protected void Session_End(object sender, EventArgs e)
{
try
{
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
SessionTracker sessionTracker = (SessionTracker)Session[SessionKeys.Tracker];
FormsAuthentication.SignOut();
if ((sessionTracker == null))
{
return;
}
else
{
SessionLog sLog = new SessionLog();
sLog.SessionLogEnd(sessionTracker);
}
}
catch
{
}
if (HttpContext.Current != null)
{
if (null != HttpContext.Current.Session)
{
HttpContext.Current.Session.Abandon();
}
}
}
// adapted from https://stackoverflow.com/a/4420114/6121074
/// <summary>
/// prevent http session fixation attack by generating a new http session ID upon login
/// </summary>
/// <remarks>
/// https://www.owasp.org/index.php/Session_Fixation
/// </remarks>
/// <returns>new session ID</returns>
public static string RegenerateSessionId()
{
// create a new session id
var manager = new SessionIDManager();
var oldId = manager.GetSessionID(HttpContext.Current);
var newId = manager.CreateSessionID(HttpContext.Current);
manager.SaveSessionID(HttpContext.Current, newId, out bool redirected, out bool cookieAdded);
// retrieve the current session
var application = HttpContext.Current.ApplicationInstance;
var session = (SessionStateModule)application.Modules.Get("Session");
var fields = session.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
// parse the session fields
SessionStateStoreProviderBase store = null;
FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
SessionStateStoreData rqItem = null;
foreach (var field in fields)
{
switch (field.Name)
{
case "_store":
store = (SessionStateStoreProviderBase)field.GetValue(session);
break;
case "_rqId":
rqIdField = field;
break;
case "_rqLockId":
rqLockIdField = field;
break;
case "_rqSessionStateNotFound":
rqStateNotFoundField = field;
break;
case "_rqItem":
rqItem = (SessionStateStoreData)field.GetValue(session);
break;
}
}
// remove the session from the store
var lockId = rqLockIdField.GetValue(session);
if (lockId != null && oldId != null)
{
store.RemoveItem(HttpContext.Current, oldId, lockId, rqItem);
}
// assign the new id to the session
// the session will be added back to the store, with the new id, on the next http request
rqStateNotFoundField.SetValue(session, true);
rqIdField.SetValue(session, newId);
return(newId);
}
protected void LoginStatus1_LoggedOut(object sender, EventArgs e)
{
SetUserRoles(string.Empty);
SageFrameConfig sageConfig = new SageFrameConfig();
//create new sessionID
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
Session.Remove("Auth_Token");
//Catch activity log
if (!IsParent)
{
Response.Redirect(GetParentURL + "/portal/" + GetPortalSEOName + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + Extension);
}
else
{
Response.Redirect(GetParentURL + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + Extension);
}
}
/// <summary>
/// set the ID of the current http session
/// </summary>
/// <param name="id">session ID</param>
/// <returns></returns>
public static void SetSessionId(string id)
{
var manager = new SessionIDManager();
bool redirected, cookieAdded;
manager.SaveSessionID(HttpContext.Current, id, out redirected, out cookieAdded);
}
protected void Session_Start()
{
if (done == false)
{
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(Context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(Context, newID, out redirected, out isAdded);
done = true;
}
string sessionId = Session.SessionID;
if (Context.Session != null)
{
if (Context.Session.IsNewSession)
{
if (HttpContext.Current.Session.Count == 0)
{
HttpContext.Current.Response.Redirect("~/Account/Login/");
//KneaderPrototype.Error.toFile("Session_Start hapened", this.GetType().Name.ToString());
}
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
Response.Cookies["indico-usrnm"].Value = string.Empty;
Response.Cookies["indico-usrnm"].Expires = DateTime.Now.AddDays(-15);
