Example #1
0
        public ActionResult Login(string username, string password)
        {
            bool validLogin = StoredProcs.Authors_ValidateLogin(username, password).Execute().Value;

            if (validLogin)
            {
                var author    = AuthorModel.GetAuthorBySlug(username);
                var principal = new AuthorPrincipal(author);

                var userData    = JsonConvert.SerializeObject(principal.ToSerializableModel());
                var expiresDate = DateTime.Now.AddMinutes(30);
                var authTicket  = new FormsAuthenticationTicket(1, author.Slug, DateTime.Now, expiresDate, false, userData);

                string encTicket = FormsAuthentication.Encrypt(authTicket);
                var    cookie    = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)
                {
                    HttpOnly = true,
                    Expires  = expiresDate,
                    Path     = FormsAuthentication.FormsCookiePath
                };
                this.Response.Cookies.Add(cookie);
                var cookieIsAdmin = new HttpCookie("IS_ADMIN", "1")
                {
                    HttpOnly = false,
                    Expires  = expiresDate,
                    Path     = FormsAuthentication.FormsCookiePath
                };
                this.Response.Cookies.Add(cookieIsAdmin);

                return(new RedirectResult(FormsAuthentication.GetRedirectUrl(author.Slug, false)));
            }

            return(View());
        }
Example #2
0
        public ActionResult Login(string username, string password)
        {
            bool validLogin = DB.Authors_ValidateLogin(username, password).Value;

            if (validLogin)
            {
                var author    = AuthorModel.GetAuthorBySlug(username);
                var principal = new AuthorPrincipal(author);

                var userData    = JsonConvert.SerializeObject(principal.ToSerializableModel());
                var issued      = DateTime.Now;
                var expiresDate = issued.AddMinutes(30);
                var authTicket  = new FormsAuthenticationTicket(1, author.Slug, issued, expiresDate, false, userData);

                string encTicket = FormsAuthentication.Encrypt(authTicket);
                var    cookie    = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket)
                {
                    HttpOnly = true,
                    Expires  = expiresDate,
                    Path     = FormsAuthentication.FormsCookiePath
                };
                this.Response.Cookies.Add(cookie);

                var expiresLong   = issued.AddYears(2);
                var cookieIsAdmin = new HttpCookie("IS_ADMIN", "1")
                {
                    HttpOnly = false,
                    Expires  = expiresLong,
                    Path     = FormsAuthentication.FormsCookiePath
                };
                this.Response.Cookies.Add(cookieIsAdmin);

                var ticket = new FormsAuthenticationTicket(1, author.Name, issued, expiresLong, true, "author:" + author.Slug);
                this.Response.SetCookie(new HttpCookie("tdwtf_token", FormsAuthentication.Encrypt(ticket))
                {
                    HttpOnly = true,
                    Expires  = expiresLong,
                    Path     = FormsAuthentication.FormsCookiePath
                });
                this.Response.SetCookie(new HttpCookie("tdwtf_token_name", author.Name)
                {
                    HttpOnly = false,
                    Expires  = expiresLong,
                    Path     = FormsAuthentication.FormsCookiePath
                });

                return(new RedirectResult(FormsAuthentication.GetRedirectUrl(author.Slug, false)));
            }

            return(View());
        }