public async Task <IActionResult> Login(string Login, string Password) //TODO: user service to do this work { var enc = new ServerEncryptor(Password); //md-hash encryptor var pass = enc.Hash; var selUser = await db.Users.SingleOrDefaultAsync(u => u.Login == Login); if (selUser.Password.ToString() == pass.ToString()) { ViewBag.Login = Login; enc.GetHash(Login + DateTime.Now.ToString()); var sessionId = enc.Hash; var sessionIdStr = Encoding.UTF8.GetString(sessionId); var encCookie = new ServerEncryptor(Login + DateTime.Now.ToString() + "sdsd" + "random string" + "54POdsxc"); var cookie = encCookie.Hash; var cookieStr = Encoding.UTF8.GetString(cookie); HttpContext.Session.SetString("sessionId", sessionIdStr); //save session HttpContext.Session.SetString("userId", Convert.ToString(selUser.Id)); //save user id in session selUser.CookieAuthToken = cookie; //save cookies on client and server for every auth HttpContext.Response.Cookies.Append("cookieAuth", cookieStr); HttpContext.Response.Cookies.Append("userId", Convert.ToString(selUser.Id)); if (selUser.IsFirstAuth) { selUser.IsFirstAuth = false; } HttpContext.Session.GetString("sessionId"); selUser.SessionId = sessionId; await db.SaveChangesAsync(); return(View("~/Views/Auth/LoginSuccess.cshtml")); } else { return(View()); } }
public IActionResult Register(string Login, string Password, string RPassword) { if (Password == RPassword) { var user = new User { Login = Login }; var enc = new ServerEncryptor(Password); user.Password = enc.Hash; db.Users.Add(user); db.SaveChanges(); ViewBag.Login = user.Login; } else { return(View()); } return(View("~/Views/Auth/RegisterSuccess.cshtml")); }
public override void OnActionExecuting(ActionExecutingContext context) { #region CookieAndSession var sessionId = HttpContext.Session.GetString("sessionId"); var userId = HttpContext.Session.GetString("userId"); var cookieAuth = HttpContext.Request.Cookies["cookieAuth"]; var userIdC = HttpContext.Request.Cookies["userId"]; string cookieAuthDB = ""; string message; var selUser = db.Users.SingleOrDefault(u => u.Id == Convert.ToInt32(userId)); if (selUser == null) { selUser = db.Users.SingleOrDefault(u => u.Id == Convert.ToInt32(userIdC)); } try { cookieAuthDB = Encoding.UTF8.GetString(selUser.CookieAuthToken); } catch { message = "cookie not set"; } if (selUser != null) { var sessionIdDB = Encoding.UTF8.GetString(selUser.SessionId); if (!String.IsNullOrEmpty(sessionId)) { if (sessionId == sessionIdDB) { ViewBag.Login = selUser.Login; } } else { if (cookieAuthDB == cookieAuth) { ViewBag.Login = selUser.Login; var enc = new ServerEncryptor(selUser.Login + DateTime.Now.ToString());//md-hash encryptor var sessionId_b = enc.Hash; selUser.SessionId = sessionId_b;//set new session } } } #endregion #region Cart var cart = HttpContext.Request.Cookies["order-id"];//TODO: if order is done clear cookie cart if (!(String.IsNullOrEmpty(cart))) { ViewBag.cartNotEmpty = true; } else { ViewBag.cartNotEmpty = false; } #endregion base.OnActionExecuting(context); }