protected virtual void Page_Load(object sender, EventArgs e) { var cookieManager = new RequestCookieManager(Request.Cookies); string authenticationId = cookieManager.GetAuthenticationId(); string sessionId = cookieManager.GetSessionId(); var loginService = new LoginService(); if (!string.IsNullOrEmpty(authenticationId)) { LoginResponse response = loginService.Validate(sessionId, authenticationId); if (response == null || !response.IsSuccess) Response.Redirect("~/Login.aspx" + "?redirect=" + Request.RawUrl); } else { Response.Redirect("~/Login.aspx" + "?redirect=" + Request.RawUrl); } if (Configuration.SSLEnabled) { if (!Request.IsLocal && !Request.IsSecureConnection) { string redirectUrl = Request.Url.ToString().Replace("http:", "https:"); Response.Redirect(redirectUrl); } } }
protected void Page_Load(object sender, EventArgs e) { string signed_data = Request["signed_request"]; if (!string.IsNullOrEmpty(signed_data)) { var cookieManager = new RequestCookieManager(Request.Cookies); string sessionId = cookieManager.GetSessionId(); //Get data. string[] splitPayload = signed_data.Split('.'); string sig = splitPayload[0]; string payload = splitPayload[1]; Dictionary<string, string> decodedObj = SignedRequestManager.DecodePayload(payload); var loginService = new LoginService(); if (!string.IsNullOrEmpty(decodedObj["user_id"])) { RegisterResponse registerResponse = loginService.RegisterSocial(sessionId, decodedObj["user_id"], "facebook", decodedObj["email"], decodedObj["first_name"], decodedObj["last_name"], decodedObj["phone"]); if (registerResponse != null && registerResponse.IsSuccess) { string lastPage = cookieManager.GetLastPage(); if (!string.IsNullOrEmpty(lastPage)) Response.Redirect(lastPage); else Response.Redirect("~/Home.aspx"); } } } }
public string GetPostData(string authenticationId, string sessionId, Address contactAddress) { ISessionService sessionService = new SessionService(); var sessionDataResponse = sessionService.GetSessionData(authenticationId, sessionId); if (sessionDataResponse == null || string.IsNullOrEmpty(sessionDataResponse.ErrorMessage) == false || sessionDataResponse.SessionData == null) return string.Empty; var loginService = new LoginService(); GetAccountResponse getAccountResponse = loginService.GetAccount(sessionId, authenticationId); if (getAccountResponse == null || getAccountResponse.UserAccount == null) return string.Empty; var userAccount = getAccountResponse.UserAccount; using (new ApplicationContextScope(new ApplicationContext())) { ApplicationContext.Current.Items["SessionId"] = sessionId; try { var channelFactory = new WebChannelFactory<IPaymentServiceRest>(Configuration.PaymentServiceConfigurationName); IPaymentServiceRest channel = channelFactory.CreateChannel(); if (channel is IContextChannel) using (new OperationContextScope(channel as IContextChannel)) { var referenceNumber = Guid.NewGuid().ToString().Substring(10); var voucherCode = string.Empty; if (sessionDataResponse.SessionData.PaymentTransaction != null) { referenceNumber = sessionDataResponse.SessionData.PaymentTransaction.InternalReferenceNumber; } voucherCode = sessionDataResponse.SessionData.VoucherCode; WebOperationContext.Current.OutgoingRequest.Headers.Add("X-MethodName", "GetPostData"); return channel.GetPostData(referenceNumber, sessionDataResponse.SessionData.ToPayAmount.ToString(), "Air", sessionId, userAccount, contactAddress, voucherCode); } } catch (Exception exception) { Logger.LogException(exception, Source, "GetPostData", Severity.Critical); } } return null; }
protected void btnLogin_Click(object sender, EventArgs e) { var username = txtUsername.Value; var password = txtPassword.Value; var clientCookie = new RequestCookieManager(Request.Cookies); var sessionId = clientCookie.GetSessionId(); ILoginService loginService = new LoginService(); var adminAccount = loginService.LoginAdmin(sessionId, username, password); if (adminAccount != null && adminAccount.IsSuccess) { var session = clientCookie.GetSession(); session.AuthId = adminAccount.AuthenticationId; var cookieManager = new ResponseCookieManager(Response.Cookies); cookieManager.SetSessionData(session); Response.Redirect(string.Format("./{0}.aspx", adminAccount.DefaultPage)); } }
protected virtual void Page_Load(object sender, EventArgs e) { var cookieManager = new RequestCookieManager(Request.Cookies); string authenticationId = cookieManager.GetAuthenticationId(); string sessionId = cookieManager.GetSessionId(); var loginService = new LoginService(); if (string.IsNullOrEmpty(authenticationId) == false) { var pageName = Path.GetFileNameWithoutExtension(Request.PhysicalPath); var isAuthorized = loginService.IsAuthorized(sessionId, authenticationId, pageName); if (isAuthorized == false) { Response.Redirect("~/Admin/AdminLogin.aspx"); } } else { Response.Redirect("~/Admin/AdminLogin.aspx"); } }
public bool ValidateResponse(string response, string provider, string authenticationId, string sessionId, NameValueCollection variables, string voucherCode, out string errorMessage) { var nameValueCollection = new List<KeyValue>(); foreach (var variable in variables.AllKeys) { nameValueCollection.Add(new KeyValue { Key = variable, Value = variables[variable] }); } var sessionService = new SessionService(); var sessionDataResponse = sessionService.GetSessionData(authenticationId, sessionId); if (sessionDataResponse == null) { errorMessage = "No session found. Aborting."; return false; } var loginService = new LoginService(); GetAccountResponse getAccountResponse = loginService.GetAccount(sessionId, authenticationId); if (getAccountResponse == null || getAccountResponse.UserAccount == null) { errorMessage = "Authentication failed. Aborting."; return false; } using (new ApplicationContextScope(new ApplicationContext())) { ApplicationContext.Current.Items["SessionId"] = sessionId; try { var channelFactory = new WebChannelFactory<IPaymentServiceRest>(Configuration.PaymentServiceConfigurationName); IPaymentServiceRest channel = channelFactory.CreateChannel(); if (channel is IContextChannel) using (new OperationContextScope(channel as IContextChannel)) { WebOperationContext.Current.OutgoingRequest.Headers.Add("X-MethodName", "ValidateResponse"); var paymentResponse = channel.ValidatePaymentResponse(sessionDataResponse.SessionData.ToPayAmount.ToString(), provider, sessionId, nameValueCollection, getAccountResponse.UserAccount, authenticationId, voucherCode); errorMessage = paymentResponse.ErrorMessage; if (paymentResponse.IsSuccess) { sessionDataResponse.SessionData.Charges = sessionDataResponse.SessionData.Charges ?? new List<Charge>(); sessionDataResponse.SessionData.Charges.Add(paymentResponse.Charge); sessionService.UpdateSessionData(sessionId, sessionDataResponse.SessionData); } return paymentResponse.IsSuccess; } } catch (Exception exception) { Logger.LogException(exception, Source, "ValidateResponse", Severity.Critical); } } errorMessage = "Invalid Request. Aborting."; return false; }