protected void btn_signin_Click(object sender, EventArgs e)
{
string strLoginMsg = string.Empty;
string encryptUsername = objcryptoJS.AES_encrypt(txt_email.Text.ToString(), AppConstants.secretKey, AppConstants.initVec).ToString();
string encryptPass = objcryptoJS.AES_encrypt(txt_password.Text.ToString(), AppConstants.secretKey, AppConstants.initVec).ToString();
strLoginMsg = LoginBAL.Login(encryptUsername, encryptPass);
if (strLoginMsg.Contains(".aspx"))
{
string userData = string.Format("{0}", txt_email.Text.ToString());
HttpCookie cookie = AuthenticationTicketHelper.CreateAuthenticationTicket(txt_email.Text.ToString(), true, userData);
if (!Request.Url.Host.Contains("localhost"))
{
cookie.Domain = FormsAuthentication.CookieDomain;
}
cookie.HttpOnly = true;
Response.Cookies.Add(cookie);
SetThreadPrinciple(txt_email.Text);
Response.Redirect(strLoginMsg);
}
else
{
lblNotice.Text = "<div class='alert alert-danger fade in' style='font-size:12px;'><button data-dismiss='alert' class='close' type='button'>×</button>" + strLoginMsg + "</div>";
Response.StatusCode = (int)System.Net.HttpStatusCode.Unauthorized;
Response.StatusDescription = "";
Response.Flush();
Response.SuppressContent = true;
Response.SuppressFormsAuthenticationRedirect = true;
}
}
private bool ValidateUser(LoginDetails loginDetails, HttpResponseBase response)
{
bool result = false;
LoginBAL bal = new LoginBAL();
UserDetails user = bal.Login(loginDetails);
if (user != null)
{
var serializer = new JavaScriptSerializer();
string userData = serializer.Serialize(user);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1,
loginDetails.UserID,
DateTime.Now,
DateTime.Now.AddDays(30),
true,
userData,
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
result = true;
}
return(result);
}
public async Task <Response> Login([FromForm] Account account)
{
var response = await loginBal.Login(account.Username, account.Password);
response.previousState = HttpContext.Session.GetString("PreviousState");
if (response.Status == true)
{
if ((response.Obj as Account).Username.Equals("admin"))
{
var hash = await Task.FromResult <string>(
CryptographyHelper.GenerateHash(account.Username + DateTime.Now.ToString(),
(response.Obj as Account).Salt));
SessionHelper.SetAdminSession(this.HttpContext.Session, hash);
return(response);
}
else
{
var hash = await Task.FromResult <string>(
CryptographyHelper.GenerateHash(account.Username + DateTime.Now.ToString(),
(response.Obj as Account).Salt));
SessionHelper.SetWebsiteSession(this.HttpContext.Session, hash);
SessionHelper.SetUserSession(this.HttpContext.Session, (response.Obj as Account).Id,
(response.Obj as Account).IdNavigation.FullName);
CookieHelper.SetWebsiteCookie(this.Response, hash);
await loginBal.SetCartAfterLogin(this.HttpContext.Session, (response.Obj as Account).Id);
await loginBal.SetCookieForAccount(hash, response.Obj as Account);
ViewBag.Session = HttpContext.Session.GetString("BookStore");
ViewBag.FullName = response.Obj as Account is null
? null
: (response.Obj as Account).IdNavigation.FullName;
return(response);
}
}
return(response);
}
