protected void loginButton_Click(object sender, EventArgs e)
{
// Reset error labels
usernameError.Visible = false;
passwordError.Visible = false;
loginError.Visible = false;
// Check fields
string username = usernameField.Text.Trim();
string password = passwordField.Text.Trim();
if (username == "")
{
usernameError.Visible = true;
return;
}
else if (password == "")
{
passwordError.Visible = true;
return;
}
// Encrypt password
EncryptionLibrary.Encryption crypto = new EncryptionLibrary.Encryption();
string passwordEncrypted = crypto.encrypt(password);
// Check credentials in staff XML database
try
{
StaffService.StaffServiceClient staffAuth = new StaffService.StaffServiceClient();
if (!staffAuth.CheckCredential(username, passwordEncrypted))
{
loginError.Visible = true;
return;
}
// Authentication successful, store role information
string role = staffAuth.GetUserType(username);
Session["user_role"] = role;
// Set cookie and redirect
FormsAuthentication.RedirectFromLoginPage(username, false);
}
catch (Exception ex)
{
loginError.Text = "Error authenticating: " + ex.Message;
}
}
protected void addButton_Click(object sender, EventArgs e)
{
string username = usernameField.Text.Trim();
string password = passwordField.Text.Trim();
// Check fields
if (username == "")
{
usernameStatus.Text = "Please enter a user name";
return;
}
else if (password == "")
{
fullUserStatus.Text = "Please enter a password";
return;
}
// Attempt to add user
try
{
StaffService.StaffServiceClient staff = new StaffService.StaffServiceClient();
// Encrypt password
EncryptionLibrary.Encryption crypto = new EncryptionLibrary.Encryption();
string passwordEncrypted = crypto.encrypt(password);
// Add user
if (staff.StoreCredential(username, passwordEncrypted, roleDropDown.SelectedItem.Value))
fullUserStatus.Text = "User " + username + " added";
else
fullUserStatus.Text = "User " + username + " already exists";
staff.Close();
}
catch (Exception ex)
{
fullUserStatus.Text = "Error adding user";
}
}