public override void OnActionExecuting(ActionExecutingContext filterContext)
{
string msg;
filterContext.Controller.ViewBag.UserINFOCode = null;
filterContext.Controller.ViewBag.FirstLogin = null;
if (!filterContext.Controller.ViewData.ModelState.IsValid)
{
filterContext.Controller.ViewData.ModelState.AddModelError("", "Provide login information");
return;
}
var modelList = filterContext.ActionParameters.Where(ap => ap.Key == "model").ToList();
if (modelList.IsNullOrEmpty() || !modelList.Any() || modelList.Count != 1)
{
filterContext.Controller.ViewData.ModelState.AddModelError("", "Invalid Login Information");
return;
}
var model = modelList[0].Value as UserLoginContract;
if (model == null)
{
filterContext.Controller.ViewData.ModelState.AddModelError("", "Invalid Login Information");
return;
}
if (string.IsNullOrEmpty(model.UserName) || string.IsNullOrEmpty(model.Password) || model.Password.Length < 8)
{
model.Password = "";
filterContext.ActionParameters["model"] = model;
filterContext.Controller.ViewData.ModelState.AddModelError("", "Empty / Invalid username or password or password length");
return;
}
//Validate User
UserLoginResponseObj user;
Role userRole;
//string[] userRoles;
try
{
user = PortalUser.LoginUser(model.UserName, model.Password, 2, "");
if (user == null)
{
model.Password = "";
filterContext.ActionParameters["model"] = model;
filterContext.Controller.ViewData.ModelState.AddModelError("", "Login Failed! Please try again later");
return;
}
if (user.UserId < 1)
{
model.Password = "";
filterContext.ActionParameters["model"] = model;
filterContext.Controller.ViewData.ModelState.AddModelError("", string.IsNullOrEmpty(user.Status.Message.FriendlyMessage) ? "Login Failed!" : user.Status.Message.FriendlyMessage);
return;
}
#region Old
//userRoles = PortalRole.GetRolesForUser(model.UserName, out msg);
//if (userRoles == null || userRoles.Length < 1)
//{
// model.Password = "";
// filterContext.ActionParameters["model"] = model;
// filterContext.Controller.ViewData.ModelState.AddModelError("", msg.Length > 0 ? msg : "You have not been assigned to any role!");
// return;
//}
//if (userRoles.Contains("AgentUser"))
//{
// model.Password = "";
// filterContext.ActionParameters["model"] = model;
// filterContext.Controller.ViewData.ModelState.AddModelError("", msg.Length > 0 ? msg : "Access Denied");
// return;
//}
#endregion
userRole = PortalRole.GetRole(user.RoleId, out msg);
if (userRole == null || userRole.RoleId < 1)
{
model.Password = "";
filterContext.ActionParameters["model"] = model;
filterContext.Controller.ViewData.ModelState.AddModelError("", msg.Length > 0 ? msg : "You have not been assigned to any role!");
return;
}
//if (userRoles.Contains("AgentUser"))
//{
// model.Password = "";
// filterContext.ActionParameters["model"] = model;
// filterContext.Controller.ViewData.ModelState.AddModelError("", msg.Length > 0 ? msg : "Access Denied");
// return;
//}
}
catch (Exception ex)
{
model.Password = "";
filterContext.ActionParameters["model"] = model;
filterContext.Controller.ViewData.ModelState.AddModelError("", ex.Message);
return;
}
//Check Multiple Login
//Log user Out of previous login
//Create new login
var code = model.UserName.Trim() + model.Password.Trim();
if (ProfileService.IsMultipleLogin(code, out msg))
{
if (filterContext.HttpContext.Session != null)
{
ProfileService.ResetLogin(code);
ProfileService.ResetUserData(model.UserName.Trim());
filterContext.HttpContext.Session["UserINFO"] = null;
}
new FormsAuthenticationService().SignOut();
}
var userId = user.UserId;
var userData = new UserData
{
UserId = userId,
Username = user.Username,
Email = user.Email,
Role = userRole.Name,
AuthToken = user.AuthToken
};
if (!MvcApplication.SetUserData(userData))
{
model.Password = "";
filterContext.ActionParameters["model"] = model;
filterContext.Controller.ViewData.ModelState.AddModelError("", "Invalid authentication!");
return;
}
//var ticketData = userId + "|" + user.Email + "|" + string.Join(";", userRole.Name);
var ticketData = userId + "|" + user.Email + "|" + userRole.Name;
var encTicket = new FormsAuthenticationService().SignIn(model.UserName, false, ticketData);
if (String.IsNullOrEmpty(encTicket))
{
model.Password = "";
filterContext.ActionParameters["model"] = model;
filterContext.Controller.ViewData.ModelState.AddModelError("", "Invalid authentication!");
return;
}
filterContext.HttpContext.Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
filterContext.Controller.ViewBag.UserINFOCode = code.GetHashCode().ToString(CultureInfo.InvariantCulture);
filterContext.Controller.ViewBag.FirstLogin = user.IsFirstTimeAccess;
filterContext.Controller.ViewBag.LoginDataItem = userData;
base.OnActionExecuting(filterContext);
}
