public ActionResult Index(AppLogin login)
{
if (this.ModelState.IsValid)
{
DBLoginRepository loginRepository = new DBLoginRepository(this.DatabaseContext);
DBEditorRepository editorRepository = new DBEditorRepository(this.DatabaseContext);
DBEditor editor = editorRepository.Find(login.Username);
if (editor != null && login.Username == editor.Username && PasswordHasher.Hash(login.Password, editor.PasswordSalt) == editor.PasswordHash)
{
DBLogin dBLogin = new DBLogin()
{
IDEditor = editor.ID, UserAgent = Request.UserAgent, UserIP = IPObtainer.GetIP(), UTCLogoutTime = DateTime.UtcNow.AddMinutes(10)
};
loginRepository.Add(dBLogin, true);
this.Session["authorized"] = dBLogin;
return(RedirectToAction("Index", "Admin"));
}
else
{
return(View()); //neexistuje nebo nesedí přihlašovací údaje
}
}
return(View());
}
internal void ReauthorizeLogin(HttpSessionStateBase httpSession)
{
DBLoginRepository loginRepository = new DBLoginRepository(this.DatabaseContext);
DBLogin login = loginRepository.Find((httpSession["authorized"] as DBLogin).ID);
login.UTCLogoutTime = DateTime.UtcNow.AddMinutes(10);
loginRepository.Update(login, true);
httpSession["authorized"] = login;
}
public ActionResult Logout()
{
if (this.Session["authorized"] != null)
{
DBLoginRepository loginRepository = new DBLoginRepository(this.DatabaseContext);
DBLogin login = loginRepository.Find((this.Session["authorized"] as DBLogin).ID);
login.UTCLogoutTime = DateTime.UtcNow;
loginRepository.Update(login, true);
this.Session["authorized"] = null;
}
return(View("Index"));
}
public ActionResult DeleteLogin(int id)
{
if (this.Authorizer.IsLogedIn(this.Session, this.Request))
{
this.Authorizer.ReauthorizeLogin(this.Session);
DBLoginRepository repository = new DBLoginRepository(this.DatabaseContext);
DBLogin login = repository.Find(id);
if ((this.Session["authorized"] as DBLogin).ID != id)
{
repository.Remove(login, true);
}
return(RedirectToAction("Logins"));
}
return(RedirectToAction("Index", "Login"));
}
