public ActionResult SignOn(SignOnModel model, string returnUrl) { if (ModelState.IsValid) { bool allowMultipleSessions = false; AppSession appSession = Global.GetAppSession(this.HttpContext); UserEnvironmentStructure ues = new UserEnvironmentStructure(); ues.AppCode = appSession.AppCode; ues.AppId = appSession.AppId; ues.AppVersion = appSession.AppVersion; SignonResultsStructure results = UserSignon.Signon(Global.GetDataAccessMgr(this.HttpContext) , appSession.SignonControl , model.UserName , model.Password , ues , allowMultipleSessions); if (results.ResultEnum == SignonResultsEnum.Success) { FormsService.SignIn(model.UserName, model.RememberMe); Session[SessionManagement.Constants.UserSessionMgr] = results.UserSessionMgr; if (!string.IsNullOrEmpty(returnUrl)) { string[] urlParts = returnUrl.Split(new string[] { Constants.UIControlCodeTag }, StringSplitOptions.None); int controlCode = urlParts.Length > 1 ? Convert.ToInt32(urlParts[1]) : 0; if (!results.UserSessionMgr.IsAccessAllowed(controlCode) || true) { string msg = string.Format("Sorry, you are not authorized to access this page: {0}." , urlParts[0]); System.Web.Routing.RouteValueDictionary dictionary = new System.Web.Routing.RouteValueDictionary(); dictionary.Add(Constants.Message, msg); dictionary.Add(Constants.UrlReferrer, model.GoBackUri); return(RedirectToAction(Constants.AccessDenied, Constants.Home, dictionary)); } } if (Url.IsLocalUrl(returnUrl)) { return(Redirect(returnUrl)); } else { return(RedirectToAction(Constants.Index, Constants.Home)); } } else { #warning "Add other case conditions" ModelState.AddModelError("", "The user name or password provided is incorrect."); } } // If we got this far, something failed, redisplay form return(View(model)); }
protected void Session_OnEnd() { System.Threading.Interlocked.Decrement(ref _userSessionCount); if (Session[SessionManagement.Constants.UserSessionMgr] != null) { UserSession userSessionMgr = (UserSession)Session[SessionManagement.Constants.UserSessionMgr]; DataAccessMgr daMgr = (DataAccessMgr)Application[DataAccess.Constants.DataAccessMgr]; UserSignon.Signoff(daMgr, userSessionMgr.SessionCode); Session.Remove(SessionManagement.Constants.UserSessionMgr); } }
// ************************************** // URL: /Account/SignOff // ************************************** public ActionResult SignOff() { if (Session[SessionManagement.Constants.UserSessionMgr] != null) { UserSession userSessionMgr = (UserSession)Session[SessionManagement.Constants.UserSessionMgr]; DataAccessMgr daMgr = (DataAccessMgr)Global.GetDataAccessMgr(this.HttpContext); UserSignon.Signoff(daMgr, userSessionMgr.SessionCode); Session.Remove(SessionManagement.Constants.UserSessionMgr); } FormsService.SignOut(); Session.Abandon(); return(RedirectToAction(Constants.Index, Constants.Home)); }