// Code for check user login,session public ServiceResponse CheckLogin(LoginModel login, bool isRegenerateSession) { ServiceResponse response = new ServiceResponse { IsSuccess = false }; String hostName = (Dns.GetHostEntry(HttpContext.Current.Request.ServerVariables["remote_addr"]).HostName); try { if (login != null) { // String hostName = Environment.MachineName;// Dns.GetHostName(); List<SearchValueData> searchListValueData = new List<SearchValueData>(); searchListValueData.Add(new SearchValueData { Name = "Email", Value = login.Email, IsEqual = true }); //searchListValueData.Add(new SearchValueData { Name = "HostName", Value = login.Email, IsEqual = true }); User user = GetEntity<User>(searchListValueData); if (user != null && (Common.PasswordsMatch(login.Password, user.PasswordSalt, user.Password) || isRegenerateSession) && hostName.ToLower() == user.HostName.ToLower()) { DateTime startDate = new DateTime(2050, 12, 1); if (startDate.AddDays(Constants.BlockedUserAfterDay).Date <= DateTime.Now.Date) { response.Message = Common.MessageWithTitle(Resource.LicenceExpiredTitle, Resource.LicenceExpiredMessage); return response; } if (!user.IsActive) response.Message = Common.MessageWithTitle(Resource.LoginFailed, Resource.InactiveAccount); else { SessionValueData sessionValueData = new SessionValueData(); sessionValueData.UserID = user.UserID; sessionValueData.Name = string.Format("{0} {1}", user.FirstName, user.LastName); sessionValueData.FirstName = user.FirstName; sessionValueData.Roles = GetEntityList<LU_Role>(); sessionValueData.SelectedRole = sessionValueData.Roles.Single(c => c.RoleID == user.RoleID); response.Data = sessionValueData; response.IsSuccess = true; response.Message = Common.MessageWithTitle(Resource.LoginSuccess, Resource.LoginSuccessMessage); } } else { response.Message = Common.MessageWithTitle(string.Format("{0} for {1}",Resource.LoginFailed,hostName), Resource.UsernamePasswordIncorrect); } } else response.Message = Common.MessageWithTitle(string.Format("{0} for {1}", Resource.LoginFailed, hostName), Resource.ExceptionMessage); } catch (Exception) { response.IsSuccess = false; response.Message = Common.MessageWithTitle(string.Format("{0} for {1}", Resource.LoginFailed, hostName), Resource.ExceptionMessage); } return response; }
public ActionResult Index() { if (SessionHelper.UserID == 0) { //Constants. LoginModel login = new LoginModel(); return View(login); } return RedirectToAction("index", "home"); }
public JsonResult Login(LoginModel login) { _securityDataProvider = new SecurityDataProvider(); ServiceResponse response = _securityDataProvider.CheckLogin(login, false); if (response.IsSuccess) { if (login.IsRemember) { FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(1, login.Email, DateTime.Now, DateTime.Now.AddMinutes( ConfigSettings .RememberMeDuration), true, login.Email, FormsAuthentication.FormsCookiePath); // Encrypt the ticket. string encTicket = FormsAuthentication.Encrypt(ticket); // Create the cookie. HttpCookie httpCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket) { Expires = ticket.Expiration }; Response.Cookies.Add(httpCookie); } else { FormsAuthentication.SetAuthCookie(login.Email, false); } SessionValueData sessionValue = (SessionValueData)response.Data; SessionHelper.UserID = sessionValue.UserID; SessionHelper.Name = sessionValue.Name; SessionHelper.FirstName = sessionValue.FirstName; SessionHelper.Roles = sessionValue.Roles; SessionHelper.SelectedRole = sessionValue.SelectedRole; } return Json(response); }
//public string Module { get; set; } public override void OnAuthorization(AuthorizationContext filterContext) { var isAjaxRequest = filterContext.HttpContext.Request.IsAjaxRequest(); if (CheckAllowedActions()) return; var strPermissions = string.IsNullOrEmpty(Permissions) ? new string[] { } : Permissions.Split(','); if (SessionHelper.UserID > 0) { bool isAuthoized = strPermissions.Any(strPermission => SessionHelper.SelectedRole.RoleName.Contains(strPermission)); if (!isAuthoized) isAuthoized = strPermissions.Contains(Constants.AnonymousLoginPermission); if (!isAuthoized && !isAjaxRequest) filterContext.Result = new RedirectResult(_accessDeniedUrl); else if (!isAuthoized) RedirectToAction(filterContext, _accessDeniedUrl); } else { if (filterContext.HttpContext.Request.CurrentExecutionFilePath != Constants.LoginUrl) { bool removeFormsAuthenticationTicket = true; bool isTimeOut = false; if (filterContext.HttpContext.Request.IsAuthenticated) { HttpCookie decryptedCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName]; FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(decryptedCookie.Value); if (ticket != null) { var identity = new GenericIdentity(ticket.Name); if (identity.IsAuthenticated) { SecurityDataProvider securityDataProvider = new SecurityDataProvider(); LoginModel loginModel = new LoginModel { Email = ticket.Name }; ServiceResponse response = new ServiceResponse(); response = securityDataProvider.CheckLogin(loginModel, true); if (response.IsSuccess) { SessionValueData sessionValue = (SessionValueData)response.Data; SessionHelper.UserID = sessionValue.UserID; SessionHelper.Name = sessionValue.Name; SessionHelper.FirstName = sessionValue.FirstName; SessionHelper.Roles = sessionValue.Roles; SessionHelper.SelectedRole = sessionValue.SelectedRole; removeFormsAuthenticationTicket = false; } else isTimeOut = true; } else isTimeOut = true; } else isTimeOut = true; } string szCookieHeader = HttpContext.Current.Request.Headers["Cookie"]; if (isTimeOut || (SessionHelper.UserID == 0 && HttpContext.Current.Session.IsNewSession) && (null != szCookieHeader) && (szCookieHeader.IndexOf("ASP.NET_SessionId") > 0)) SessionHelper.IsTimeOutHappened = true; if (removeFormsAuthenticationTicket) { FormsAuthentication.SignOut(); string returnUrl = "?returnUrl=" + (isAjaxRequest ? (filterContext.HttpContext.Request.UrlReferrer != null ? filterContext.HttpContext.Request.UrlReferrer.LocalPath : "") : filterContext.HttpContext.Request.CurrentExecutionFilePath + (filterContext.HttpContext.Request.QueryString.HasKeys() ? "?" + filterContext.HttpContext.Request.QueryString : "")); string[] param = Regex.Split(filterContext.HttpContext.Request.CurrentExecutionFilePath, filterContext.ActionDescriptor.ActionName); string additionParam = param.Length > 1 ? param[1] : ""; if (filterContext.HttpContext.Request.RequestType.ToLower() == "post") additionParam = ""; RedirectToAction(filterContext, string.Format("{0}?returnUrl={1}{2}", _loginUrl, NgReturnUrl, additionParam)); } } } }