//---------------------------------------------------------------------------------------------------------------------------------------------------------------
// public bool Login( User user, string password) {
public string LoginError()
{
return(MGLSessionSecurityInterface.Instance().SecurityError);
//string loginError = "Invalid username or password.";
//if (userName != null) {
// User user = GetUser(userName);
// // check the number of logins has not been exceeded
// if (user != null && user.IsLockedOut == true) {
// loginError = "The maximum number of incorrect login attempts has been exceeded - Contact the website administrator to unlock your account.";
// }
// dbInfo.Disconnect();
//}
//return loginError;
}
//--------------------------------------------------------------------------------------------------------------------------------------------------------------
public string GetError()
{
return(MGLSessionSecurityInterface.Instance().SecurityError);
}
//---------------------------------------------------------------------------------------------------------------------------------------------------------------
// public bool Login( User user, string password) {
public bool Login(SecureString userName, SecureString password)
{
bool loggedIn = false;
string loginError = "Username or password not recognised.";
UserOperations userOps = null;
try {
if (userName != null)
{
userOps = new UserOperations(lcf);
MGUser user = userOps.GetUser(userName);
// check the number of logins has not been exceeded
if (user != null)
{
if (user.IsLockedOut == true)
{
loginError = "Too many incorrect attempts. Please contact the web team."; // to unlock your account.";
}
else
{
// 30-Nov-2015 - Strip the password out of the user information as this is applied to the session
user.Password = null;
// Check the password
if (MGLApplicationSecurityInterface.Instance().AppLoginConfig.EnableAutomatedLogin == false && password != null)
{
// check the user name and the encrypted password in the database
bool userLoginDetailsCorrect = userOps.UserLoginDetailsCorrect(user.Username, password);
// if incorrect, increment the incorrect logins
// if correct, increment the total logins
userOps.LogLogin(user.ID, userLoginDetailsCorrect);
// reextract the user as the LastIP and login date will have changed - better to keep this consistent, if its used for validation in the future ...
user = userOps.GetUser(user.ID);
if (userLoginDetailsCorrect)
{
loggedIn = true;
// Set the current user object in the session
loginError = null;
MGLSessionSecurityInterface.Instance().CurrentUser = user;
}
}
else
{
loggedIn = true;
// Set the current user object in the session
loginError = null;
MGLSessionSecurityInterface.Instance().CurrentUser = user;
}
}
if (loggedIn)
{
SecureContentWrapper.LiveDbContextInstance = new SecureContentWrapper(AppSecurityContext.MainDbLcf);
// SecureContentWrapper.StagingDbContextInstance = new SecureContentWrapper(AppSecurityContext.StagingDbLcf);
}
}
}
} catch (Exception ex) {
Logger.LogError(7, "Problem logging in at " + ex);
} finally {
if (userOps != null)
{
userOps.Finish();
}
}
MGLSessionSecurityInterface.Instance().SecurityError = loginError;
return(loggedIn);
}