Response.Cookies["indico-pswrd"].Value = string.Empty;
Response.Cookies["indico-pswrd"].Expires = DateTime.Now.AddDays(-15);
try
{
if (HttpContext.Current.Session["in_sid"] != null)
{
UserBO objUser = this.LoggedUser;
Session["UserMenuItemRoleView" + this.LoggedUser.ID] = null;
IndicoPage.EndSession(ref objUser);
}
Session.Abandon();
}
catch { }
SessionIDManager manager = new SessionIDManager();
var isRedirected = false; var isAdded = false;
manager.SaveSessionID(this.Context, manager.CreateSessionID(Context), out isRedirected, out isAdded);
Response.Redirect("/Login.aspx");
}
protected void btnLogin_Click(object sender, EventArgs e)
{
LoginUser login = new LoginUser();
login.userName = txtUserName.Text;
login.Password = txtPassword.Text;
ServiceLayer services = new ServiceLayer();
if (services.CheckIsUserValid(login))
{
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(Context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(Context, newID, out redirected, out isAdded);
if (isAdded)
{
Session["IsValidUser"] = newID;
Response.Redirect("DashBoard.aspx");
}
}
else
{
Response.Redirect("Login.aspx");
}
}
protected void LoggOutUser()
{
try
{
SetUserRoles(string.Empty);
SageFrameConfig sageConfig = new SageFrameConfig();
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
if (!IsParent)
{
HttpContext.Current.Response.Redirect(GetParentURL + "/portal/" + GetPortalSEOName + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + SageFrameSettingKeys.PageExtension);
}
else
{
HttpContext.Current.Response.Redirect(GetParentURL + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + SageFrameSettingKeys.PageExtension);
}
}
catch (Exception ex)
{
throw ex;
}
}
public void UnifiySession(HttpContext context)
{
SessionIDManager manager = new SessionIDManager();
string sessionId = context.Request.Cookies["CurrentUserInfo"]["Session_ID"];
bool isRedirected; // Get true if cookieless=true and you redirected to the current page.
bool isNewSession; // Get true if a new "ASP.NET_SessionId" cookie will be created.
manager.SaveSessionID(context, sessionId, out isRedirected, out isNewSession);
}
/// <inheritdoc cref="Owasp.Esapi.Interfaces.IHttpUtilities.ChangeSessionIdentifier()" />
public void ChangeSessionIdentifier()
{
SessionIDManager manager = new SessionIDManager();
string newSessionId = manager.CreateSessionID(HttpContext.Current);
bool redirected = false;
bool IsAdded = false;
manager.SaveSessionID(HttpContext.Current, newSessionId, out redirected, out IsAdded);
}
private string RegenrateSessionId()
{
var manager = new SessionIDManager();
HttpContext context = System.Web.HttpContext.Current;
string oldId = manager.GetSessionID(context);
string newId = manager.CreateSessionID(context);
bool isAdd = false, isRedir = false;
manager.SaveSessionID(context, newId, out isRedir, out isAdd);
var ctx = (HttpApplication)System.Web.HttpContext.Current.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
var ssm = (SessionStateModule)mods.Get("Session");
FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
foreach (FieldInfo field in fields)
{
if (field.Name.Equals("_store"))
{
store = (SessionStateStoreProviderBase)field.GetValue(ssm);
}
if (field.Name.Equals("_rqId"))
{
rqIdField = field;
}
if (field.Name.Equals("_rqLockId"))
{
rqLockIdField = field;
}
if (field.Name.Equals("_rqSessionStateNotFound"))
{
rqStateNotFoundField = field;
}
}
if (rqLockIdField != null)
{
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null))
{
if (store != null)
{
store.ReleaseItemExclusive(context, oldId, lockId);
}
}
}
if (rqStateNotFoundField != null)
{
rqStateNotFoundField.SetValue(ssm, true);
}
if (rqIdField != null)
{
rqIdField.SetValue(ssm, newId);
}
return(newId);
}
public void ChangeSessionId()
{
SessionIDManager sessionIdManager = new SessionIDManager();
