protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
JavaScriptSerializer serializer = new JavaScriptSerializer();
LoggedInUserSerializeModel serializeModel = serializer.Deserialize <LoggedInUserSerializeModel>(authTicket.UserData);
LoggedInUser user1 = new LoggedInUser(authTicket.Name);
user1.profilePicture = serializeModel.profilePicture;
HttpContext.Current.User = user1;
}
}
public ActionResult Edit(userEdit user2)
{
using (DbBaza dc = new DbBaza())
{
string username = User.Identity.GetUserName();
var wholeUser = dc.userInfo.FirstOrDefault(x => x.Username == username);
//int idUser = (int)TempData["mydata"];
//var wholeUser = dc.userInfo.FirstOrDefault(x => x.UserID == idUser);
// Baca exception na user2.userInfo
//string fileName = Path.GetFileNameWithoutExtension(user2.userInfo.FileName);
//string extension = Path.GetExtension(user2.userInfo.FileName);
//fileName = fileName + DateTime.Now.ToString("yymmssfff") + extension;
//user2.profilePicture = "~/PPDir/" + fileName;
//fileName = Path.Combine(Server.MapPath("~/PPDir/"), fileName);
//user2.userInfo.SaveAs(fileName);
var ajdi = wholeUser.UserID;
if (!String.IsNullOrWhiteSpace(user2.Email))
{
var emailTaken = dc.userInfo.Any(x => x.Email == user2.Email && x.UserID != ajdi);
if (emailTaken)
{
ModelState.AddModelError("Email", "This Email is already taken");
}
}
if (!String.IsNullOrWhiteSpace(user2.Username))
{
var usernameTaken = dc.userInfo.Any(x => x.Username == user2.Username && x.UserID != ajdi);
if (usernameTaken)
{
ModelState.AddModelError("Username", "This Username is already taken");
}
}
if (ModelState.IsValid)
{
var tempUsername = wholeUser.Username;
wholeUser.Email = user2.Email;
wholeUser.Username = user2.Username;
wholeUser.FavTag = user2.FavTag;
dc.Entry(wholeUser).State = System.Data.Entity.EntityState.Modified;
dc.Configuration.ValidateOnSaveEnabled = false;
string usernameuser = wholeUser.Username;
dc.SaveChanges();
if (wholeUser.Username != tempUsername)
{
// Ako se promjeni username onda se stvara novi autorizacijski cookie,nisam kopiral opet sve komentare za svaku
// liniju jer sve pise na login post metodi
LoggedInUser userIn = new LoggedInUser(wholeUser);
LoggedInUserSerializeModel serializeUser = new LoggedInUserSerializeModel();
serializeUser.CopyFromUser(userIn);
JavaScriptSerializer serializer = new JavaScriptSerializer();
string userInformation = serializer.Serialize(serializeUser);
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1, // Verzija
userIn.Identity.Name, // Ime tiketa,korisnicko ime jer smo postavili Identity.Name na username
DateTime.Now, // Vrijeme trajanja ticketa - od
DateTime.Now.AddDays(1), // Vrijeme trajanja ticketa - do - jedan dan traje
false, // isPersistent
userInformation); // Korisnicki podaci koji su serijalizirani
string ticketEncrypted = FormsAuthentication.Encrypt(authTicket);
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted);
Response.Cookies.Add(cookie);
return(RedirectToAction("Registration", "User"));
}
else
{
return(RedirectToAction("Index", "videoList"));
}
}
return(View(user2));
}
}
public ActionResult Login(userLogin login, string returnUrl)
{
using (DbBaza dc = new DbBaza())
{
if (ModelState.IsValid)
{
// u varijablu v spremamo email koji smo unijeli prilikom logina
var v = dc.userInfo.Where(a => a.Email == login.Email).FirstOrDefault();
if (v != null)
{
// Tu imamo znaci usporedbu lozinka,one upisane u login formi i lozinke koja je u bazi podataka od toga usera
// samo kaj se prvo ova unesena lozinka mora isto hashirati jer se inace nemre uspoređivati s ovom u bazi
// također imamo validaciju salta,ova metoda ValidatePassword je definirano u Misc/PasswordHelper
var paswordOk = Misc.PasswordHelper.ValidatePassword(login.password, v.Password, v.Salt);
if (paswordOk)
{
LoggedInUser userIn = new LoggedInUser(v);
// Serijalizacija - pretvorba objekta klase u tekstualni oblik
// omogućava da podatke smjestimo u cookie za autentikaciju
LoggedInUserSerializeModel serializeUser = new LoggedInUserSerializeModel();
serializeUser.CopyFromUser(userIn);
// Serijalizacija pomocu javascript serijalizatora
JavaScriptSerializer serializer = new JavaScriptSerializer();
// Pretvorba serializeUser objekta u string
string userInformation = serializer.Serialize(serializeUser);
// Generiramo autorizacijski tiket i spremamo ga u cookie,aplikacija koristi cookie
// da li je user prijavljen i da daje sve druge podatke useru (username)
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(
1, // Verzija
userIn.Identity.Name, // Ime tiketa,korisnicko ime jer smo postavili Identity.Name na username
DateTime.Now, // Vrijeme trajanja ticketa - od
DateTime.Now.AddDays(1), // Vrijeme trajanja ticketa - do - jedan dan traje
false, // isPersistent
userInformation); // Korisnicki podaci koji su serijalizirani
// Enkripcija kreiranog ticketa
string ticketEncrypted = FormsAuthentication.Encrypt(authTicket);
// Spremanje ticketa u cookie
HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, ticketEncrypted);
// Odgovor servera korisniku - dodaje cookie
Response.Cookies.Add(cookie);
// Tu vadimo sve informacije o useru koji ima taj upisani email prilikom logina
var userDetails = dc.userInfo.Where(x => x.Email == login.Email).FirstOrDefault();
// Mi netrebamo bar za sad nist drugo osim userId,tak da se samo on vadi iz userDetailsa i sprema v varijablu
var userID = userDetails.UserID;
// E sad trebamo spremiti v nekom obliku taj userId da se ne zgubi prilikom premjestanja v drugi kontroler pa sam
// koristil tempData - neka vrsta privremene varijable
TempData["mydata"] = userID;
// Ako postoji returnUrl onda ga vraćamo na taj url
if (!string.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl))
{
return(Redirect(returnUrl));
}
// Ako ne onda na neki drugi view
return(RedirectToAction("Upload", "Upload"));
}
}
}
ModelState.AddModelError("", "Entered username or password is not valid");
return(View(login));
}
}
