Пример #1
0
        public ActionResult CekLogin(string userid, string Password)
        {
            if (ModelState.IsValid)
            {
                LoginService loginService = new LoginService();
                UserProfile  userProfile  = loginService.CekLogin(userid, Password);


                if (userProfile != null && !string.IsNullOrEmpty(userProfile.GlobalID))
                {
                    WindowsIdentity identity = Request.LogonUserIdentity;
                    userProfile.GlobalID        = userid;
                    userProfile.WindowsLogin    = identity.Name;
                    userProfile.IPAddress       = GetIPAddress();
                    userProfile.WebBrowser      = GetBrowser();
                    userProfile.ApplicationMode = APP.Framework.Enumeration.ApplicationMode.Testing;
                    //userProfile.DebuggerID = "simulateUser";
                    userProfile.DeviceID = "deviceID";

                    applAppService = new ApplAppService(userProfile);

                    MsUserAppService msUserAppService = new MsUserAppService(userProfile);
                    List <MsUser>    msUserLst        = msUserAppService.GetMsUserList().Where(x => x.UserID.Equals(userProfile.GlobalID)).ToList();
                    string           userRole         = "";
                    foreach (var item in msUserLst)
                    {
                        if (userRole != "")
                        {
                            userRole += "+";
                        }
                        userRole += item.UserRoleID + "|" + item.UserID + "|" + item.FullName;
                    }
                    //to be retrieved from DB
                    if (userRole == "")
                    {
                        Error("you do not have permission to access this application");
                        return(RedirectToAction("Index"));
                    }
                    else
                    {
                        FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket(2,
                                                                                             userProfile.GlobalID, DateTime.Now, DateTime.Now.Add(FormsAuthentication.Timeout), false, userRole);

                        string encryptedTicket = FormsAuthentication.Encrypt(authTicket);


                        HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket);
                        FormsAuthentication.SetAuthCookie(userProfile.GlobalID, false);


                        authCookie.Expires = authTicket.Expiration;
                        Response.Cookies.Add(authCookie);

                        userActivity.Action      = "Login";
                        userActivity.FormName    = "Login.aspx";
                        userActivity.Description = "Login Success";
                        applAppService.LogUserActivity(userActivity);
                    }

                    Session["UserProfile"] = userProfile;
                }
                else
                {
                    Error("Login Failed, Please Check User Name and Password");
                    return(RedirectToAction("Index"));
                }
            }
            else
            {
                Error("Login Failed, Please Check User Name and Password");
                return(RedirectToAction("Index"));
            }


            Success("Login Success");

            return(RedirectToAction("Index", "Home"));
        }