public override void OnResultExecuting(ResultExecutingContext filterContext) { if (filterContext.RequestContext.HttpContext.Request.IsAuthenticated) { string clientIp = filterContext.RequestContext.HttpContext.Request.ServerVariables["HTTP_X_FORWARDED_FOR"]; if (string.IsNullOrEmpty(clientIp)) { clientIp = filterContext.RequestContext.HttpContext.Request.UserHostAddress; } //string SessionID = filterContext.RequestContext.HttpContext.Session.SessionID; var httpCookie = filterContext.RequestContext.HttpContext.Request.Cookies["ELTSession"]; if (httpCookie != null) { string SessionID = httpCookie.Value; AuthenticationBL sMgr = new AuthenticationBL(); string Msg = ""; bool isUserValid = sMgr.CheckSession(2, filterContext.RequestContext.HttpContext.Session["login_name"].ToString(), Convert.ToInt32(filterContext.RequestContext.HttpContext.Session["elt_account_number"]), "", SessionID, filterContext.RequestContext.HttpContext.Request.Url.PathAndQuery, out Msg); if (!isUserValid) { try { HttpContext.Current.Response.Redirect("~/Account/LogOff?Msg=" + Msg); } catch (Exception) { }//There are casese when Redirection already took place. In this case, the redirection will not work. } } } base.OnResultExecuting(filterContext); }
public ActionResult SignOut() { AuthenticationBL sMgr = new AuthenticationBL(); string Msg = ""; var httpCookie = Request.Cookies["ELTSession"]; sMgr.CheckSession(3, Session["login_name"].ToString(), Convert.ToInt32(Session["elt_account_number"]), "", httpCookie.Value, "", out Msg); WebSecurity.Logout(); authBL.PerformDBLogOutFromLegacyASPNET(); return(RedirectToAction("Index", "Home")); }
private ActionResult DoLogin(LoginModel model) { AuthenticationBL sMgr = new AuthenticationBL(); string Msg = ""; Session["login_name"] = model.UserName; var sessionId = Guid.NewGuid().ToString(); Response.Cookies.Add(new HttpCookie("ELTSession", sessionId)); bool isUserValid = sMgr.CheckSession(1, model.UserName, Convert.ToInt32(model.ELT_account_number), "", sessionId, Request.Url.PathAndQuery, out Msg); if (!isUserValid) { ModelState.AddModelError("", Msg); return(View(model)); //There are casese when Redirection already took place. In this case, the redirection will not work. } System.Web.HttpContext.Current.Session["elt_account_number"] = model.ELT_account_number; return(RedirectToAction("UserLandingPage", model)); }