Пример #1
0
        public JSONUser UserGET(string username, string password)
        {
            JSONUser user = new JSONUser();

            try
            {
                User u = new User();
                u.Authenticate(username, password);
                FormsAuthentication.SetAuthCookie(username, false);
                Log("HAP+ App Logon", "Home Access Plus+ Logon\n\nUsername: " + username, System.Diagnostics.EventLogEntryType.Information);
                user.Token2     = HttpContext.Current.Response.Cookies[FormsAuthentication.FormsCookieName].Value;
                user.Token1     = TokenGenerator.ConvertToToken(password);
                user.Username   = u.UserName;
                user.FirstName  = u.FirstName;
                user.isValid    = true;
                user.Token2Name = FormsAuthentication.FormsCookieName;
                user.SiteName   = hapConfig.Current.School.Name;
            }
            catch (Exception e) { user.Token2 = e.ToString(); user.isValid = false; }
            return(user);
        }
Пример #2
0
 public override bool ValidateUser(string username, string password)
 {
     try
     {
         User u = new User();
         u.Authenticate(username, password);
         var config = System.Web.Configuration.WebConfigurationManager.GetSection("system.web/authorization") as AuthorizationSection;
         foreach (AuthorizationRule rule in config.Rules)
         {
             if (rule.Action == AuthorizationRuleAction.Deny)
             {
                 if (rule.Roles != null)
                 {
                     foreach (string s in rule.Roles)
                     {
                         if (s != "?" && new RoleProvider().IsUserInRole(u.UserName, s))
                         {
                             throw new UnauthorizedAccessException();
                         }
                     }
                 }
                 if (rule.Users != null)
                 {
                     foreach (string s in rule.Users)
                     {
                         if (s != "*" && u.UserName.ToLower().Equals(s))
                         {
                             throw new UnauthorizedAccessException();
                         }
                     }
                 }
             }
         }
         return(true);
     }
     catch
     {
         return(false);
     }
 }