public void Page_Init(object sender, EventArgs e)
{
if (Settings.ForceSsL == "Yes")
{
if (!HttpContext.Current.Request.IsSecureConnection)
{
var root = Request.Url.GetLeftPart(UriPartial.Authority);
root = root + Page.ResolveUrl("~/");
root = root.Replace("http://", "https://");
Response.Redirect(root);
}
}
//login attempt through query string
//can't really say I recommend this but someone asked for it
if (Request.QueryString["password"] != null)
{
var auth = new Authenticate();
var validationResult = auth.GlobalLogin(Request.QueryString["username"], Request.QueryString["password"], "Web");
if (validationResult.IsValid)
{
var cloneDeployUser = BLL.User.GetUser(Request.QueryString["username"]);
cloneDeployUser.Salt = "";
cloneDeployUser.Password = "";
Session["CloneDeployUser"] = cloneDeployUser;
FormsAuthentication.SetAuthCookie(cloneDeployUser.Name, false);
Response.Redirect(Request.Url.GetLeftPart(UriPartial.Path),true);
}
}
if (!Request.IsAuthenticated)
Response.Redirect("~/", true);
}
protected void CrucibleLogin_Authenticate(object sender, AuthenticateEventArgs e)
{
var auth = new Authenticate();
var validationResult = auth.GlobalLogin(CrucibleLogin.UserName, CrucibleLogin.Password, "Web");
if ((validationResult.IsValid))
{
var cloneDeployUser = BLL.User.GetUser(CrucibleLogin.UserName);
cloneDeployUser.Salt = "";
cloneDeployUser.Password = "";
Session["CloneDeployUser"] = cloneDeployUser;
e.Authenticated = true;
}
else
{
e.Authenticated = false;
lblError.Text = validationResult.Message;
lblError.Visible = true;
}
}