public static string LoginUser(string username, string password, bool rememberMe)
{
if (IsAuthenticated(username, password))
{
//login ok, uzmi korisnika i spremi u session
var user = DbUser.Load(username);
if (user != null)
{
var timeout = DateTime.Now.AddMinutes(20);
if (rememberMe)
{
timeout = DateTime.Now.AddYears(1);
}
FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(1, username, DateTime.Now, timeout, rememberMe, user.Permission.ToString());
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
if (rememberMe)
{
authCookie.Expires = authTicket.Expiration;
}
HttpContext.Current.Response.Cookies.Add(authCookie);
var url = "Home.aspx";
if (HttpContext.Current.Request.QueryString["ReturnUrl"] != null)
{
url = HttpContext.Current.Request.QueryString["ReturnUrl"];
}
return(url);
}
}
return("error");
}
private static bool IsAuthenticated(string username, string password)
{
var user = DbUser.Load(username);
if ((user != null) && (user.Password.Length > 0))
{
return(String.Compare(password, user.Password, false) == 0);
}
return(false);
}
protected void Page_Load(object sender, EventArgs e)
{
if (!HttpContext.Current.User.Identity.IsAuthenticated)
{
Response.Redirect("Login.aspx?ReturnUrl=Companies.aspx");
return;
}
var id = (FormsIdentity)HttpContext.Current.User.Identity;
var username = id.Ticket.Name;
Home.AppUser = DbUser.Load(username);
if (Home.AppUser == null)
{
Response.Redirect("Login.aspx?ReturnUrl=Companies.aspx");
return;
}
}
protected void Application_AuthenticateRequest(object sender, EventArgs e)
{
HttpCookie authCookie = Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
var username = authTicket.Name;
var user = DbUser.Load(username);
if ((user != null) && (user.Deleted == 0))
{
var id = new FormsIdentity(authTicket);
var principal = new GenericPrincipal(id, null);
Context.User = principal;
}
}
}