public bool IsRequestAuthorised(PollEntity poll) { var user = appUserManager.FindById(User.Identity.GetUserId()); if (user != null && poll.UserCreator.Id == user.Id) { return(true); //creator of poll always has access } var privatePollManager = new PrivatePollManager(); if (Request.Cookies["privPoll"] != null && privatePollManager.IsAuthorisedByCookie(Request.Cookies["privPoll"].Value, db)) { Request.Cookies["privPoll"].Expires = DateTime.Now.AddMinutes(10);//updating cookie return(true); } else { return(false); } }
public PollEntity(PollModelView pollModelView, ApplicationUser user) { Question = pollModelView.Question; DateTime = DateTime.Now; UserChecking = pollModelView.UserChecking; View = 0; UserCreator = user; Answers = new List <PollAnswersEntity>(); foreach (var item in pollModelView.Answers) { Answers.Add(new PollAnswersEntity() { Answers = item, Votes = 0, Poll = this }); } if (!string.IsNullOrEmpty(pollModelView.Password)) { var privPollManager = new PrivatePollManager(); Password = privPollManager.HashPassword(pollModelView.Password); } }
public ActionResult PrivatePollAuth(PrivatePollPasswordModelView modelView) { //check if poll exist var poll = db.Polls.Find(modelView.Id); if (poll == null) { return(new HttpNotFoundResult()); } var privatePollManager = new PrivatePollManager(); if (privatePollManager.VerifyPassword(poll.Password, modelView.Password)) { Response.Cookies.Add(privatePollManager.GetSessionCookie(db, poll));//give user session that last 10 minutes return(RedirectToAction("PollVote", "Home", new { @id = modelView.Id })); } else { ModelState.AddModelError("passwdNotValid", "Password is not correct."); return(View(modelView)); } }
public PrivatePollManagerTets() { manager = new PrivatePollManager(); }