public string Login(string username, string password, out PersonDetails loggedinuser) { string token = string.Empty; try { JolTudomEEntities ent = new JolTudomEEntities(); var loggedin = ent.usp_Authenticate(username, password); loggedinuser = loggedin.First(); SessionManager sm = SessionManager.NewSession(loggedinuser); return sm.Session.Token; } catch (EntityCommandExecutionException) { // send only a general error message throw new Exception("Hibás felhasználónév vagy jelszó!"); } }
public static SessionManager NewSession(PersonDetails loggedinuser) { // generate a token // this could be more secure ... byte[] time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary()); byte[] key = Guid.NewGuid().ToByteArray(); string token = Convert.ToBase64String(time.Concat(key).ToArray()); using (JolTudomEEntities ent = new JolTudomEEntities()) { // delete those sessions, which are dead - over of the given timeout ent.usp_SessionsCleanup(Settings.Default.SessionTimeoutMinute); // delete those tests, which are not completed ent.usp_CleanupTests(Settings.Default.MaxTestExecutionHour); // this must be saved to the database with the timestamp ent.Sessions.AddObject(new Session { Token = token, PersonID = loggedinuser.PersonID, RoleID = loggedinuser.RoleID, LastAction = DateTime.UtcNow }); ent.SaveChanges(); } SessionManager sm = new SessionManager(token); return sm; }
/// <summary> /// Create a new PersonDetails object. /// </summary> /// <param name="firstName">Initial value of the FirstName property.</param> /// <param name="lastName">Initial value of the LastName property.</param> /// <param name="personID">Initial value of the PersonID property.</param> /// <param name="roleID">Initial value of the RoleID property.</param> public static PersonDetails CreatePersonDetails(global::System.String firstName, global::System.String lastName, global::System.Int32 personID, global::System.Int32 roleID) { PersonDetails personDetails = new PersonDetails(); personDetails.FirstName = firstName; personDetails.LastName = lastName; personDetails.PersonID = personID; personDetails.RoleID = roleID; return personDetails; }