public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)
        {
            base.OnAuthorization(actionContext);
            if (actionContext.Request.Headers.Authorization == null)
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
            }
            else
            {
                string   encodedString = actionContext.Request.Headers.Authorization.Parameter;
                string   decodedString = Encoding.UTF8.GetString(Convert.FromBase64String(encodedString));
                string[] arr           = decodedString.Split(new char[] { ':' });
                string   username      = arr[0];
                string   password      = arr[1];

                MDirectorRepository urepo = new MDirectorRepository();

                if (username == urepo.Get(username).MD_name&& password == urepo.Get(username).MD_password)
                {
                    Thread.CurrentPrincipal = new GenericPrincipal(new GenericIdentity(username), null);
                }
                else
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);
                }
            }
        }
コード例 #2
0
        public ActionResult ConfirmChangePassword(string oldpass, string Pass, string cpass)
        {
            MDirectorRepository orepo = new MDirectorRepository();
            LoginRepository     lrepo = new LoginRepository();

            MDirector of = orepo.Get(Convert.ToInt32(Session["Id"]));

            Logininfo log = lrepo.Get(Session["Name"].ToString());

            if (Session["Password"].ToString() == oldpass)
            {
                if (Pass != cpass)
                {
                    ViewData["Message"] = "Password Didn't match";
                }
                else
                {
                    of.MD_password     = Pass;
                    log.Login_Password = Pass;

                    orepo.Update(of);
                    lrepo.Update(log);

                    ViewData["Message"] = "Password Updated Successfully";
                    Session["MD"]       = of;
                    Session["Password"] = Pass;
                }
            }
            else
            {
                ViewData["Message"] = "Wrong Password";
            }

            return(View("Empty"));
        }