public ActionResult SignOn(SignOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
bool allowMultipleSessions = false;
AppSession appSession = Global.GetAppSession(this.HttpContext);
UserEnvironmentStructure ues = new UserEnvironmentStructure();
ues.AppCode = appSession.AppCode;
ues.AppId = appSession.AppId;
ues.AppVersion = appSession.AppVersion;
SignonResultsStructure results = UserSignon.Signon(Global.GetDataAccessMgr(this.HttpContext)
, appSession.SignonControl
, model.UserName
, model.Password
, ues
, allowMultipleSessions);
if (results.ResultEnum == SignonResultsEnum.Success)
{
FormsService.SignIn(model.UserName, model.RememberMe);
Session[SessionManagement.Constants.UserSessionMgr] = results.UserSessionMgr;
if (!string.IsNullOrEmpty(returnUrl))
{
string[] urlParts = returnUrl.Split(new string[] { Constants.UIControlCodeTag }, StringSplitOptions.None);
int controlCode = urlParts.Length > 1 ? Convert.ToInt32(urlParts[1]) : 0;
if (!results.UserSessionMgr.IsAccessAllowed(controlCode) || true)
{
string msg = string.Format("Sorry, you are not authorized to access this page: {0}."
, urlParts[0]);
System.Web.Routing.RouteValueDictionary dictionary = new System.Web.Routing.RouteValueDictionary();
dictionary.Add(Constants.Message, msg);
dictionary.Add(Constants.UrlReferrer, model.GoBackUri);
return(RedirectToAction(Constants.AccessDenied, Constants.Home, dictionary));
}
}
if (Url.IsLocalUrl(returnUrl))
{
return(Redirect(returnUrl));
}
else
{
return(RedirectToAction(Constants.Index, Constants.Home));
}
}
else
{
#warning "Add other case conditions"
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
protected void Session_OnEnd()
{
System.Threading.Interlocked.Decrement(ref _userSessionCount);
if (Session[SessionManagement.Constants.UserSessionMgr] != null)
{
UserSession userSessionMgr = (UserSession)Session[SessionManagement.Constants.UserSessionMgr];
DataAccessMgr daMgr = (DataAccessMgr)Application[DataAccess.Constants.DataAccessMgr];
UserSignon.Signoff(daMgr, userSessionMgr.SessionCode);
Session.Remove(SessionManagement.Constants.UserSessionMgr);
}
}
// **************************************
// URL: /Account/SignOff
// **************************************
public ActionResult SignOff()
{
if (Session[SessionManagement.Constants.UserSessionMgr] != null)
{
UserSession userSessionMgr = (UserSession)Session[SessionManagement.Constants.UserSessionMgr];
DataAccessMgr daMgr = (DataAccessMgr)Global.GetDataAccessMgr(this.HttpContext);
UserSignon.Signoff(daMgr, userSessionMgr.SessionCode);
Session.Remove(SessionManagement.Constants.UserSessionMgr);
}
FormsService.SignOut();
Session.Abandon();
return(RedirectToAction(Constants.Index, Constants.Home));
}
