private void btLogin_Click(object sender, System.EventArgs e)
{
string sUserData;
string[] roles;
DataTable dtGroups = null;
int iReturn;
try
{
user = new clsUsers();
user.sEmail = tbEmail.Text;
user.sPass = tbPassword.Text;
if (tblLogin.Rows[1].Visible)
{
user.iOrgId = Convert.ToInt32(ddlOrg.SelectedValue);
}
iReturn = user.Authenticate();
switch (iReturn)
{
case 0:
lbErr.Visible = false;
sUserData = user.iId.Value.ToString() + ":" + user.iOrgId.Value.ToString();
dtGroups = user.GetUserGroupsList();
string roleStr = "";
foreach (DataRow dr in dtGroups.Rows)
{
roleStr += String.Format("{0};", dr["vchDesc"]);
}
roleStr = roleStr.Remove(roleStr.Length - 1, 1);
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
sUserData,
DateTime.Now,
DateTime.Now.AddHours(1),
false,
roleStr
);
roles = roleStr.Split(new char[] { ';' });
string cookieStr = FormsAuthentication.Encrypt(ticket);
Response.Cookies["bfp_roles"].Value = cookieStr;
Response.Cookies["bfp_roles"].Path = "/";
Response.Cookies["bfp_roles"].Expires = DateTime.Now.AddHours(1);
FormsAuthentication.SetAuthCookie(sUserData, true);
Response.Redirect("main.aspx", false);
break;
case 1:
tblLogin.Rows[1].Visible = true;
ddlOrg.DataTextField = "vchName";
ddlOrg.DataValueField = "Id";
ddlOrg.DataSource = new DataView(user.GetOrgListFromUser());
ddlOrg.DataBind();
lbErr.Visible = false;
break;
case -1:
lbErr.Visible = true;
break;
default:
lbErr.Visible = true;
break;
}
}
catch (Exception ex)
{
_functions.Log("Application error: \n" + ex.ToString());
lbErr.Text = ex.Message;
}
finally
{
if (user != null)
{
user.Dispose();
}
}
}
/// <summary>
/// Login
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void btLogin_Click(object sender, System.EventArgs e)
{
string sUserData;
string[] roles;
string roleStr = "";
DataTable dtGroups = null;
int iReturn;
try
{
lbErr.Visible = false;
user = new clsUsers();
user.sEmail = tbEmail.Text;
// User authenticating
if (user.Authenticate() == -1)
{
lbErr.Visible = true;
}
else
{
if (!user.bActiveStatus.Value)
{
lbErr.Visible = true;
lbErr.Text = _functions.ErrorMessage(202);
return;
}
string dbPasswordHash = user.sPass.Value;
string salt = user.sSalt.Value;
// Now take the salt and the password entered by the user
// and concatenate them together.
string passwordAndSalt = String.Concat(tbPassword.Text, salt);
// Now hash them
string hashedPasswordAndSalt =
FormsAuthentication.HashPasswordForStoringInConfigFile(
passwordAndSalt,
"SHA1");
// Now verify them. Returns true if they are equal
if (!hashedPasswordAndSalt.Equals(dbPasswordHash))
{
lbErr.Visible = true;
}
else
{
// Getting info about user
iReturn = user.LoginInfo();
switch (iReturn)
{
case 0:
Response.Cookies["bfp_logo"].Value = user.sLogo.Value;
Response.Cookies["bfp_logo"].Path = "/";
Response.Cookies["bfp_logo"].Expires = DateTime.Now.AddYears(1);
// The authenticate was done successfully
lbErr.Visible = false;
// Creating the user's identifying string
sUserData = user.iId.Value.ToString() + ":" + user.iOrgId.Value.ToString();
// creating the roles's string for user from groups list
dtGroups = user.GetUserGroupsList();
foreach (DataRow dr in dtGroups.Rows)
{
roleStr += String.Format("{0};", dr["vchDesc"]);
}
roleStr = roleStr.Remove(roleStr.Length - 1, 1);
// creating a ticket for user with his roles
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
sUserData,
DateTime.Now,
DateTime.Now.AddYears(1),
false,
roleStr
);
roles = roleStr.Split(new char[] { ';' });
// encrypting ticket for setting to cookie
string cookieStr = FormsAuthentication.Encrypt(ticket);
Response.Cookies["bfp_roles"].Value = cookieStr;
Response.Cookies["bfp_roles"].Path = "/";
Response.Cookies["bfp_roles"].Expires = DateTime.Now.AddYears(1);
// setting the user's identifying string to cookie
FormsAuthentication.SetAuthCookie(sUserData, true);
if (Request.QueryString["ReturnUrl"] != null)
{
Response.Redirect(Request.QueryString["ReturnUrl"], false);
}
else
{
Response.Redirect("selectMode.aspx", false);
}
break;
case 1:
// if there are many organization for current user then we are showing they on screen for choosing
tblLogin.Rows[0].Visible = true;
tblLogin.Rows[1].Visible = true;
tblLogin.Rows[2].Visible = false;
tblLogin.Rows[3].Visible = false;
tblLogin.Rows[4].Visible = false;
ViewState["UserId"] = user.iId.Value;
dgOrgs.DataSource = new DataView(user.GetOrgListFromUser());
dgOrgs.DataBind();
lbErr.Visible = false;
break;
case -1:
lbErr.Visible = true;
break;
default:
lbErr.Visible = true;
break;
}
}
}
}
catch (Exception ex)
{
_functions.Log(ex, "", SourcePageName);
lbErr.Visible = true;
lbErr.Text = ex.Message;
}
finally
{
if (user != null)
{
user.Dispose();
}
}
}