public ActionResult Login(LoginModel model) { if (ModelState.IsValid) { //var result = dao.Login(model.UserName, Encryptor.MD5Hash(model.Password),true); if (!String.IsNullOrWhiteSpace(WebAccount.GetPassword(model.UserName))) { UserAccount userAccount = new UserAccount(); userAccount.webAccount = WebAccount.load(model.UserName, Encryptor.MD5Hash(model.Password)); if (userAccount.webAccount != null) { if (userAccount.webAccount.Status == nameof(StatusEntity.Active)) { userAccount.Roles = new string[] { userAccount.webAccount.GroupName }; HttpCookie authCookie = FormsAuthentication.GetAuthCookie(userAccount.webAccount.UserName, false); authCookie.Expires = DateTime.Now.AddHours(24); //Expires in 1 day from today. authCookie.HttpOnly = true; // protects from XSS attacks stealing cookies, makes the cookie hidden from Javascript (in proper browsers, IE6 doesn't support it). //if (!Request.IsLocal) authCookie.Secure = false; //FormsAuthentication.RequireSSL; FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value); FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration, model.RememberMe, userAccount.UserDataString); // Update the authCookie's Value to use the encrypted version of newTicket authCookie.Value = FormsAuthentication.Encrypt(newTicket); // Manually add the authCookie to the Cookies collection Response.Cookies.Add(authCookie); return(RedirectToAction("Index")); } else if (userAccount.webAccount.Status == nameof(StatusEntity.Locked)) { ModelState.AddModelError("", "Tài khoản đang bị khoá."); } else { ModelState.AddModelError("", "Tài khoản đã xóa."); } } else { ModelState.AddModelError("Password", "Mật khẩu không đúng."); } } else { ModelState.AddModelError("", "Tài khoản không tồn tại."); } } return(View(model)); }
public ActionResult Login(LoginModel model) { var actionStatus = new ActionResultHelper(); actionStatus.ActionStatus = ResultSubmit.failed; string errorString = ""; bool IsValid = true; if (ModelState.IsValid) { //var result = dao.Login(model.UserName, Encryptor.MD5Hash(model.Password),true); if (!String.IsNullOrWhiteSpace(WebAccount.GetPassword(model.UserName))) { UserAccount userAccount = new UserAccount(); userAccount.webAccount = WebAccount.load(model.UserName, Encryptor.MD5Hash(model.Password)); if (userAccount.webAccount != null) { if (userAccount.webAccount.Status == nameof(StatusEntity.Active)) { userAccount.Roles = new string[] { userAccount.webAccount.GroupName }; HttpCookie authCookie = FormsAuthentication.GetAuthCookie(userAccount.webAccount.UserName, false); authCookie.Expires = DateTime.Now.AddHours(24); //Expires in 1 day from today. authCookie.HttpOnly = true; // protects from XSS attacks stealing cookies, makes the cookie hidden from Javascript (in proper browsers, IE6 doesn't support it). //if (!Request.IsLocal) authCookie.Secure = false; //FormsAuthentication.RequireSSL; FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(authCookie.Value); FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(ticket.Version, ticket.Name, ticket.IssueDate, ticket.Expiration, model.RememberMe, userAccount.UserDataString); // Update the authCookie's Value to use the encrypted version of newTicket authCookie.Value = FormsAuthentication.Encrypt(newTicket); // Manually add the authCookie to the Cookies collection Response.Cookies.Add(authCookie); return(RedirectToAction("Index")); } else { ModelState.AddModelError("", "Tài khoản đang bị khoá."); } } else { ModelState.AddModelError("", "Mật khẩu không đúng."); } } else { ModelState.AddModelError("", "Tài khoản không tồn tại."); } } else { IsValid = false; foreach (var item in ModelState.Values) { if (item.Errors.Count() > 0) { var errorItems = item.Errors.Where(f => !String.IsNullOrWhiteSpace(f.ErrorMessage)).ToList(); foreach (var erroritem in errorItems) { errorString += "<br />" + erroritem.ErrorMessage; } } } goto actionError; } actionError: if (!IsValid) { actionStatus.ErrorReason = String.Format(SiteResource.HTML_ALERT_ERROR, SiteResource.MSG_ERROR_ENTER_DATA_FOR_FORM + errorString); Session["ACTION_STATUS"] = actionStatus; } return(View("Index")); }