public ActionResult Login(LoginViewModel viewModel, string returnUrl)
{
if (IsAuthenticate)
{
return RedirectToAction("Index", "Home");
}
if (!ModelState.IsValid)
{
return View(viewModel);
}
var validateResult = UserBusiness.Authenticate(viewModel);
if (!validateResult.IsSuccess)
{
ModelState.AddModelError("", validateResult.Message);
return View(viewModel);
}
var user = (User)validateResult.Data;
var userData = JsonConvert.SerializeObject(new PrincipalSerializeViewModel(user));
var authTicket = new FormsAuthenticationTicket(
1,
user.Email,
DateTimeHelper.UTCNow(),
DateTimeHelper.UTCNow().AddDays(BackendHelpers.FormsAuthenticationCookieTimeout()),
viewModel.RememberMe,
userData);
var encTicket = FormsAuthentication.Encrypt(authTicket);
var faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket);
Response.Cookies.Add(faCookie);
//returnURL needs to be decoded
var decodedUrl = string.Empty;
if (!string.IsNullOrWhiteSpace(returnUrl))
{
decodedUrl = Server.UrlDecode(returnUrl);
}
if (Url.IsLocalUrl(decodedUrl))
{
return Redirect(decodedUrl);
}
return RedirectToAction("Index", "Home");
}
public BaseModel Authenticate(LoginViewModel viewModel)
{
try
{
// Supper admin
if (viewModel.Email == BackendHelpers.SuperAdminEmail() && string.Equals(BackendHelpers.CreatePasswordHash(viewModel.Password, BackendHelpers.SuperAdminPasswordSalt()),BackendHelpers.SuperAdminPasswordHash()))
{
var supperAdmin = new User
{
Email = BackendHelpers.SuperAdminEmail(),
FirstName = Constants.RoleName.SuperAdmin,
LastName = Constants.AppName,
Role = new Role
{
Name = Constants.RoleName.SuperAdmin
}
};
return new BaseModel(true, (int) HttpStatusCode.OK, supperAdmin);
}
// Normal user
var user = UserRepository.GetByEmail(viewModel.Email);
if (user == null || !string.Equals(BackendHelpers.CreatePasswordHash(viewModel.Password, user.PasswordSalt), user.PasswordHash))
{
return new BaseModel(false, (int)HttpStatusCode.BadRequest, Constants.Message.InvalidLogin);
}
return new BaseModel(true, (int) HttpStatusCode.OK, user);
}
catch (Exception ex)
{
Provider.Instance.LogError(ex);
return new BaseModel(false, (int)HttpStatusCode.InternalServerError, ex.InnerException?.Message ?? ex.Message);
}
}
public ActionResult Login(string returnUrl)
{
if (IsAuthenticate)
{
return RedirectToAction("Index", "Home");
}
if (string.IsNullOrEmpty(returnUrl) && Request.UrlReferrer != null)
{
returnUrl = Server.UrlEncode(Request.UrlReferrer.PathAndQuery);
}
if (Url.IsLocalUrl(returnUrl) && !string.IsNullOrEmpty(returnUrl))
{
ViewBag.ReturnURL = returnUrl;
}
var loginViewModel = new LoginViewModel();
return View(loginViewModel);
}