コード例 #1
0
        public ActionResult Login()
        {
            string controllername = "";

            ViewBag.AlertMessage = "";
            string   actionname       = "";
            string   username         = Request.Form["Email"];
            string   password         = Request.Form["Password"];
            string   domain           = "";
            string   connectionString = ConfigurationManager.ConnectionStrings["NHSConStr"].ConnectionString;
            DBEngine dBEngine         = new DBEngine(connectionString);
            bool     isValidFromAD    = false;

            if (username.IndexOf("\\") > 0)
            {
                username = username.Split("\\".ToCharArray())[1];
                // domain = username.Split("\\".ToCharArray())[0];
            }
            domain = dBEngine.GetDomainName(0);

            AppUsers usermodel = new AppUsers();

            try
            {
                //isValidFromAD = ValidateCredentials(username, password, domain);
                isValidFromAD = true;

                if (isValidFromAD)
                {
                    usermodel  = dBEngine.ValidateUser(username, password);
                    actionname = "Index";
                    if (usermodel.IsFound)
                    {
                        //Session.Abandon();
                        Session.Timeout                = 1440;
                        Session["LoginUserID"]         = usermodel.ID;
                        Session["UserName"]            = username;
                        Session["FirstName"]           = usermodel.FirstName;
                        Session["LastName"]            = usermodel.LastName;
                        Session["StartDate"]           = "";
                        Session["EndDate"]             = "";
                        Session["WardDeath"]           = "";
                        Session["PatientType"]         = "";
                        Session["DischargeConsultant"] = "";
                        Session["Speciality"]          = "";
                        Session["TotalDeaths"]         = 0;
                        Session["QAPCount"]            = 0;
                        Session["MedCount"]            = 0;
                        Session["Role"]                = usermodel.Role;
                        int dbReturn = dBEngine.UpdateLoginDateTime(usermodel.ID);
                        controllername = "Home";
                    }
                    else
                    {
                        Alert alertMessage = new Alert();
                        alertMessage.AlertType   = ALERTTYPE.Error;
                        alertMessage.MessageType = ALERTMESSAGETYPE.TextWithClose;
                        alertMessage.Message     = "You are not authorised to access this app. Please call 8066/6761/5252/8335.";
                        TempData["AlertMessage"] = alertMessage.Message;
                        controllername           = "Account";
                    }
                }
                else
                {
                    Alert alertMessage = new Alert();
                    alertMessage.AlertType   = ALERTTYPE.Error;
                    alertMessage.MessageType = ALERTMESSAGETYPE.TextWithClose;
                    alertMessage.Message     = "Credentials provided do not match with AD.";
                    TempData["AlertMessage"] = alertMessage.Message;
                    controllername           = "Account";
                }
            }
            catch (Exception ex)
            {
                Alert alertMessage = new Alert();
                alertMessage.AlertType   = ALERTTYPE.Error;
                alertMessage.MessageType = ALERTMESSAGETYPE.TextWithClose;
                alertMessage.Message     = "SQL/AD Connection Error. Error Details - " + ex.Message;
                TempData["AlertMessage"] = alertMessage.Message;
                controllername           = "Account";
            }
            return(RedirectToAction(actionname, controllername));// RedirectToAction("Index");
        }