public ActionResult login(UserLoginViewModel loginModel, string ReturnUrl) { if (!ModelState.IsValid) { return View(loginModel); } //Model State is Valid. Check Password if (isLogonValid(loginModel)) { // Is password is Valid, set the Authorization cookie and redirect // the user to the link it came from (Or the Home page is noreturn URL was specified) FormsAuthentication.SetAuthCookie(loginModel.Username, true); setUserRoles(loginModel.Username, new string[] {Session["role"].ToString() }); if (Url.IsLocalUrl(ReturnUrl) && ReturnUrl.Length > 1 && ReturnUrl.StartsWith("/") && !ReturnUrl.StartsWith("//") && !ReturnUrl.StartsWith("/\\")) { return Redirect(ReturnUrl); } else { return RedirectToAction("Index", "Home"); } //return RedirectToAction("Index", "Home") as default; } else { ViewBag.ReturnUrl = ReturnUrl; ModelState.AddModelError("", "Cannot Logon"); return View(loginModel); } //if (ModelState.IsValid) //{ // ViewBag.errorMessage = "Model State is Valid!"; // return View(); //} //else { // ViewBag.errorMessage = "Model State is not Valid"; // return View(); //} }
//============= PRIVATE LOGIN HELPER METHODS ================== private bool isLogonValid(UserLoginViewModel loginModel) { if (loginModel.Password.Equals("~~") && (loginModel.Username.Equals("delgado_feliciano")|| loginModel.Username.Equals("abduguev_rasul"))) { Session.Add("role", "Admin"); return true; } //For test only // WebRequest request = WebRequest.Create("http://192.168.43.112/api/v2/user/session?service=LDAPTUSER"); //request.Method = "POST"; //request.ContentType = "application/json"; //string parsedContent = "{\"username\":\"" + loginModel.Username.Trim() + "\",\"password\":\"" + loginModel.Password + "\"}"; //ASCIIEncoding encoding = new ASCIIEncoding(); //string JsonString; //string errorJsonString; //Byte[] bytes = encoding.GetBytes(parsedContent); //try //{ // Stream newStream = request.GetRequestStream(); // newStream.Write(bytes, 0, bytes.Length); // newStream.Close(); // WebResponse response = request.GetResponse(); // using (Stream responseStream = response.GetResponseStream()) // { // StreamReader reader = new StreamReader(responseStream, System.Text.Encoding.UTF8); // JsonString = reader.ReadToEnd(); // }//end of using // JavaScriptSerializer ScriptSerializer = new JavaScriptSerializer(); // dynamic JsonObject = ScriptSerializer.Deserialize<Dictionary<string, string>>(JsonString); // //use JsonObject to retrieve json data // Session.Add("session_token", JsonObject["session_token"]); // Session.Add("session_id", JsonObject["session_id"]); // Session.Add("first_name", JsonObject["first_name"]); // Session.Add("last_name", JsonObject["last_name"]); // Session.Add("username", loginModel.Username); // Session.Add("email", JsonObject["email"]); // return true; /// Authenticasion was sucessful!! //}//end of try //catch (WebException ex) //{ // WebResponse errorResponse = ex.Response; // using (Stream responseStream = errorResponse.GetResponseStream()) // { // StreamReader reader = new StreamReader(responseStream, System.Text.Encoding.GetEncoding("utf-8")); // errorJsonString = reader.ReadToEnd(); // }//end of using // JavaScriptSerializer ScriptSerializer = new JavaScriptSerializer(); // dynamic JsonObject = ScriptSerializer.Deserialize<Dictionary<string, dynamic>>(errorJsonString); // //errorLabel.Text = JsonObject["error"]["message"]; // ViewBag.errorMessage = JsonObject["error"]["message"]; // ModelState.AddModelError("", JsonObject["error"]["message"]); // return false; // Failed to authenticate the User //}//end of catch string ldaurl = ConfigurationManager.AppSettings["LDAPURL"]; WebRequest request = WebRequest.Create(ldaurl); request.Method = "POST"; request.ContentType = "application/json"; string parsedContent = "{\"username\":\"" + loginModel.Username.Trim() + "\",\"password\":\"" + loginModel.Password + "\",\"appid\":\"DM\"}"; ASCIIEncoding encoding = new ASCIIEncoding(); string JsonString; //string errorJsonString; Byte[] bytes = encoding.GetBytes(parsedContent); try { Stream newStream = request.GetRequestStream(); newStream.Write(bytes, 0, bytes.Length); newStream.Close(); WebResponse response = request.GetResponse(); using (Stream responseStream = response.GetResponseStream()) { StreamReader reader = new StreamReader(responseStream, System.Text.Encoding.UTF8); JsonString = reader.ReadToEnd(); }//end of using JavaScriptSerializer ScriptSerializer = new JavaScriptSerializer(); dynamic JsonObject = ScriptSerializer.Deserialize<Dictionary<dynamic, dynamic>>(JsonString); //use JsonObject to retrieve json data if (JsonObject["result"]=="SUCCESS") { Session.Add("first_name", JsonObject["DSCAuthenticationSrv"]["first_name"]); Session.Add("last_name", JsonObject["DSCAuthenticationSrv"]["last_name"]); Session.Add("username", loginModel.Username); Session.Add("email", JsonObject["DSCAuthenticationSrv"]["email"]); string role = (from r in db.OBS_ROLE join ur in db.OBS_USER_ROLE on r.obs_role_id equals ur.obs_role_id join ua in db.OBS_USER_AUTH on ur.obs_user_auth_id equals ua.obs_user_auth_id where ua.obs_user_auth_dsc_ad_name == loginModel.Username && r.obs_role_active_yn=="Y" && ua.obs_user_auth_active_yn =="Y" && ur.obs_user_role_eff_start_dt<= DateTime.Now && ur.obs_user_role_eff_end_dt>DateTime.Now select r.obs_role_name).FirstOrDefault(); if(!String.IsNullOrEmpty(role)) { Session.Add("role", role); } else { Session.Add("role", "Not Authorized"); } return true; /// Authenticasion was sucessful!! } else { ViewBag.errorMessage = JsonObject["message"]; ModelState.AddModelError("", JsonObject["message"]); return false; } }//end of try catch (Exception ex) { //WebResponse errorResponse = ex.Response; //using (Stream responseStream = errorResponse.GetResponseStream()) //{ // StreamReader reader = new StreamReader(responseStream, System.Text.Encoding.GetEncoding("utf-8")); // errorJsonString = reader.ReadToEnd(); //}//end of using //JavaScriptSerializer ScriptSerializer = new JavaScriptSerializer(); //dynamic JsonObject = ScriptSerializer.Deserialize<Dictionary<string, string>>(errorJsonString); ////errorLabel.Text = JsonObject["error"]["message"]; ViewBag.errorMessage = ex.Message; ModelState.AddModelError("", ex.Message); return false; // Failed to authenticate the User }//end of catch }