예제 #1
0
 public ActionResult Index(Credentials credentials)
 {
     try
     {
         if (_accountService.ValidateUser(credentials) != null)
         {
             _formsAuthenticationService.SignIn(credentials.UserName, true);
             return RedirectToAction("Index", "Home");
         }
         else
             return RedirectToAction("Index", new { failed = true });
     }
     catch
     {
         throw;
     }
 }
예제 #2
0
 public ActionResult Index(FormCollection formCollection)
 {
     try
     {
         var credentials = new Credentials(formCollection.Get("username"), formCollection.Get("password"));
         if (_accountService.ValidateUser(credentials) != null)
         {
             _formsAuthenticationService.SignIn(credentials.UserName, true);
             return RedirectToAction("Index", "Home");
         }
         else
             return RedirectToAction("Index", new { failed = true });
     }
     catch
     {
         throw;
     }
 }
예제 #3
0
        /// <summary>
        /// This method has been implemented so as we can refactor the entire application to use the Infostructure.SimpleList.Web.Service.Api class, which takes a userName and password parameter for every call.
        /// This method returns the User object for an authenticated user, whether they have come in through the service or the web front-end.
        /// There is still a bit of a "smell" about this method and some of the authetication architecture, in particular that I'm passing around unencrypted passwords, but it's tollerable for the time being.
        /// Since the API service is accessed directly, there should be no need to use this method where the user is not ASP.NET authenticated.
        /// </summary>
        /// <returns>A Infostructure.MyBigBro.DataModel.Models.User instance if authetication is successful.</returns>
        private Infostructure.MyBigBro.DataModel.Models.User GetUser(IAccountService accountService)
        {
            // Get the username and password off the query string, if they're there.
            ICredentials credentials = new Credentials
                                           {
                                               UserName = HttpContext.Current.Request.QueryString["userName"],
                                               Password = HttpContext.Current.Request.QueryString["password"]
                                           };

            // This is where we would go if we've come in via the service.
            if (credentials.UserName != null && credentials.Password != null)
                return accountService.ValidateUser(credentials);
            // This is where we go if we've come in via the web front-end, since the request will not be ASP.NET authenticated by the service.
            else if (HttpContext.Current.User.Identity.IsAuthenticated)
                return accountService.GetUser(HttpContext.Current.User.Identity.Name);
            // User has not been successfully authenticated.
            else
                return null;
        }