protected void btnlogin_Click(object sender, EventArgs e)
{
string username = txtusername.Text;
string password = txtpassword.Text;
IBusinessAuthentication ibau = GenericFactory <BusinessLayer, IBusinessAuthentication> .CreateInstance();
string acceslevel = ibau.isValidUser(username, password);
if (acceslevel != "")
{
string roles = ibau.GetRolesForUser(username);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(30), false, roles);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie
(FormsAuthentication.FormsCookieName, encryptedTicket);
Response.Cookies.Add(authCookie);
//FormsAuthentication.RedirectFromLoginPage(username.ToString(), true);
SessionFacade.USERNAME = username;
SessionFacade.ROLE = roles;
Response.Redirect(FormsAuthentication.GetRedirectUrl(username, true));
}
else
{
lblStatus.Text = "Invalid login for Requested Page";
}
}
public ActionResult Login(LoginModel lm)
{
IBusinessAuthentication iba = GenericFactory <Business, IBusinessAuthentication> .GetInstance();
IBusinessBanking ibank = GenericFactory <Business, IBusinessBanking> .GetInstance();
IBusinessLoan iloan = GenericFactory <Business, IBusinessLoan> .GetInstance();
if (ModelState.IsValid)
{
// check if valid user
bool ret = iba.CheckIfValidUser(lm.Username, lm.Password);
if (ret == true)
{
string roles = iba.GetRolesForUser(lm.Username);
// send the pipedelimited roles as an authentication cookie back to the browser
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, lm.Username, DateTime.Now, DateTime.Now.AddMinutes(15), false, roles);
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
Response.Cookies.Add(ck);
// ----obtaing checking account number and saving account number for user
long checkingAccountNum = ibank.GetCheckingAccountNumForUser(lm.Username);
long savingAccountNumber = ibank.GetSavingAccountNumForUser(lm.Username);
UserInfo ui = new UserInfo();
ui.CheckingAcccountNumber = checkingAccountNum;
ui.SavingAccountNumber = savingAccountNumber;
ui.Username = lm.Username;
//HttpCookie ckuser = new HttpCookie("UserInfo");
//ckuser["USERDATA"] = ui.LosSerialize();
//Response.Cookies.Add(ckuser);
CookieFacade.USERINFO = ui;
CacheAbstraction cabs = new CacheAbstraction();
cabs.Remove("TRHISTORY" + ":" + checkingAccountNum);
//----------------------------------------------------
string redirectURL = FormsAuthentication.GetRedirectUrl(lm.Username, false);
if (redirectURL == "/default.aspx")
{
redirectURL = "~/home/index";
}
//Response.Redirect(redirectURL);
// causes antiforgery token exception
return(Redirect(redirectURL));
}
ViewBag.Message = "Invalid login..";
}
return(View(lm));
}