public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return(View(model)); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var userService = new UserService(); var user = userService.VerifyUser(model.UserName, model.Password); var result = user != null ? SignInStatus.Success : SignInStatus.Failure; switch (result) { case SignInStatus.Success: Response.Cookies["User"]["Email"] = user.Email; //Response.Cookies["User"]["FirstName"] = user.FirstName; //Response.Cookies["User"]["LastName"] = user.LastName; Response.Cookies["User"]["Role"] = user.Role != "Admin" ? "Customer" : "Admin"; //Response.Cookies["User"].Expires = DateTime.Now.AddHours(1); FormsAuthenticationTicket ticket = new FormsAuthenticationTicket( 1, user.Email, DateTime.Now, DateTime.Now.AddMinutes(60), true, user.Role.ToString(), FormsAuthentication.FormsCookiePath); string hash = FormsAuthentication.Encrypt(ticket); HttpCookie cookie = new HttpCookie(FormsAuthentication.FormsCookieName, hash); if (ticket.IsPersistent) { cookie.Expires = ticket.Expiration; } Response.Cookies.Add(cookie); var sm = new UserSecurityManager(); sm.AuthorizeUser(user); FormsAuthentication.SetAuthCookie(model.UserName, true); Session["MyMenu"] = null; if (Session["Checkout"] != null) { if (Session["Checkout"].ToString() == "FromCheckout") { return(RedirectToAction("Purchase", "Checkout")); } } return(RedirectToAction("Index", "Admin")); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid login attempt."); return(View(model)); } }
/// <summary> /// For different user-types, basic- or super-user, we need to use a different set of authenticator/authorizer. So in the 'UserSecurityManager'-class, we switch on user-types and instantiate the appropriate authenticator and authorizer objects as needed. This works, but has the code-smell to it... New user-type permutations will have us open up this code again and then some. /// </summary> public static void Main() { var basicUser = User.CreateUser("Arnold Schwarzenegger", "IllBeBack", UserTypeEnum.BasicUser); UserSecurityManager userSecurityManager = new UserSecurityManager(basicUser.UserType); userSecurityManager.PerformUserSecurityOperations(basicUser); var superUser = User.CreateUser("Clint Eastwood", "MakeMyDayPunk", UserTypeEnum.SuperUser); userSecurityManager = new UserSecurityManager(superUser.UserType); userSecurityManager.PerformUserSecurityOperations(superUser); // Lab1: Implement the design pattern-solution; create an abstract factory that facilitates the instantiational logic. }
public static void Main() { var basicUser = User.CreateUser("Arnold Schwarzenegger", "IllBeBack", UserTypeEnum.BasicUser); UserSecurityManager userSecurityManager = new UserSecurityManager(basicUser.UserType); userSecurityManager.PerformUserSecurityOperations(basicUser); var superUser = User.CreateUser("Clint Eastwood", "MakeMyDayPunk", UserTypeEnum.SuperUser); userSecurityManager = new UserSecurityManager(superUser.UserType); userSecurityManager.PerformUserSecurityOperations(superUser); // Lab1: Implement the design pattern-solution, instead of the below code-smelly one. }
private void IsStaffUserCheck() { bool isStaffUser = IsStaffUserRadioButtonList.SelectedValue == "1"; //Set the visibility of the controls. CompanyNameTextBox.Visible = !isStaffUser; CompanyDropDownList.Visible = isStaffUser; if (!isStaffUser) { CompanyNameTextBox.Enabled = true; Company ac = UserSecurityManager.GetCompanyByDomain(EmailTextBox.Text.Trim()); CompanyNameTextBox.Text = ac.Name; } }
public IdentityUnitOfWork(string connectionString) { _db = new IdentityContext(connectionString); _userManager = new UserSecurityManager(new UserStore <UserSecurity>(_db)); _roleManager = new ApplicationRoleManager(new RoleStore <ApplicationRole>(_db)); }