public ActionResult Login(LoginViewModel model) { var actionLogData = ""; try { if (ModelState.IsValid) { // get user info var userLogin = db.Users.Where(u => String.Compare(u.Username, model.UserName, true) == 0).FirstOrDefault(); if (userLogin != null) { // verify user password var loginSuccess = SaltedHash.Verify(userLogin.Salt, userLogin.Password, model.Password); if (loginSuccess) { BizManPrincipalSerialize principal = new BizManPrincipalSerialize(); principal.UserId = userLogin.UserId; principal.FirstName = userLogin.FirstName; principal.LastName = userLogin.LastName; principal.CreationDate = userLogin.CreateDate; principal.Roles = userLogin.Roles.Select(r => r.RoleName).ToArray(); string jsonPrincipal = JsonConvert.SerializeObject(principal); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, userLogin.Username, DateTime.Now, DateTime.Now.AddDays(7), model.RememberMe, jsonPrincipal); string ticketEncrypted = FormsAuthentication.Encrypt(ticket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted); Response.Cookies.Add(faCookie); // Write action log actionLogData = "user:"******", success"; ActionLog.WriteLog(ActionLog.LOGIN, actionLogData, userLogin.Username, Request.ServerVariables["REMOTE_ADDR"]); return(RedirectToAction("Index", "Home")); } } } ModelState.AddModelError("", "Sai tên đăng nhập hoặc mật khẩu!"); } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } // Write action log actionLogData = "user:"******", fail"; ActionLog.WriteLog(ActionLog.LOGIN, actionLogData, model.UserName, Request.ServerVariables["REMOTE_ADDR"]); return(View(model)); }
protected void Application_PostAuthenticateRequest() { HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); BizManPrincipalSerialize model = JsonConvert.DeserializeObject <BizManPrincipalSerialize>(authTicket.UserData); BizManPrinciple userLogin = new BizManPrinciple(authTicket.Name); userLogin.UserId = model.UserId; userLogin.FirstName = model.FirstName; userLogin.LastName = model.LastName; userLogin.CreationDate = model.CreationDate; userLogin.Roles = model.Roles; HttpContext.Current.User = userLogin; } }