private void InitializeSessionValiable(LoginModel model)
{
InitializeSessionValiable(model.UserName);
}
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid &&
WebSecurity.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
string tokenIssuerId = string.Empty;
if (Request.Cookies[_aspSesId] != null)
{
var cookie = Request.Cookies[_aspSesId];
SessionTokenIssuer.Instance.AddOrUpdate(new SessionInfo()
{
Session = Session.SessionID,
Expire = DateTime.UtcNow.AddMinutes(40)
}, (tokenIssuerId = Guid.NewGuid().ToString()));
SessionTokenIssuer.Instance.AddOrUpdateUserName(tokenIssuerId, model.UserName);
}
var authClient = WebHelper.GetClientIndetification();
int userId = -1;
string authToken = Authorization.AuthTokenManagerEx.Instance.Generate(authClient);
if (Authorization.AuthTokenManagerEx.Instance[authClient] != null)
{
userId = WebSecurity.GetUserId(model.UserName);
Authorization.AuthTokenManagerEx.Instance[authClient].UserId = userId;
Authorization.AuthTokenManagerEx.Instance[authClient].UserName = model.UserName;
var cInfo = new ClientInfo() { Id = userId, UserName = model.UserName };
Authorization.AuthTokenManagerEx.Instance.AddClientInfo(cInfo, authToken);
}
InitializeSessionValiable(model);
using (var mesRepo = Bootstrapper.Kernel.Get<Repositories.IMessangerRepository>())
{
var mesUser = mesRepo.GetUserByIdentity(string.Format("{0}_{1}", model.UserName, userId));
//Add data of logged user to corresponding MessangerUsers table
if (mesUser == null)
{
string email = string.Empty;
using (var aspRepo = Bootstrapper.Kernel.Get<Repositories.IAspUserRepository>())
{
//get user email from asp db login
if (aspRepo != null)
email = aspRepo.GetByName(model.UserName).Email;
}
mesUser = new MessangerUser()
{
Id = Guid.NewGuid().ToString("d"),
Identity = string.Format("{0}_{1}", model.UserName, userId),
IsBanned = false,
LastActivity = DateTime.UtcNow,
Name = model.UserName,
Status = (int)Common.Models.UserStatus.Active,
Note = "created from LogOn workflow",
Email = email,
Hash = email.ToMD5()
};
mesRepo.Add(mesUser);
}
else if (mesUser != null && string.IsNullOrEmpty(mesUser.Salt))
{
mesUser.Salt = Bootstrapper.Kernel.Get<ICryptoService>().CreateSalt();
mesUser.HashedPassword = model.Password.ToSha256(mesUser.Salt);
mesRepo.CommitChanges();
}
AddAuthCookie(model.RememberMe, mesUser);
// save messanger state to cookies object
if (mesUser != null && Request.Cookies.Get(_msConst) != null)
{
var state = JsonConvert.SerializeObject(new
{
userId = mesUser.Id,
aspUserId = userId,
userName = model.UserName,
hash = mesUser.Hash,
tokenId = tokenIssuerId
});
var cookie = new HttpCookie(_msConst, HttpUtility.UrlEncode(state));
cookie.HttpOnly = true;
if (model.RememberMe)
cookie.Expires = DateTime.UtcNow.AddDays(30);
else
cookie.Expires = DateTime.UtcNow.AddMinutes(40);
HttpContext.Response.Cookies.Add(cookie);
}
else if (mesUser != null)
{
var state = JsonConvert.SerializeObject(new
{
userId = mesUser.Id,
aspUserId = userId,
userName = model.UserName,
hash = mesUser.Hash,
tokenId = tokenIssuerId
});
var cookie = new HttpCookie(_msConst, HttpUtility.UrlEncode(state));
cookie.HttpOnly = true;
if (model.RememberMe)
cookie.Expires = DateTime.UtcNow.AddDays(30);
else
cookie.Expires = DateTime.UtcNow.AddMinutes(40);
HttpContext.Response.Cookies.Add(cookie);
}
}//end of using mesRepo
return RedirectToLocal(returnUrl);
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError(string.Empty, "The user name or password provided is incorrect.");
return View(model);
}
