protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
string actionName = filterContext.ActionDescriptor.ActionName;
HttpCookie cookie = Request.Cookies["Session"];
if (cookie != null)
{
string cookieValue = cookie.Value;
PartnerSessionDTO session = null;
try
{
byte[] sessionId = FormatHelper.FromHexStringToArray(cookieValue);
PartnerSessionBLL sessionBLL = new PartnerSessionBLL(WebApp.Connector);
session = sessionBLL.ReadById(sessionId);
}
catch { }
DateTime?expiresOn = session?.ExpiresOn;
if (session != null && ((expiresOn != null && expiresOn > DateTime.UtcNow) || expiresOn == null) && session.IsActive && session.Partner.HasEmailAddressBeenVerified)
{
if (actionName != "Logout")
{
filterContext.Result = RedirectToAction("Home", "Management");
}
}
else if (actionName == "Logout")
{
filterContext.Result = RedirectToAction("Login");
}
}
TempData.Clear();
}
public ActionResult Login(PartnerCredentialDTO credential)
{
if (ModelState.IsValid)
{
PartnerSessionBLL sessionBLL = new PartnerSessionBLL(WebApp.Connector);
PartnerSessionBLL.LoginResult result = sessionBLL.Login(credential, IPAddress.Parse(Request.UserHostAddress), false, out PartnerSessionDTO session);
switch (result)
{
case PartnerSessionBLL.LoginResult.OK:
Session.Abandon();
Response.Cookies.Add(new HttpCookie("Session", FormatHelper.FromArrayToHexString(session.Id)));
return(RedirectToAction("Home", "Management"));
case PartnerSessionBLL.LoginResult.AccountDoesntExist:
case PartnerSessionBLL.LoginResult.EmailAddressHasNotBeenVerified:
case PartnerSessionBLL.LoginResult.AccountIsLocked:
AddError("Username", result.ToString());
return(View(credential));
case PartnerSessionBLL.LoginResult.PasswordDoesntMatch:
AddError("Password", result.ToString());
return(View(credential));
default: return(BadRequest());
}
}
else
{
return(BadRequestWithErrors(credential));
}
}
protected override void OnActionExecuting(ActionExecutingContext filterContext)
{
base.OnActionExecuting(filterContext);
HttpCookie cookie = Request.Cookies["Session"];
if (cookie != null)
{
string cookieValue = cookie.Value;
if (!string.IsNullOrEmpty(cookieValue))
{
try
{
byte[] sessionId = FormatHelper.FromHexStringToArray(cookieValue);
PartnerSessionBLL sessionBLL = new PartnerSessionBLL(WebApp.Connector);
PartnerSessionDTO session = sessionBLL.ReadById(sessionId);
DateTime utcNow = DateTime.UtcNow;
if (session?.ExpiresOn > utcNow && session.IsActive)
{
if (session.Partner.HasEmailAddressBeenVerified)
{
sessionBLL.UpdateExpiration(sessionId, utcNow.AddMinutes(15));
CurrentSession = session;
}
else
{
ReturnToLogin(filterContext, "EmailAddressHasNotBeenVerified");
}
}
else
{
ReturnToLogin(filterContext, "YourSessionHasExpired");
}
}
catch { ReturnToLogin(filterContext, "YouShouldLogInFirst"); }
}
else
{
ReturnToLogin(filterContext, "YouShouldLogInFirst");
}
}
else
{
ReturnToLogin(filterContext, "YouShouldLogInFirst");
}
}
public ActionResult Logout()
{
try
{
HttpCookie cookie = Request.Cookies["Session"];
if (cookie != null)
{
string cookieValue = cookie.Value;
byte[] sessionId = FormatHelper.FromHexStringToArray(cookieValue);
PartnerSessionBLL sessionBLL = new PartnerSessionBLL(WebApp.Connector);
cookie.Expires = DateTime.UtcNow;
Response.SetCookie(cookie);
return(sessionBLL.Logout(sessionId) == PartnerSessionBLL.LogoutResult.OK ? View() as ActionResult : RedirectToAction("Login"));
}
else
{
return(RedirectToAction("Login"));
}
}
catch { return(RedirectToAction("Login")); }
}