Esempio n. 1
0
 public ActionResult Index(LoginUserModel model)
 {
     try
     {
         if (ModelState.IsValid)
         {
             if (_accountBl.CheckCredentials(model.Username, model.Password))
             {
                 logger.Info("Valid credentials, logging in.");
                 var sessionModel = _accountBl.CreateSessionModel(model);
                 HttpContext.User = new UserPrincipal(sessionModel);
                 // TODO: cookie?
                 FormsAuthentication.SetAuthCookie(sessionModel.Username, model.RememberMe);
                 var authTicket = new FormsAuthenticationTicket(
                     1,
                     sessionModel.Username,
                     DateTime.Now,
                     DateTime.Now.AddMinutes(60),
                     model.RememberMe,
                     sessionModel.Role
                     );
                 string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
                 var    authCookie      = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
                 HttpContext.Response.Cookies.Add(authCookie);
                 if (TempData["ReturnUrl"] != null)
                 {
                     return(Redirect(TempData["ReturnUrl"] as string));
                 }
                 return(RedirectToAction("Index", "Auctions"));
             }
             logger.Info("Invalid credentials for user " + model.Username);
             ViewBag.ErrorMessage = "Invalid credentials.";
             return(View("Login"));
         }
         logger.Info("Invalid model state.");
         return(View("Login"));
     }
     catch (Exception e)
     {
         logger.Error("Exception occured, redirecting to login." + e.Message);
         return(View("Login"));
     }
 }
Esempio n. 2
0
        protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
        {
            var authCookie = HttpContext.Current.Request.Cookies[FormsAuthentication.FormsCookieName];

            if (authCookie != null)
            {
                FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
                if (authTicket != null && !authTicket.Expired)
                {
                    var sessionModel = _accountBl.CreateSessionModel(new LoginUserModel
                    {
                        Username = authTicket.Name,
                        Password = ""
                    });
                    HttpContext.Current.User = new UserPrincipal(sessionModel);
                }
            }
        }