protected void Page_Init(object sender, EventArgs e) { // Check the IP to make sure traffic originates from within our network if ( !( (Request.ServerVariables["REMOTE_ADDR"].Contains("127.0.0.1")) || (Request.ServerVariables["REMOTE_ADDR"].Contains("::1")) ) ) { if (!Request.ServerVariables["REMOTE_ADDR"].StartsWith(Settings.localNetworkChunk)) { Response.Redirect(Request.Url.GetLeftPart(UriPartial.Authority) + HttpContext.Current.Request.ApplicationPath + Settings.outsideErrorMessage); Response.End(); } } // API keys are not valid for these sites anymore, so we don't need to look for one here // Check for an authentication cookie and see if it is valid string userSessionID = Settings.getSessionIDFromCookies(Settings.logonCookieName, Request); if (!string.IsNullOrEmpty(userSessionID)) { LoginSessionRepository loginRepository = new LoginSessionRepository(); loggedInUser = loginRepository.Get(userSessionID, Request.ServerVariables["REMOTE_ADDR"], Request.ServerVariables["HTTP_USER_AGENT"]); } // If the cookie exists, and the ID contained in it corresponds to a valid session, "loggedInUser" will not be null. if (loggedInUser == null) { string CurrentURL = Request.Url.AbsoluteUri; string LoginURL = Request.Url.GetLeftPart(UriPartial.Authority) + HttpContext.Current.Request.ApplicationPath + Settings.loginURL; // If the application is running in the root, we dont need to include the application path if (HttpContext.Current.Request.ApplicationPath == "/") { LoginURL = Request.Url.GetLeftPart(UriPartial.Authority) + Settings.loginURL; } if (! (CurrentURL.ToLower().Equals(LoginURL.ToLower())) ) { redirectToLogin(); } } else { tblLoggedInUserBanner.Visible = true; lblLoggedInUser_Username.Text = loggedInUser.Username; lblLoggedInUser_SessionEnds.Text = loggedInUser.SessionExpires.ToShortDateString() + " " + loggedInUser.SessionExpires.ToShortTimeString(); } }
protected void Page_Load(object sender, EventArgs e) { // If "Logout" or "Logoff" are in the querystring, log the current session off if ((Request.QueryString.AllKeys.Contains("logoff")) || (Request.QueryString.AllKeys.Contains("logout"))) { if (!string.IsNullOrEmpty(Settings.getSessionIDFromCookies(Settings.logonCookieName, Request))) { LoginSessionRepository loginRepository = new LoginSessionRepository(); loginRepository.Delete(Settings.getSessionIDFromCookies(Settings.logonCookieName, Request)); tblLoggedInUserBanner.Visible = false; redirectToLogin(); } } lblServerTime.Text = DateTime.Now.ToLongDateString() + " - " + DateTime.Now.ToLongTimeString(); }