protected void Page_Load(object sender, EventArgs e) { try { if (MySecurityProvider.CurrentPrincipal != null) { MailLogInfo loginfo = new MailLogInfo("MAIL", "LGO", MySecurityProvider.CurrentPrincipal.MyIdentity.UserName, "", ""); Cache.Remove(Context.User.Identity.Name); } System.Threading.Thread.CurrentPrincipal = null; Context.User = null; System.Web.Security.FormsAuthentication.SignOut(); Session.Abandon(); } catch (ManagedException) { } catch (Exception ex) { _log.Error(new Com.Delta.Logging.Errors.ErrorLog("MAIL", ex, string.Empty, string.Empty, string.Empty)); info.AddMessage(ex.Message, Com.Delta.Messaging.MapperMessages.LivelloMessaggio.ERROR); } Response.Redirect("~/Login.aspx"); }
public HttpResponseMessage DoLogin(string username, string password) { LoginModel loginModel = new LoginModel(); try { string user = username.Trim().ToUpper(); string pw = password.Trim(); MyPrincipal upro = null; bool found = false; MyIdentity identity = null; if ((HttpContext.Current.Cache[user] != null)) { upro = (MyPrincipal)HttpContext.Current.Cache.Get(user); identity = (MyIdentity)upro.Identity; HttpContext.Current.User = upro; found = true; } if (!found) { try { upro = MySecurityProvider.BuildNewIdentity(user, "", pw, "Form").Result; } catch (System.Exception ex) { ErrorLogInfo error = new ErrorLogInfo(); error.freeTextDetails = ex.Message; error.logCode = "ERR111"; error.loggingAppCode = "SCA"; error.loggingTime = System.DateTime.Now; error.uniqueLogID = System.DateTime.Now.Ticks.ToString(); _log.Error(error); loginModel.Error = ex.Message; loginModel.success = "false"; return(this.Request.CreateResponse <LoginModel>(HttpStatusCode.InternalServerError, loginModel)); } } //se l'utente ha fornito username e password corretta if (upro != null && (((MyIdentity)upro.Identity).checkIdentity(user, pw))) { //se l'utente non era in cache carico il profilo utente if (!found) { //upro = MySecurityProvider.BuildPrincipal(identity, "0"); HttpContext.Current.Cache.Add(user, upro, null, System.Web.Caching.Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(CACHEEXPIRATION), System.Web.Caching.CacheItemPriority.AboveNormal, null); } //a questo punto ho riunito le due strade //controllo se l'utente è già loggato //if (upro.isLoggedIn) errorlabel.Text = "Accesso impossibile.<br /><br /><b>ATTENZIONE: Account già in uso!!</b>"; if (false) { } else { MailLogInfo logInfo = new MailLogInfo(); logInfo.logCode = "LON"; logInfo.loggingAppCode = "MAIL"; logInfo.loggingTime = System.DateTime.Now; logInfo.uniqueLogID = System.DateTime.Now.Ticks.ToString(); logInfo.userID = user; logInfo.freeTextDetails = string.Empty; _log.Info(logInfo); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(user, false, 15); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, FormsAuthentication.Encrypt(ticket)); HttpContext.Current.Response.Cookies.Add(cookie); //Response.Cookies.Add(cookie); // upro.isLoggedIn = true; HttpContext.Current.User = upro; HttpContext.Current.Cache.Insert(user, upro, null, System.Web.Caching.Cache.NoAbsoluteExpiration, TimeSpan.FromMinutes(CACHEEXPIRATION), System.Web.Caching.CacheItemPriority.AboveNormal, null); loginModel.success = "true"; loginModel.ResponseUrl = "pages/Common/Default.aspx"; } } // hanno provato ad inserie uno username giusto ma una password sbagliata(grave) else { loginModel.success = "false"; loginModel.Error = "Attenzione! Credenziali di accesso errate"; return(this.Request.CreateResponse <LoginModel>(HttpStatusCode.BadRequest, loginModel)); } } catch (System.Exception e0) { loginModel.Error = e0.Message; loginModel.success = "false"; return(this.Request.CreateResponse <LoginModel>(HttpStatusCode.InternalServerError, loginModel)); } return(this.Request.CreateResponse <LoginModel>(HttpStatusCode.OK, loginModel)); }