public ActionResult Login(string username, string password) { //Alex's password from database ("123456") var passwordFromDatabase = "1000:x4EDMqYUMVwARzOGy/KyINiGXJzmAnsj:6tE2G9/X4ZozQP699EKLzhWuf8NiOsEM"; if (PasswordHashHelper.ValidatePassword(password, passwordFromDatabase)) { FormsAuthentication.SetAuthCookie(username, true); } //var ticket = new FormsAuthenticationTicket( // 2, // username, // DateTime.Now, // DateTime.Now.AddMinutes(1), // false, // Value of IsPersistent property // String.Empty, // FormsAuthentication.FormsCookiePath //); //string encryptedTicket = FormsAuthentication.Encrypt(ticket); //var authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket); //authCookie.Expires = DateTime.Now.AddMinutes(1); //Response.Cookies.Add(authCookie); return(Redirect(FormsAuthentication.GetRedirectUrl(username, false))); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); using (var db = new EmployeeContext()) { var user = db.Users.FirstOrDefault(x => x.Email.Equals(context.UserName)); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } if (!PasswordHashHelper.ValidatePassword(context.Password, user.PasswordHash)) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } var identity = new ClaimsIdentity(context.Options.AuthenticationType); var roles = db.UserRoles.Where(x => x.UserId.Equals(user.Id)).Select(x => x.RoleName).ToList(); identity.AddClaim(new Claim(ClaimTypes.Email, context.UserName)); identity.AddClaim(roles.Contains(Role.Admin) ? new Claim(ClaimTypes.Role, Role.Admin) : new Claim(ClaimTypes.Role, Role.User)); context.Validated(identity); } }
public Result Login(LoginInfo loginInfo) { // Check for null/empty if (loginInfo == null || string.IsNullOrWhiteSpace(loginInfo.Email) || string.IsNullOrWhiteSpace(loginInfo.Password)) { throw new ValidationException(MsgLoginInfoNotEntered); } // Get matching pwd and hash from db User userInfo = (from user in dataAccessor.Users.Include(u => u.Roles) where user.Email == loginInfo.Email select user).FirstOrDefault(); // Check match if (userInfo == null || !PasswordHashHelper.ValidatePassword(loginInfo.Password, userInfo.PasswordHash)) { throw new ValidationException(MsgInvalidUsernameOrPwd); } // Login succeeded, set forms cookie string token = SetAndReturnFormsAuthenticationCookie(userInfo.Email); // Set up cached user context UserContext userContext = new UserContext(token, userInfo); CacheItemPolicy cacheItemPolicy = new CacheItemPolicy { SlidingExpiration = TimeSpan.FromHours(1) }; cache.Set(token, cacheItemPolicy, userContext); return(new Result()); }
public bool ValidateLogin(string email, string password) { var user = userRepository.GetOne(x => x.Email.Equals(email)); if (user == null) { return(false); } if (PasswordHashHelper.ValidatePassword(password, user.PasswordHash)) { return(true); } return(false); }