Exemplo n.º 1
0
        //*********************************************************************
        //
        // Register.aspx
        //
        // This page enables users to register when Forms authentication is
        // enabled.
        //
        //*********************************************************************



        protected void SaveUser(Object s, EventArgs e)
        {
            if (Page.IsValid)
            {
                ITUser objUser = new ITUser();

                objUser.Username = txtUsername.Text;
                objUser.RoleName = Globals.DefaultRoleForNewUser;
                objUser.Email    = txtEmail.Text;
                objUser.Password = txtPassword.Text;

                if (!objUser.Save())
                {
                    lblError.Text = "Could not save user";
                }
                else
                {
                    FormsAuthentication.SetAuthCookie(txtUsername.Text, false);
                    Response.Redirect("~/Issues/IssueList.aspx");
                }
            }
        }
Exemplo n.º 2
0
        protected void SaveUser(Object s, EventArgs e)
        {
            bool isCurrentUser = false;

            if (Page.IsValid)
            {
                ITUser objUser = new ITUser();

                if (UserId != 0)
                {
                    objUser = ITUser.GetUserById(UserId);
                }

                objUser.Username = txtUsername.Text;
                objUser.RoleName = dropRoles.SelectedItem.Text;
                objUser.Email    = txtEmail.Text;

                if (txtPassword.Text != String.Empty)
                {
                    objUser.Password = txtPassword.Text;
                }

                if (!objUser.Save())
                {
                    lblError.Text = "Could not save user";
                }
                else
                {
                    if (IsCurrentUser)
                    {
                        FormsAuthentication.SignOut();
                    }

                    Response.Redirect("UserList.aspx");
                }
            }
        }
Exemplo n.º 3
0
        //*********************************************************************
        //
        // Application_AuthenticateRequest Event
        //
        // If the client is authenticated with the application, then determine
        // which security roles he/she belongs to and replace the "User" intrinsic
        // with a custom IPrincipal security object that permits "User.IsInRole"
        // role checks within the application
        //
        // Roles are cached in the browser in an in-memory encrypted cookie.  If the
        // cookie doesn't exist yet for this session, create it.
        //
        //*********************************************************************

        protected void Application_AuthenticateRequest(Object sender, EventArgs e)
        {
            string userInformation = String.Empty;

            if (Request.IsAuthenticated == true)
            {
                // Create the roles cookie if it doesn't exist yet for this session.
                if ((Request.Cookies[Globals.UserRoles] == null) || (Request.Cookies[Globals.UserRoles].Value == ""))
                {
                    // Retrieve the user's role and ID information and add it to
                    // the cookie
                    ITUser user = ITUser.GetUserByUsername(Context.User.Identity.Name);
                    if (user == null)
                    {
                        // The user was not found in the Issue Tracker database so add them using
                        // the default role.  Specifying a UserID of 0 will result in the user being
                        // inserted into the database.
                        ITUser newUser = new ITUser(DefaultValues.GetUserIdMinValue(), Context.User.Identity.Name, Globals.DefaultRoleForNewUser);
                        newUser.Save();
                        user = newUser;
                    }

                    // Create a string to persist the role and user id
                    userInformation = user.Id + ";" + user.RoleName + ";" + user.Username;

                    // Create a cookie authentication ticket.
                    FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
                        1,                                                      // version
                        User.Identity.Name,                                     // user name
                        DateTime.Now,                                           // issue time
                        DateTime.Now.AddHours(1),                               // expires every hour
                        false,                                                  // don't persist cookie
                        userInformation
                        );

                    // Encrypt the ticket
                    String cookieStr = FormsAuthentication.Encrypt(ticket);

                    // Send the cookie to the client
                    Response.Cookies[Globals.UserRoles].Value   = cookieStr;
                    Response.Cookies[Globals.UserRoles].Path    = "/";
                    Response.Cookies[Globals.UserRoles].Expires = DateTime.Now.AddMinutes(1);

                    // Add our own custom principal to the request containing the user's identity, the user id, and
                    // the user's role
                    Context.User = new CustomPrincipal(User.Identity, user.Id, user.RoleName, user.Username);
                }
                else
                {
                    // Get roles from roles cookie
                    FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(Context.Request.Cookies[Globals.UserRoles].Value);
                    userInformation = ticket.UserData;

                    // Add our own custom principal to the request containing the user's identity, the user id, and
                    // the user's role from the auth ticket
                    string [] info = userInformation.Split(new char[] { ';' });
                    Context.User = new CustomPrincipal(
                        User.Identity,
                        Convert.ToInt32(info[0].ToString()),
                        info[1].ToString(),
                        info[2].ToString());
                }
            }
        }