public async Task <IActionResult> Login(string Login, string Password) //TODO: user service to do this work
{
var enc = new ServerEncryptor(Password); //md-hash encryptor
var pass = enc.Hash;
var selUser = await db.Users.SingleOrDefaultAsync(u => u.Login == Login);
if (selUser.Password.ToString() == pass.ToString())
{
ViewBag.Login = Login;
enc.GetHash(Login + DateTime.Now.ToString());
var sessionId = enc.Hash;
var sessionIdStr = Encoding.UTF8.GetString(sessionId);
var encCookie = new ServerEncryptor(Login + DateTime.Now.ToString() + "sdsd" + "random string" + "54POdsxc");
var cookie = encCookie.Hash;
var cookieStr = Encoding.UTF8.GetString(cookie);
HttpContext.Session.SetString("sessionId", sessionIdStr); //save session
HttpContext.Session.SetString("userId", Convert.ToString(selUser.Id)); //save user id in session
selUser.CookieAuthToken = cookie; //save cookies on client and server for every auth
HttpContext.Response.Cookies.Append("cookieAuth", cookieStr);
HttpContext.Response.Cookies.Append("userId", Convert.ToString(selUser.Id));
if (selUser.IsFirstAuth)
{
selUser.IsFirstAuth = false;
}
HttpContext.Session.GetString("sessionId");
selUser.SessionId = sessionId;
await db.SaveChangesAsync();
return(View("~/Views/Auth/LoginSuccess.cshtml"));
}
else
{
return(View());
}
}
public IActionResult Register(string Login, string Password, string RPassword)
{
if (Password == RPassword)
{
var user = new User
{
Login = Login
};
var enc = new ServerEncryptor(Password);
user.Password = enc.Hash;
db.Users.Add(user);
db.SaveChanges();
ViewBag.Login = user.Login;
}
else
{
return(View());
}
return(View("~/Views/Auth/RegisterSuccess.cshtml"));
}
public override void OnActionExecuting(ActionExecutingContext context)
{
#region CookieAndSession
var sessionId = HttpContext.Session.GetString("sessionId");
var userId = HttpContext.Session.GetString("userId");
var cookieAuth = HttpContext.Request.Cookies["cookieAuth"];
var userIdC = HttpContext.Request.Cookies["userId"];
string cookieAuthDB = "";
string message;
var selUser = db.Users.SingleOrDefault(u => u.Id == Convert.ToInt32(userId));
if (selUser == null)
{
selUser = db.Users.SingleOrDefault(u => u.Id == Convert.ToInt32(userIdC));
}
try
{
cookieAuthDB = Encoding.UTF8.GetString(selUser.CookieAuthToken);
}
catch
{
message = "cookie not set";
}
if (selUser != null)
{
var sessionIdDB = Encoding.UTF8.GetString(selUser.SessionId);
if (!String.IsNullOrEmpty(sessionId))
{
if (sessionId == sessionIdDB)
{
ViewBag.Login = selUser.Login;
}
}
else
{
if (cookieAuthDB == cookieAuth)
{
ViewBag.Login = selUser.Login;
var enc = new ServerEncryptor(selUser.Login + DateTime.Now.ToString());//md-hash encryptor
var sessionId_b = enc.Hash;
selUser.SessionId = sessionId_b;//set new session
}
}
}
#endregion
#region Cart
var cart = HttpContext.Request.Cookies["order-id"];//TODO: if order is done clear cookie cart
if (!(String.IsNullOrEmpty(cart)))
{
ViewBag.cartNotEmpty = true;
}
else
{
ViewBag.cartNotEmpty = false;
}
#endregion
base.OnActionExecuting(context);
}
