protected void TryToLog(object sender, EventArgs e)
{
try
{
if (Membership.ValidateUser(UserName.Text, UserPass.Text))
{
Session.Add("username", UserName.Text);
Session.Add("userid",
Membership.GetUser(UserName.Text).ProviderUserKey.ToString());
//jesli zaznaczona opcja 'Pamiętaj login'
if (RememberMe.Checked)
{
string username = UserName.Text;
//stworzymy token ktory zapiszemy tez do bazy
//jesli user ma ciacho z tokenem, to przekierowujemy go na stronę testową,jednoczesnie kasując
//stary token i generujemy nowy
//tworzymy ciacho
//pobieramy salt z bazy
string salt = Usr.GetSaltFromUser(username);
if (salt != null)
{
HttpCookie cookie = CreateAuthCookie(username, salt);
Response.Cookies.Add(cookie);
}
}
Response.Redirect("~/Default.aspx");
}
else
{
Wrong.Visible = true;
}
}
catch
{
}
}
//sprawdzenie czy ciacho zawiera token
public bool IsValidAuthCookie(HttpCookie cookie)
{
// Split the cookie value by the pipe delimiter.
string[] values = cookie.Value.Split('|');
if (values.Length != 2)
{
return(false);
}
// Retrieve the username and hash from the split values.
string username = values[0];
string tokenSalted = values[1].ToUpper();
// You'll have to provide your GetPasswordForUser function.
string tokenUser = Usr.GetUserToken(username);
string salt = Usr.GetSaltFromUser(username);
// Check the password and salt against the hash.
return(IsMatchingHash(tokenSalted, CreateHash(tokenUser.ToUpper(), salt)));
}