protected void btnlogin_Click(object sender, EventArgs e) { string username = txtusername.Text; string password = txtpassword.Text; IBusinessAuthentication ibau = GenericFactory <BusinessLayer, IBusinessAuthentication> .CreateInstance(); string acceslevel = ibau.isValidUser(username, password); if (acceslevel != "") { string roles = ibau.GetRolesForUser(username); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username, DateTime.Now, DateTime.Now.AddMinutes(30), false, roles); string encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie authCookie = new HttpCookie (FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Add(authCookie); //FormsAuthentication.RedirectFromLoginPage(username.ToString(), true); SessionFacade.USERNAME = username; SessionFacade.ROLE = roles; Response.Redirect(FormsAuthentication.GetRedirectUrl(username, true)); } else { lblStatus.Text = "Invalid login for Requested Page"; } }
public ActionResult Login(LoginModel lm) { IBusinessAuthentication iba = GenericFactory <Business, IBusinessAuthentication> .GetInstance(); IBusinessBanking ibank = GenericFactory <Business, IBusinessBanking> .GetInstance(); IBusinessLoan iloan = GenericFactory <Business, IBusinessLoan> .GetInstance(); if (ModelState.IsValid) { // check if valid user bool ret = iba.CheckIfValidUser(lm.Username, lm.Password); if (ret == true) { string roles = iba.GetRolesForUser(lm.Username); // send the pipedelimited roles as an authentication cookie back to the browser FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, lm.Username, DateTime.Now, DateTime.Now.AddMinutes(15), false, roles); string encryptedTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); Response.Cookies.Add(ck); // ----obtaing checking account number and saving account number for user long checkingAccountNum = ibank.GetCheckingAccountNumForUser(lm.Username); long savingAccountNumber = ibank.GetSavingAccountNumForUser(lm.Username); UserInfo ui = new UserInfo(); ui.CheckingAcccountNumber = checkingAccountNum; ui.SavingAccountNumber = savingAccountNumber; ui.Username = lm.Username; //HttpCookie ckuser = new HttpCookie("UserInfo"); //ckuser["USERDATA"] = ui.LosSerialize(); //Response.Cookies.Add(ckuser); CookieFacade.USERINFO = ui; CacheAbstraction cabs = new CacheAbstraction(); cabs.Remove("TRHISTORY" + ":" + checkingAccountNum); //---------------------------------------------------- string redirectURL = FormsAuthentication.GetRedirectUrl(lm.Username, false); if (redirectURL == "/default.aspx") { redirectURL = "~/home/index"; } //Response.Redirect(redirectURL); // causes antiforgery token exception return(Redirect(redirectURL)); } ViewBag.Message = "Invalid login.."; } return(View(lm)); }