private bool LoginUser(Credentials credentials) { string connectionString = ConfigurationManager.AppSettings["ConnectionString"]; NpgsqlConnection conn = new NpgsqlConnection(connectionString); NpgsqlCommand command = new NpgsqlCommand(@"SELECT COUNT(*) FROM clients WHERE email=@email AND password=@password"); command.Parameters.Add("@email", NpgsqlDbType.Varchar, 100).Value = credentials.Email; command.Parameters.Add("@password", NpgsqlDbType.Varchar, 100).Value = credentials.Password; command.Connection = conn; try { conn.Open(); int result = Convert.ToInt32(command.ExecuteScalar()); if (result > 0) return true; else return false; } catch (NpgsqlException e) { return false; } finally { conn.Close(); } }
protected override bool AuthorizeCore(HttpContextBase httpContext) { User user = HttpContext.Current.Session[SessionVars.User] as User; HttpCookie c = httpContext.Request.Cookies.Get(FormsAuthentication.FormsCookieName); #region Persistent Login if (user == null && c != null && !string.IsNullOrEmpty(c.Value)) { FormsAuthenticationTicket t = FormsAuthentication.Decrypt(c.Value); string email = t.UserData.Split(' ')[0]; string password = t.UserData.Split(' ')[1]; Credentials credentials = new Credentials() { Email = email, Password = password }; if (this.LoginUser(credentials)) { user = new User() { Email = credentials.Email, Password = credentials.Password }; httpContext.Session["user"] = user; } } #endregion if (user != null) return true; return false; }
private bool RegisterUser(Credentials credentials) { string connectionString = ConfigurationManager.AppSettings["ConnectionString"]; NpgsqlConnection conn = new NpgsqlConnection(connectionString); NpgsqlCommand command = new NpgsqlCommand(@"INSERT INTO clients (email, password ) VALUES ( @email, @password)"); command.Parameters.Add("@email", NpgsqlDbType.Varchar, 100).Value = credentials.Email; command.Parameters.Add("@password", NpgsqlDbType.Varchar, 100).Value = credentials.Password; command.Connection = conn; try { conn.Open(); int result = command.ExecuteNonQuery(); if (result != -1) return true; else return false; } catch (NpgsqlException e) { return false; } finally { conn.Close(); } }
public override object BindForModel(ControllerContext controllerContext, ModelBindingContext bindingContext) { var request = controllerContext.HttpContext.Request; StreamReader r = new StreamReader(request.InputStream); string s = r.ReadToEnd(); var queryParams = HttpUtility.ParseQueryString(s); Credentials c = new Credentials(); c.Email = queryParams["email"]; c.Password = queryParams["password"]; return c; }
public ActionResult IndexPost(Credentials credentials) { // Output Response.ContentType = "application/json"; Response.StatusCode = (int)HttpStatusCode.OK; if (this.RegisterUser(credentials)) { return new WebResult(new ResultInfo() { GreatSuccess = true }); } else { return new WebResult(new ResultInfo() { GreatSuccess = false }); } }
private bool LoginUser(Credentials credentials) { string connectionString = ConfigurationManager.AppSettings["ConnectionString"]; NpgsqlConnection conn = new NpgsqlConnection(connectionString); NpgsqlCommand command = new NpgsqlCommand("SELECT \"internalId\", email, password FROM clients WHERE email=@email AND password=@password"); command.Parameters.Add("@email", NpgsqlDbType.Varchar, 100).Value = credentials.Email; command.Parameters.Add("@password", NpgsqlDbType.Varchar, 100).Value = credentials.Password; command.Connection = conn; try { conn.Open(); NpgsqlDataReader reader = command.ExecuteReader(); List<User> users = new List<User>(); while (reader.Read()) { users.Add(new User() { InternalId = reader.GetInt32(reader.GetOrdinal("internalId")), Email = reader.GetString(reader.GetOrdinal("email")), Password = reader.GetString(reader.GetOrdinal("password")), }); } if (users.Count == 0 || users.Count > 1) return false; else { this.CreateAuthenticationTicket( users[0] ); return true; } } catch (NpgsqlException e) { return false; } finally { conn.Close(); } }
public ActionResult IndexPost(Credentials credentials) { // Output Response.ContentType = "application/json"; Response.StatusCode = (int)HttpStatusCode.OK; if (this.LoginUser(credentials)) { User user = Session[SessionVars.User] as User; DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(User)); serializer.WriteObject(Response.OutputStream, Session[SessionVars.User]); return new EmptyResult(); } else { return new WebResult(new ResultInfo() { GreatSuccess = false }); } }