string sessionId = sessionIdManager.CreateSessionID(HttpContext.Current);
bool redirected = false;
bool cookieAdded = false;
sessionIdManager.SaveSessionID(HttpContext.Current, sessionId, out redirected, out cookieAdded);
}
public static void SetSessionId(HttpContext httpContext, string newSessionId)
{
var manager = new SessionIDManager();
bool redirected;
bool cookieAdded;
manager.SaveSessionID(httpContext, newSessionId, out redirected, out cookieAdded);
}
/// <summary>
/// 保存当前请求的会话状态
/// </summary>
protected void SaveSessionState()
{
if (Context.Session != null && Context.Session.IsNewSession && !Context.Session.IsCookieless)
{
Context.Response.Cookies.Remove("ASP.NET_SessionId");
bool redirected, cookieAdded; SessionIDManager sidMgr = new SessionIDManager();
sidMgr.SaveSessionID(HttpContext.Current, Context.Session.SessionID, out redirected, out cookieAdded);
}
}
protected void Page_Load(object sender, EventArgs e)
{
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(Context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(Context, newID, out redirected, out isAdded);
}
void CreateNewSessionId()
{
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
bool redirected = false;
bool IsAdded = false;
Manager.SaveSessionID(Context, NewID, out redirected, out IsAdded);
}
public ActionResult GetSession()
{
SessionIDManager manager = new SessionIDManager();
string sessionId = manager.CreateSessionID(System.Web.HttpContext.Current);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(System.Web.HttpContext.Current, sessionId, out redirected, out isAdded);
return(Json(sessionId));
}
protected void ReGenerateSessionId()
{
SessionIDManager manager = new SessionIDManager();
string oldId = manager.GetSessionID(System.Web.HttpContext.Current);
string newId = manager.CreateSessionID(System.Web.HttpContext.Current);
bool isAdd = false, isRedir = false;
manager.RemoveSessionID(System.Web.HttpContext.Current);
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedir, out isAdd);
//Store data from old session
HttpApplication ctx = System.Web.HttpContext.Current.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
SessionStateModule ssm = (SessionStateModule)mods.Get("Session");
FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
SessionStateStoreData rqItem = null;
foreach (FieldInfo field in fields)
{
if (field.Name.Equals("_store"))
{
store = (SessionStateStoreProviderBase)field.GetValue(ssm);
}
if (field.Name.Equals("_rqId"))
{
rqIdField = field;
}
if (field.Name.Equals("_rqLockId"))
{
rqLockIdField = field;
}
if (field.Name.Equals("_rqSessionStateNotFound"))
{
rqStateNotFoundField = field;
}
if ((field.Name.Equals("_rqItem")))
{
rqItem = (SessionStateStoreData)field.GetValue(ssm);
}
}
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null))
{
store.RemoveItem(System.Web.HttpContext.Current, oldId, lockId, rqItem);
}
rqStateNotFoundField.SetValue(ssm, true);
rqIdField.SetValue(ssm, newId);
}
protected void Page_Load(object sender, EventArgs e)
{
if (Session["Username"] == null && Session.IsNewSession == false)
{
Response.Redirect("Logout.aspx", false);
return;
}
if (globle.UserValue != null && Session.IsNewSession == true)
{
Session["Username"] = globle.UserValue;
Session["Role"] = globle.Role;
Session["Location"] = "";
Session["PF_Index"] = globle.PF_Index;
Session["LoggedIn"] = "Yes";
}
else if (globle.UserValue == null)
{
Response.Redirect("Logout.aspx", false);
return;
}
if (!IsPostBack)
{
if (Session["Role"].ToString() == "admin")
{
AdminOptions.Visible = true;
lblUserLocation.Text = "Admin";
}
else
{
lblUserLocation.Text = Session["Location"].ToString() + "-" + Session["Role"].ToString();
AdminOptions.Visible = false;
}
if (globle.CallLogRequired == "false")
{
TicketReportID.Style.Add("Display", "None");
}
GetKioskHealth();
GetLastTxn(11);
if (Session.IsNewSession == false && Session["LoggedIn"] == null)
