new ResultView <string> {
Flag = false, Message = "登录异常!" + e.Message
}));
}
return(Json(result));
}
private FormsAuthenticationTicket GetAuthenticationTicket(string token)
{
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(token);
return(ticket);
}
public ActionResult Authenticate(UsersLog user)
{
string result = "";
db.Database.CommandTimeout = 0;
try
{
string pass = EncodePasswordMd5(user.Password);
M_Users check = (from c in db.M_Users
where c.UserName == user.UserName &&
c.Password == pass &&
c.IsDeleted == false
select c).FirstOrDefault();
check.CostCode = (from c in db.M_Employee_CostCenter where c.EmployNo == user.UserName orderby c.ID descending select c.CostCenter_AMS).FirstOrDefault();
string CostCodenow = check.CostCode;
check.Section = (from c in db.M_Cost_Center_List where c.Cost_Center == CostCodenow select c.GroupSection).FirstOrDefault();
if (check != null)
{
bool rememberme = false;
if (user.Rememberme)
{
rememberme = true;
}
string emailtemplatepath = Server.MapPath(@"~/Content/EmailForm/OTEmail.html");
System.Web.HttpContext.Current.Session["emailpath"] = emailtemplatepath;
System.Web.HttpContext.Current.Session["UserName"] = check.FirstName + ' ' + check.LastName;
System.Web.HttpContext.Current.Session["user"] = check;
FormsAuthentication.SetAuthCookie(user.UserName, true);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1,
user.UserName,
DateTime.Now,
DateTime.Now.AddMinutes(FormsAuthentication.Timeout.TotalMinutes),
rememberme,
user.ToString());
RefreshPageAccess(check.UserName, check.Section);
List <CostCenterM> newCostCode = (from c in db.M_Cost_Center_List where c.GroupSection == "" || c.GroupSection == null
select new CostCenterM {
CostCodenew = c.Cost_Center,
CostCodenewname = c.Section
}).ToList();
System.Web.HttpContext.Current.Session["newCostCode"] = newCostCode;
}
result = (check == null) ? "Failed" : "Success";
if (result == "Failed")
{
//Error_Logs error = new Error_Logs();
//error.PageModule = "Login";
//error.ErrorLog = "Incorrect Username or Password";
//error.DateLog = db.TT_GETTIME().FirstOrDefault();//DateTime.Now;;
//error.Username = user.UserName;
//db.Error_Logs.Add(error);
//db.SaveChanges();
}
string urlmail = (Session["urlmail"] != null) ? Session["urlmail"].ToString() : "/";
return(Json(new { result = result, urlmail = urlmail }, JsonRequestBehavior.AllowGet));
}
catch (Exception err)
{
Error_Logs error = new Error_Logs();
error.PageModule = "Login";
error.ErrorLog = err.Message;
error.DateLog = db.TT_GETTIME().FirstOrDefault();//DateTime.Now;;
error.Username = user.UserName;
db.Error_Logs.Add(error);
db.SaveChanges();
return(Json(new { result = result, urlmail = "" }, JsonRequestBehavior.AllowGet));
}
}
public ActionResult Login(UserLoginModel userLoginModel)
{
SetPageSeo("用户登录");
if (!ModelState.IsValid)
{
return(View());
}
List <string> msgList = new List <string>();
string verifyCode = Session["ValidateCode"] as string;
if (userLoginModel.VerifyCode != verifyCode)
{
msgList.Add("验证码输入错误");
}
userLoginModel = new UserLoginModel()
{
VerifyCode = Sanitizer.GetSafeHtmlFragment(userLoginModel.VerifyCode),
UserName = Sanitizer.GetSafeHtmlFragment(userLoginModel.UserName),
Password = userLoginModel.Password
};
var userinfo = userBusinessLogic.GetUserInfo(userLoginModel.UserName, Md5.GetMd5(userLoginModel.Password));
if (userinfo != null)
{
UserInfo user = new UserInfo(userinfo.ID, userinfo.UserName, userinfo.IsAdmin);
var userJson = JsonConvert.SerializeObject(user);
var ticket = new FormsAuthenticationTicket(1, userinfo.UserName, DateTime.Now, DateTime.Now.AddDays(1), true, userJson);
//FormsAuthentication.SetAuthCookie(userLoginModel.UserName, true);
string cookieString = FormsAuthentication.Encrypt(ticket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, cookieString);
authCookie.Expires = ticket.Expiration;
authCookie.Path = FormsAuthentication.FormsCookiePath;
Response.Cookies.Add(authCookie);
bool isAuth = Request.IsAuthenticated;
// add log
if (user.IsAdmin > 0)
{
T_UserLog log = new T_UserLog()
{
AddDate = DateTime.Now,
Content = string.Format("{0}于{1}登录系统", user.UserName, DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")),
UserID = user.UserID,
UserName = user.UserName
};
userBusinessLogic.AddUserLog(log);
}
return(RedirectToAction("Profile", "User", null));
}
else
{
msgList.Add("用户名或密码错误");
ViewBag.MsgList = msgList;
return(View());
}
}
private string SetEmail(FormsAuthenticationTicket ticket)
{
string[] data = ticket.UserData.Split('|');
return(data[0]);
}
private string[] SetRoles(FormsAuthenticationTicket ticket)
{
string[] data = ticket.UserData.Split('|');
string[] roles = data[1].Split(new char[] { ',' }, StringSplitOptions.RemoveEmptyEntries);
return(roles);
}
private string SetName(FormsAuthenticationTicket ticket)
{
return(ticket.Name);
}
void RedirectFromLoginPage(string username, string role, bool persistent)
{
//Create ticket for authenticate
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,//Version
username,
DateTime.Now,
DateTime.Now.AddMinutes(60), //set expire time
persistent,
role);
//Add authentication information to cookie (Session may be better to use...)
HttpCookie cookie = new HttpCookie(
FormsAuthentication.FormsCookieName,
FormsAuthentication.Encrypt(ticket));
if (persistent)
{
cookie.Expires = DateTime.Now.AddYears(50); //set 50year if persistent is true
}
Response.Cookies.Add(cookie);
Response.Redirect("~/accountCreated.aspx");
//Redirect to the page where user intended to access
//Response.Redirect(FormsAuthentication.GetRedirectUrl(username, persistent));
}
