public ActionResult Index(AppLogin login) { if (this.ModelState.IsValid) { DBLoginRepository loginRepository = new DBLoginRepository(this.DatabaseContext); DBEditorRepository editorRepository = new DBEditorRepository(this.DatabaseContext); DBEditor editor = editorRepository.Find(login.Username); if (editor != null && login.Username == editor.Username && PasswordHasher.Hash(login.Password, editor.PasswordSalt) == editor.PasswordHash) { DBLogin dBLogin = new DBLogin() { IDEditor = editor.ID, UserAgent = Request.UserAgent, UserIP = IPObtainer.GetIP(), UTCLogoutTime = DateTime.UtcNow.AddMinutes(10) }; loginRepository.Add(dBLogin, true); this.Session["authorized"] = dBLogin; return(RedirectToAction("Index", "Admin")); } else { return(View()); //neexistuje nebo nesedí přihlašovací údaje } } return(View()); }
internal void ReauthorizeLogin(HttpSessionStateBase httpSession) { DBLoginRepository loginRepository = new DBLoginRepository(this.DatabaseContext); DBLogin login = loginRepository.Find((httpSession["authorized"] as DBLogin).ID); login.UTCLogoutTime = DateTime.UtcNow.AddMinutes(10); loginRepository.Update(login, true); httpSession["authorized"] = login; }
public ActionResult Logout() { if (this.Session["authorized"] != null) { DBLoginRepository loginRepository = new DBLoginRepository(this.DatabaseContext); DBLogin login = loginRepository.Find((this.Session["authorized"] as DBLogin).ID); login.UTCLogoutTime = DateTime.UtcNow; loginRepository.Update(login, true); this.Session["authorized"] = null; } return(View("Index")); }
public ActionResult DeleteLogin(int id) { if (this.Authorizer.IsLogedIn(this.Session, this.Request)) { this.Authorizer.ReauthorizeLogin(this.Session); DBLoginRepository repository = new DBLoginRepository(this.DatabaseContext); DBLogin login = repository.Find(id); if ((this.Session["authorized"] as DBLogin).ID != id) { repository.Remove(login, true); } return(RedirectToAction("Logins")); } return(RedirectToAction("Index", "Login")); }