protected void FormsAuthentication_OnAuthenticate(Object sender, FormsAuthenticationEventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if (Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//let us take out the username now
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
string roles = string.Empty;
MainModel entities = new MainModel();
User user = entities.Users.SingleOrDefault(u => u.Name == username);
roles = entities.Roles.SingleOrDefault(u => u.Id == user.IdRole).Name;
//let us extract the roles from our own custom cookie
//Let us set the Pricipal with our user specific details
e.User = new System.Security.Principal.GenericPrincipal(
new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
}
catch (Exception)
{
//somehting went wrong
}
}
}
}
public ActionResult Login(User model, string returnUrl)
{
// Lets first check if the Model is valid or not
if (ModelState.IsValid)
{
MainModel entities = new MainModel();
string username = model.Name;
string password = model.Password;
// Now if our password was enctypted or hashed we would have done the
// same operation on the user entered password here, But for now
// since the password is in plain text lets just authenticate directly
bool userValid = entities.Users.Any(user => user.Name == username && user.Password == password);
// User found in the database
if (userValid)
{
FormsAuthentication.SetAuthCookie(username, false);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
public AccountRepository(MainModel context)
{
_context = context;
_queryAll = (from acc in _context.Accounts
join ac in _context.AccountConfigs on acc.Id equals ac.IdAccount
join b in _context.Banks on acc.IdBank equals b.Id
select new AccountViewModel()
{
Id = acc.Id,
AccountType = acc.AccountType,
Name = acc.Name,
Number = acc.Number,
Balance = acc.Balance,
Status = acc.Status,
NotifyThreshold = ac.NotifyThreshold,
AutoActionThreshold = ac.AutoActionThreshold,
StartEffectiveDate = ac.StartEffectiveDate,
EndEffectiveDate = ac.EndEffectiveDate,
NumberOfRetries = ac.NumberOfRetries,
MonitorPeriod = ac.MonitorPeriod,
BankName = b.Name
});
}