{
bool redirected = false;
bool isAdded = false;
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
Manager.SaveSessionID(Context, NewID, out redirected, out isAdded);
Request.Cookies.Add(new HttpCookie("ASP.NET_SessionId", NewID));
}
}
}
public ActionResult Login(int?id)
{
//Session.Abandon();
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var oldId = manager.GetSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
System.Web.HttpContext.Current.Session["sessionid"] = newId;
HttpApplication ctx = (HttpApplication)System.Web.HttpContext.Current.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
System.Web.SessionState.SessionStateModule ssm = (SessionStateModule)mods.Get("Session");
System.Reflection.FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
System.Reflection.FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
foreach (System.Reflection.FieldInfo field in fields)
{
if (field.Name.Equals("_store"))
{
store = (SessionStateStoreProviderBase)field.GetValue(ssm);
}
if (field.Name.Equals("_rqId"))
{
rqIdField = field;
}
if (field.Name.Equals("_rqLockId"))
{
rqLockIdField = field;
}
if (field.Name.Equals("_rqSessionStateNotFound"))
{
rqStateNotFoundField = field;
}
}
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null))
{
store.ReleaseItemExclusive(System.Web.HttpContext.Current, oldId, lockId);
}
rqStateNotFoundField.SetValue(ssm, true);
rqIdField.SetValue(ssm, newId);
ViewBag.CompanyID = id;
ViewBag.Message = id.HasValue ? "" : "缺少公司标识";
ViewBag.ThirdLoginUrl = string.Format("{0}?client_id={1}&redirect_uri={2}&state={3}&response_type=code", authorizeUrl, clinetId, redirectUri, state);
return(View());
}
void CreateNewSessionId()
{
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
bool redirected = false;
bool IsAdded = false;
Manager.SaveSessionID(Context, NewID, out redirected, out IsAdded);
}
protected string CreateSession(HttpContext Context)
{
SessionIDManager Manager = new SessionIDManager();
string NewID = Manager.CreateSessionID(Context);
string OldID = Context.Session.SessionID;
bool redirected = false;
bool IsAdded = false;
Manager.SaveSessionID(Context, NewID, out redirected, out IsAdded);
return(NewID);
}
public string createSession()
{
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(HttpContext.Current);
bool redirected = false, isAdded = false;
manager.SaveSessionID(HttpContext.Current, newID, out redirected, out isAdded);
if (isAdded)
{
this.sessionID = newID;
this.sessionExpiration = (Int32)(DateTime.UtcNow.AddMinutes(10).Subtract(new DateTime(1970, 1, 1))).TotalSeconds;
}
return(Crypto.HashPassword(this.sessionID));
}
public static void Logout()
{
UserSession.CurrentUser = null;
var manager = new SessionIDManager();
bool redirected;
bool isAdded;
var id = manager.CreateSessionID(UserSession.CurrentContext);
manager.RemoveSessionID(UserSession.CurrentContext);
manager.SaveSessionID(UserSession.CurrentContext, id, out redirected, out isAdded);
}
public static void RenewSessionID()
{
HttpContext context = HttpContext.Current;
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(context, newID, out redirected, out isAdded);
if (null != HttpContext.Current.Request.Cookies["ASP.NET_SessionId"])
{
HttpContext.Current.Response.Cookies["ASP.NET_SessionId"].Value = newID;
}
}
public static void NewSession()
{
BaseSession.ClearSession();
// Create new SessionId ---------------------------------------------------------
SessionIDManager Manager = new SessionIDManager();
System.Web.HttpContext ctx = System.Web.HttpContext.Current;
string NewID = Manager.CreateSessionID(ctx);
string OldID = ctx.Session.SessionID;
bool redirected = false;
bool IsAdded = false;
Manager.SaveSessionID(ctx, NewID, out redirected, out IsAdded);
// -----------------------------------------------------------------------------
}
