public JSONUser UserGET(string username, string password)
{
JSONUser user = new JSONUser();
try
{
User u = new User();
u.Authenticate(username, password);
FormsAuthentication.SetAuthCookie(username, false);
Log("HAP+ App Logon", "Home Access Plus+ Logon\n\nUsername: " + username, System.Diagnostics.EventLogEntryType.Information);
user.Token2 = HttpContext.Current.Response.Cookies[FormsAuthentication.FormsCookieName].Value;
user.Token1 = TokenGenerator.ConvertToToken(password);
user.Username = u.UserName;
user.FirstName = u.FirstName;
user.isValid = true;
user.Token2Name = FormsAuthentication.FormsCookieName;
user.SiteName = hapConfig.Current.School.Name;
}
catch (Exception e) { user.Token2 = e.ToString(); user.isValid = false; }
return(user);
}
public override bool ValidateUser(string username, string password)
{
try
{
User u = new User();
u.Authenticate(username, password);
var config = System.Web.Configuration.WebConfigurationManager.GetSection("system.web/authorization") as AuthorizationSection;
foreach (AuthorizationRule rule in config.Rules)
{
if (rule.Action == AuthorizationRuleAction.Deny)
{
if (rule.Roles != null)
{
foreach (string s in rule.Roles)
{
if (s != "?" && new RoleProvider().IsUserInRole(u.UserName, s))
{
throw new UnauthorizedAccessException();
}
}
}
if (rule.Users != null)
{
foreach (string s in rule.Users)
{
if (s != "*" && u.UserName.ToLower().Equals(s))
{
throw new UnauthorizedAccessException();
}
}
}
}
}
return(true);
}
catch
{
return(false);
}
}