protected void btnEnviarLogin_ServerClick(object sender, EventArgs e)
{
bool isAuthenticated, isLocked;
string vUser = (usuario.Text ?? ""),
vPassword = (password.Text ?? ""),
vOutErrorLock = "",
vOutErrorAuth = "",
DefaultDomain = ConfigurationManager.AppSettings["Domain"];
lblMessageError.Visible = false;
isLocked = ActiveDirectory.IsLocked(vUser, DefaultDomain, out vOutErrorLock);
if (!isLocked)
{
isAuthenticated = ActiveDirectory.Authenticate(vUser, vPassword, DefaultDomain, out vOutErrorAuth);
if (isAuthenticated)
{
string vName = ActiveDirectory.GetName(vUser, DefaultDomain);
lblMessageError.ForeColor = System.Drawing.Color.Green;
lblMessageError.Visible = true;
Session[Constant.KeyUserSession] = vUser + "-" + vName;
Response.Redirect("~/Default.aspx");
}
else
{
if (vOutErrorAuth != "")
{
lblMessageError.Text = "Error en Login: "******"El usuario o la contraseña es incorrecto, intentar de nuevo";
}
lblMessageError.ForeColor = System.Drawing.Color.Red;
lblMessageError.Visible = true;
}
}
else
{
if (string.IsNullOrWhiteSpace(vOutErrorLock))
{
lblMessageError.Text = "Su cuenta de red esta bloqueada";
}
else
{
lblMessageError.Text = vOutErrorLock;
}
lblMessageError.ForeColor = System.Drawing.Color.Red;
lblMessageError.Visible = true;
}
ClientScript.RegisterStartupScript(this.GetType(), "alert", "HideLabel();", true);
}
private bool UserAuthenticate()
{
USER user = USERS.Entities.FirstOrDefault(x => x.NAME == UserName);
if (user == null)
{
ShowError(false, "Username not found");
return(false);
}
else
{
if (user.GUID_ROLE == Guid.Empty)
{
ShowError(false, "No role assigned on user");
return(false);
}
if (UserName != null && UserPassword != null)
{
if (ActiveDirectory.Authenticate(UserName, UserPassword))
{
ShowError(false, null);
ShowError(true, null);
XMLHelpers.UpdateSettingsXML(new XMLSettings()
{
Username = UserName.Trim()
});
return(true);
}
else
{
SetUsernamePasswordError();
XMLHelpers.UpdateSettingsXML(new XMLSettings()
{
Username = string.Empty
});
return(false);
}
}
else
{
return(false);
}
}
}
public IHttpActionResult Authenticate(UserModel user)
{
var isAuthenticated = false;
var authenticationModel = new AuthenticationModel()
{
IsAuthenticated = isAuthenticated
};
UserModel potentialUserModel = new UserModel()
{
UserID = -1, UserName = user.UserName, Password = string.Empty, Roles = new List <Model.Security.RoleModel>()
};
if (Convert.ToInt32(ConfigurationManager.AppSettings["AuthenticationType"]) == (int)AuthenticationType.ADFS)
{
isAuthenticated = ActiveDirectory.Authenticate(user.UserName, user.Password);
}
else if (Convert.ToInt32(ConfigurationManager.AppSettings["AuthenticationType"]) == (int)AuthenticationType.Forms)
{
//We found a user with the provided username and password
var loginResponse = accountRuleEngine.Authenticate(user);
if (loginResponse.DataItems.Count > 0)
{
potentialUserModel = loginResponse.DataItems.FirstOrDefault();
}
isAuthenticated = potentialUserModel.UserID > 0;
if (!isAuthenticated)
{
authenticationModel.Resultcode = loginResponse.ResultCode;
}
}
if (isAuthenticated)
{
authenticationModel.IsAuthenticated = true;
// to retrive issue on and expire on date from database
var tokenIssueExpireOnDate = accountRuleEngine.GetTokenIssueExpireDate();
if (user.UserName.Contains("\\"))
{
user.UserName = user.UserName.Split('\\')[1];
}
var token = new AccessTokenModel()
{
UserId = potentialUserModel.UserID,
UserName = user.UserName,
ClientIP = user.IPAddress,
SessionID = user.SessionID,
GeneratedOn = tokenIssueExpireOnDate.DataItems[0].GeneratedOn,
ExpirationDate = tokenIssueExpireOnDate.DataItems[0].ExpirationDate
};
token.Token = token.Encrypt();
authenticationModel.Token.Token = token.Encrypt();
authenticationModel.Message = "Authenticated";
authenticationModel.User = potentialUserModel;
WebSecurity.SignIn(potentialUserModel, token);
accountRuleEngine.LogAccessToken(token);
if (Convert.ToInt32(ConfigurationManager.AppSettings["AuthenticationType"]) == (int)AuthenticationType.ADFS)
{
accountRuleEngine.SyncUser(user);
}
}
//Update the loginattempts, lastlogin, etc...
accountRuleEngine.SetLoginData(potentialUserModel);
return(new HttpResult <AuthenticationModel>(authenticationModel, Request));
}
public ActionResult Login(LoginModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// Attempt to log in via Active Directory.
ActiveDirectoryUser adUser;
if (!ActiveDirectory.Authenticate("DIS", model.UserName, model.Password, out adUser))
{
ModelState.AddModelError("", Resources_Account.Error_Account_Login_AuthorizationFailed);
return(View(model));
}
// Make sure the user is created in the DB.
User createdOrExistingUser;
try
{
createdOrExistingUser = UserApplicationService.Get(adUser.UserSID);
if (createdOrExistingUser == null)
{
createdOrExistingUser = UserApplicationService.Create(adUser.UserSID,
adUser.DisplayName,
string.Format("{0}@dis-play.dk", model.UserName.ToLower()),
false);
}
UserApplicationService.SetLastLoginDate(createdOrExistingUser.SID, DateTime.UtcNow);
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
return(View(model));
}
// Handling authorization
HttpCookie authCookie = FormsAuthentication.GetAuthCookie(createdOrExistingUser.DisplayName, true);
FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value);
if (ticket == null)
{
return(View(model));
}
FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(ticket.Version,
ticket.Name,
ticket.IssueDate,
ticket.Expiration,
ticket.IsPersistent,
string.Empty);
authCookie.Value = FormsAuthentication.Encrypt(newTicket);
Response.Cookies.Add(authCookie);
// Handling ReturnURL
string decodedUrl = string.Empty;
if (!string.IsNullOrEmpty(returnUrl))
{
decodedUrl = Server.UrlDecode(returnUrl);
}
if (Url.IsLocalUrl(decodedUrl))
{
return(Redirect(decodedUrl));
}
return(RedirectToAction("Index", "Home"));
}