public void Destroy()
{
if (_httpSession != null)
{
GXLogging.Debug(log, "Destroy sessionId: " + _httpSession.SessionID);
_httpSession.RemoveAll();
_httpSession.Abandon();
#if !NETCORE
SessionIDManager manager = new SessionIDManager();
string newId = manager.CreateSessionID(HttpContext.Current);
bool isRedirected = false;
bool isAdded = false;
manager.SaveSessionID(HttpContext.Current, newId, out isRedirected, out isAdded);
#endif
}
}
public static void RegenrateSessionId()
{
Authorization.AuthoCookie.RegenerateAuthoCookie();
SessionIDManager manager = new SessionIDManager();
string oldId = manager.GetSessionID(HttpContext.Current);
string newId = manager.CreateSessionID(HttpContext.Current);
bool isAdd = false, isRedir = false;
manager.SaveSessionID(HttpContext.Current, newId, out isRedir, out isAdd);
HttpApplication ctx = (HttpApplication)HttpContext.Current.ApplicationInstance;
HttpModuleCollection mods = ctx.Modules;
System.Web.SessionState.SessionStateModule ssm = (SessionStateModule)mods.Get("Session");
System.Reflection.FieldInfo[] fields = ssm.GetType().GetFields(BindingFlags.NonPublic | BindingFlags.Instance);
SessionStateStoreProviderBase store = null;
System.Reflection.FieldInfo rqIdField = null, rqLockIdField = null, rqStateNotFoundField = null;
foreach (System.Reflection.FieldInfo field in fields)
{
if (field.Name.Equals("_store"))
{
store = (SessionStateStoreProviderBase)field.GetValue(ssm);
}
if (field.Name.Equals("_rqId"))
{
rqIdField = field;
}
if (field.Name.Equals("_rqLockId"))
{
rqLockIdField = field;
}
if (field.Name.Equals("_rqSessionStateNotFound"))
{
rqStateNotFoundField = field;
}
}
object lockId = rqLockIdField.GetValue(ssm);
if ((lockId != null) && (oldId != null))
{
store.ReleaseItemExclusive(HttpContext.Current, oldId, lockId);
}
rqStateNotFoundField.SetValue(ssm, true);
rqIdField.SetValue(ssm, newId);
}
protected void RegisterBtn_Click(object sender, EventArgs e)
{
//create random session id
SessionIDManager manager = new SessionIDManager();
string newID = manager.CreateSessionID(Context);
bool redirected = false;
bool isAdded = false;
manager.SaveSessionID(Context, newID, out redirected, out isAdded);
string currSessionID = manager.GetSessionID(Context);
string guid = Guid.NewGuid().ToString();
Session["AuthToken"] = guid;
Response.Cookies.Add(new HttpCookie("AuthToken", guid));
// Response.Cookies.Add(new HttpCookie("currSessionID", currSessionID));
Response.Redirect("Registration.aspx");
}
public ActionResult Login(string username, string password, string language, string capchar)
{
username = username.Trim();
password = password.Trim();
var captchar = Session["Captcha"].ToString();
//if (string.IsNullOrWhiteSpace(captchar) || captchar.ToLower().Trim() != capchar.ToLower().Trim())
//{
// var rs = new
// {
// Status = "00",
// Message = Resource.Captcharinvalid_Lang
// };
// return Json(new { result = rs }, JsonRequestBehavior.AllowGet);
//}
System.Web.HttpContext.Current.Session.Abandon();
System.Web.HttpContext.Current.Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
var manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
bool isRedirected;
bool isAdded;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
GetCapcharImg();
var login = new UserModel
{
Password = password,
UserName = username.Trim(),
TypeLogin = 1
};
Cache.Add(username + newId, login, DateTime.Now.AddMinutes(1));
return(RedirectToAction("Authenticate", "Login", new { username }));
}
public static bool Logout()
{
if (GetUserName() == null)
{
return(true);
}
if (HttpContext.Current == null || HttpContext.Current.Session == null)
{
return(true);
}
HttpContext.Current.Session.Abandon();
HttpContext.Current.Response.Cookies.Add(new HttpCookie("ASP.NET_SessionId", ""));
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(HttpContext.Current);
var newId = manager.CreateSessionID(HttpContext.Current);
