/// <summary>
/// Extract user role and create corresponding Principal
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
if (FormsAuthentication.CookiesSupported == true)
{
if(Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
try
{
//retrieve username
string username = FormsAuthentication.Decrypt(Request.Cookies[FormsAuthentication.FormsCookieName].Value).Name;
string roles = string.Empty;
//retrieve user with email 'username' and extrack role as string
IDalUserManagement dal = new MSSQLModelDAL();
List<User> users = dal.GetUsers(new ParametersForUsers()
{
Email = username
});
if(users.Any())
{
roles = users.First().Permission.Description;
}
//Set principal
HttpContext.Current.User = new System.Security.Principal.GenericPrincipal(
new System.Security.Principal.GenericIdentity(username, "Forms"), roles.Split(';'));
}
catch (Exception)
{
{
}
throw;
}
}
}
}
/// <summary>
/// Method Logs user into application if validated succesfully
/// </summary>
/// <param name="_email">User submitted email</param>
/// <param name="_pass">User submitted password</param>
/// <returns></returns>
public LoginReturn Login(string _email, string _pass)
{
LoginReturn result = new LoginReturn();
try
{
IDalUserManagement dalUserManage = new MSSQLModelDAL();
List<User> users = dalUserManage.GetUsers(new ParametersForUsers()
{ Email = _email });
User user = users.Find(x => x.Email == _email);
if (_pass == user.Password)
{
result.status = true;
result.message = "";
return result;
}
else
{
result.status = false;
result.message = "Password is incorrect!";
return result;
}
}
catch(NullReferenceException e)
{
result.status = false;
result.message = String.Format("No user with email: {0} found",_email);
return result;
}
}
/// <summary>
/// Method creates user and inserts it into database
/// </summary>
/// <param name="email">User email</param>
/// <param name="confirmEmail">user email confirmed</param>
/// <param name="Pass">user password</param>
/// <param name="confirmPass">user password confirmed</param>
/// <param name="fName">user first name</param>
/// <param name="lName">user last name</param>
public bool Create(string email, string confirmEmail, string pass, string confirmPass, string fName, string lName)
{
if (_confirmPass != _Pass)
{
return false;
}
try
{
IDalUserManagement dalUserManage = new MSSQLModelDAL();
ParametersForUsers parameters = new ParametersForUsers()
{ Email = email };
if (dalUserManage.GetUsers(parameters).Any())
{
return false;
}
User user = new User()
{
Email = email,
FirstName = fName,
LastName = lName,
Password = pass
};
Permission perm = dalUserManage.GetPermByAccessLevel(AccessLevel.Submitter);
dalUserManage.InsertUser(user, perm);
return true;
}
catch (NullReferenceException e)
{
return false;
}
}
