예제 #1
0
        protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
        {
            try
            {
                LoginUserData staffData = StaffBiz.GetLoginUserData(Login1.UserName.Trim());

                if (staffData != null)
                //if (staffData != null && IsAuthenticated(Login1.UserName.Trim(), Login1.Password.Trim()))
                {
                    Guid sessionId = Guid.NewGuid();
                    LoginBiz.InsertSession(Login1.UserName.Trim(), sessionId);

                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                        1,
                        Login1.UserName.Trim(),
                        DateTime.Now,
                        DateTime.Now.AddMinutes(FormsAuthentication.Timeout.TotalMinutes),
                        Login1.RememberMeSet,
                        staffData != null ? staffData.StaffNameTH + "|" + staffData.BranchName + "|" + sessionId.ToString() : _displayName + "|" + "",
                        FormsAuthentication.FormsCookiePath);

                    string encTicket = FormsAuthentication.Encrypt(ticket);
                    Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName, encTicket));
                    //Response.Redirect(FormsAuthentication.GetRedirectUrl(Login1.UserName, Login1.RememberMeSet), false);

                    InsertLoginLog(true, "");

                    if (Request["ticketid"] != null && Request["accflag"] == "email")
                    {
                        Response.Redirect("COC_SCR_003.aspx?ticketid=" + Request["ticketid"], false);
                    }
                    else
                    {
                        Response.Redirect(FormsAuthentication.DefaultUrl, false);
                    }
                }
                else
                {
                    InsertLoginLog(false, "Logon failure: unknown user name or bad password.");
                    _log.Debug("Logon failure: unknown user name or bad password.");
                    AppUtil.ClientAlert(Page, "Logon failure: unknown user name or bad password.");
                }
            }
            catch (Exception ex)
            {
                string message = ex.InnerException != null ? ex.InnerException.Message : ex.Message;

                InsertLoginLog(false, message);
                _log.Debug("(" + Login1.UserName + ") " + message);
                AppUtil.ClientAlert(Page, "Logon failure: unknown user name or bad password.");
            }
        }