bool isRedirected;
bool isAdded;
manager.SaveSessionID(HttpContext.Current, newId, out isRedirected, out isAdded);
return(true);
}
protected void lnkloginStatus_Click(object sender, EventArgs e)
{
try
{
SageFrameConfig SageConfig = new SageFrameConfig();
SageFrameSettingKeys.PageExtension = SageConfig.GetSettingsByKey(SageFrameSettingKeys.SettingPageExtension);
bool EnableSessionTracker = bool.Parse(SageConfig.GetSettingsByKey(SageFrameSettingKeys.EnableSessionTracker));
SessionTracker sessionTrackerNew = new SessionTracker();
if (EnableSessionTracker)
{
string sessionID = HttpContext.Current.Session.SessionID;
SageFrame.Web.SessionLog sLogNew = new SageFrame.Web.SessionLog();
sLogNew.SessionLogStart(sessionTrackerNew, sessionID);
}
string ReturnUrl = string.Empty;
string RedUrl = string.Empty;
SageFrameConfig sfConfig = new SageFrameConfig();
if (lnkloginStatus.CommandName == "LOGIN")
{
if (Request.QueryString["ReturnUrl"] == null)
{
ReturnUrl = Request.RawUrl.ToString();
if (!(ReturnUrl.ToLower().Contains(SageFrameSettingKeys.PageExtension)))
{
//ReturnUrl = ReturnUrl.Remove(strURL.LastIndexOf('/'));
if (ReturnUrl.EndsWith("/"))
{
ReturnUrl += sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage).Replace(" ", "-") + SageFrameSettingKeys.PageExtension;
}
else
{
ReturnUrl += '/' + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage).Replace(" ", "-") + SageFrameSettingKeys.PageExtension;
}
}
}
else
{
ReturnUrl = Request.QueryString["ReturnUrl"].ToString();
}
if (!IsParent)
{
RedUrl = GetParentURL + "/portal/" + GetPortalSEOName + "/" + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalLoginpage) + SageFrameSettingKeys.PageExtension;
}
else
{
RedUrl = GetParentURL + "/" + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalLoginpage) + SageFrameSettingKeys.PageExtension;
}
}
else
{
if (EnableSessionTracker)
{
SageFrame.Web.SessionLog sLog = new SageFrame.Web.SessionLog();
sLog.SessionLogEnd(GetPortalID);
}
SecurityPolicy objSecurity = new SecurityPolicy();
HttpCookie authenticateCookie = new HttpCookie(objSecurity.FormsCookieName(GetPortalID));
authenticateCookie.Expires = DateTime.Now.AddYears(-1);
string randomCookieValue = GenerateRandomCookieValue();
HttpContext.Current.Session[SessionKeys.RandomCookieValue] = randomCookieValue;
Response.Cookies.Add(authenticateCookie);
lnkloginStatus.Text = "Login";
SetUserRoles(string.Empty);
//create new sessionID
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
if (!IsParent)
{
RedUrl = GetParentURL + "/portal/" + GetPortalSEOName + "/" + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage).Replace(" ", "-") + SageFrameSettingKeys.PageExtension;
}
else
{
RedUrl = GetParentURL + "/" + sfConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage).Replace(" ", "-") + SageFrameSettingKeys.PageExtension;
}
}
CheckOutHelper cHelper = new CheckOutHelper();
cHelper.ClearSessions();
FormsAuthentication.SignOut();
Response.Redirect(RedUrl, false);
}
catch (Exception ex)
{
ProcessException(ex);
}
}
protected void LoginStatus1_LoggedOut(object sender, EventArgs e)
{
SetUserRoles(string.Empty);
SageFrameConfig sageConfig = new SageFrameConfig();
//create new sessionID
SessionIDManager manager = new SessionIDManager();
manager.RemoveSessionID(System.Web.HttpContext.Current);
var newId = manager.CreateSessionID(System.Web.HttpContext.Current);
var isRedirected = true;
var isAdded = true;
manager.SaveSessionID(System.Web.HttpContext.Current, newId, out isRedirected, out isAdded);
Session.Remove("Auth_Token");
//Catch activity log
if (!IsParent)
{
Response.Redirect(GetParentURL + "/portal/" + GetPortalSEOName + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + Extension);
}
else
{
Response.Redirect(GetParentURL + "/" + sageConfig.GetSettingsByKey(SageFrameSettingKeys.PortalDefaultPage) + Extension);
}
}