//private bool AuthenticateUser(string username, string password)
//{
// // ConfigurationManager class is in System.Configuration namespace
// string CS = ConfigurationManager.ConnectionStrings["DBCS"].ConnectionString;
// // SqlConnection is in System.Data.SqlClient namespace
// using (SqlConnection con = new SqlConnection(CS))
// {
// SqlCommand cmd = new SqlCommand("spAuthenticateUser", con);
// cmd.CommandType = CommandType.StoredProcedure;
// // FormsAuthentication is in System.Web.Security
// string EncryptedPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(password, "SHA1");
// // SqlParameter is in System.Data namespace
// SqlParameter paramUsername = new SqlParameter("@UserName", username);
// SqlParameter paramPassword = new SqlParameter("@Password", EncryptedPassword);
// cmd.Parameters.Add(paramUsername);
// cmd.Parameters.Add(paramPassword);
// con.Open();
// int ReturnCode = (int)cmd.ExecuteScalar();
// return ReturnCode == 1;
// }
//}
#endregion Old Implementation
private void AuthenticateUserNew(User user)
{
AuthenticationBusiness bll = new AuthenticationBusiness();
User userInfo = bll.AuthenticateUser(user);
int RetryAttempts = userInfo.RetryAttempts;
if (!userInfo.IsAuthenticated && !userInfo.IsAccountLocked && RetryAttempts == 0)
{
lblMessage.Text = "Not registered user. Please register first.";
}
else if (userInfo.IsAccountLocked)
{
lblMessage.Text = "Account locked. Please contact administrator";
}
else if (RetryAttempts > 0)
{
int AttemptsLeft = (4 - RetryAttempts);
lblMessage.Text = "Invalid user name and/or password. " +
AttemptsLeft.ToString() + "attempt(s) left";
}
else if (userInfo.IsAuthenticated)
{
Session["Username"] = txtUserName.Text;
FormsAuthentication.RedirectFromLoginPage(txtUserName.Text, chkBoxRememberMe.Checked);
}
}