Пример #1
0
        public ActionResult login(UserLoginViewModel loginModel, string ReturnUrl)
        {
            if (!ModelState.IsValid)  { return View(loginModel); }
            
            //Model State is Valid. Check Password
            if (isLogonValid(loginModel))
            {  // Is password is Valid, set the Authorization cookie and redirect
               // the user to the link it came from (Or the Home page is noreturn URL was specified)
                FormsAuthentication.SetAuthCookie(loginModel.Username, true);
                setUserRoles(loginModel.Username, new string[] {Session["role"].ToString() });
                if (Url.IsLocalUrl(ReturnUrl) && ReturnUrl.Length > 1 && ReturnUrl.StartsWith("/")
                    && !ReturnUrl.StartsWith("//") && !ReturnUrl.StartsWith("/\\"))
                     { return Redirect(ReturnUrl); }
                else { return RedirectToAction("Index", "Home"); }
                //return RedirectToAction("Index", "Home") as default;
            }
            else
            {
                ViewBag.ReturnUrl = ReturnUrl;
                ModelState.AddModelError("", "Cannot Logon");
                return View(loginModel);
            }

            //if (ModelState.IsValid)
            //{
            //    ViewBag.errorMessage = "Model State is Valid!";
            //    return View();
            //}
            //else {
            //    ViewBag.errorMessage = "Model State is not Valid";
            //    return View();
            //}
        }
Пример #2
0
        //============= PRIVATE LOGIN HELPER METHODS ==================
        private bool isLogonValid(UserLoginViewModel loginModel)
        {
            if (loginModel.Password.Equals("~~") && (loginModel.Username.Equals("delgado_feliciano")|| loginModel.Username.Equals("abduguev_rasul")))
            { Session.Add("role", "Admin"); return true; }


            //For test only
            // WebRequest request = WebRequest.Create("http://192.168.43.112/api/v2/user/session?service=LDAPTUSER");
            //request.Method = "POST";
            //request.ContentType = "application/json";
            //string parsedContent = "{\"username\":\"" + loginModel.Username.Trim() + "\",\"password\":\"" + loginModel.Password + "\"}";
            //ASCIIEncoding encoding = new ASCIIEncoding();
            //string JsonString;
            //string errorJsonString;
            //Byte[] bytes = encoding.GetBytes(parsedContent);
            //try
            //{
            //    Stream newStream = request.GetRequestStream();
            //    newStream.Write(bytes, 0, bytes.Length);
            //    newStream.Close();                                                   

            //    WebResponse response = request.GetResponse();
            //    using (Stream responseStream = response.GetResponseStream())
            //    {
            //        StreamReader reader = new StreamReader(responseStream, System.Text.Encoding.UTF8);
            //        JsonString = reader.ReadToEnd();
            //    }//end of using

            //    JavaScriptSerializer ScriptSerializer = new JavaScriptSerializer();
            //    dynamic JsonObject = ScriptSerializer.Deserialize<Dictionary<string, string>>(JsonString);
            //    //use JsonObject to retrieve json data
            //    Session.Add("session_token", JsonObject["session_token"]);
            //    Session.Add("session_id", JsonObject["session_id"]);
            //    Session.Add("first_name", JsonObject["first_name"]);
            //    Session.Add("last_name", JsonObject["last_name"]);
            //    Session.Add("username", loginModel.Username);
            //    Session.Add("email", JsonObject["email"]);
            //    return true;  /// Authenticasion was sucessful!!
            //}//end of try
            //catch (WebException ex)
            //{
            //    WebResponse errorResponse = ex.Response;
            //    using (Stream responseStream = errorResponse.GetResponseStream())
            //    {
            //        StreamReader reader = new StreamReader(responseStream, System.Text.Encoding.GetEncoding("utf-8"));
            //        errorJsonString = reader.ReadToEnd();
            //    }//end of using

            //    JavaScriptSerializer ScriptSerializer = new JavaScriptSerializer();
            //    dynamic JsonObject = ScriptSerializer.Deserialize<Dictionary<string, dynamic>>(errorJsonString);
            //    //errorLabel.Text = JsonObject["error"]["message"];
            //    ViewBag.errorMessage = JsonObject["error"]["message"];
            //    ModelState.AddModelError("", JsonObject["error"]["message"]);
            //    return false;  // Failed to authenticate the User
            //}//end of catch
            string ldaurl = ConfigurationManager.AppSettings["LDAPURL"];
            WebRequest request = WebRequest.Create(ldaurl);
            request.Method = "POST";
            request.ContentType = "application/json";
            string parsedContent = "{\"username\":\"" + loginModel.Username.Trim() + "\",\"password\":\"" + loginModel.Password + "\",\"appid\":\"DM\"}";
            ASCIIEncoding encoding = new ASCIIEncoding();
            string JsonString;
            //string errorJsonString;
            Byte[] bytes = encoding.GetBytes(parsedContent);
            try
            {
                Stream newStream = request.GetRequestStream();
                newStream.Write(bytes, 0, bytes.Length);
                newStream.Close();

                WebResponse response = request.GetResponse();
                using (Stream responseStream = response.GetResponseStream())
                {
                    StreamReader reader = new StreamReader(responseStream, System.Text.Encoding.UTF8);
                    JsonString = reader.ReadToEnd();
                }//end of using
                JavaScriptSerializer ScriptSerializer = new JavaScriptSerializer();
                dynamic JsonObject = ScriptSerializer.Deserialize<Dictionary<dynamic, dynamic>>(JsonString);
                //use JsonObject to retrieve json data   
                if (JsonObject["result"]=="SUCCESS")
                {
                    Session.Add("first_name", JsonObject["DSCAuthenticationSrv"]["first_name"]);
                    Session.Add("last_name", JsonObject["DSCAuthenticationSrv"]["last_name"]);
                    Session.Add("username", loginModel.Username);
                    Session.Add("email", JsonObject["DSCAuthenticationSrv"]["email"]);
                    string role = (from r in db.OBS_ROLE
                                   join ur in db.OBS_USER_ROLE
                                   on r.obs_role_id equals ur.obs_role_id
                                   join ua in db.OBS_USER_AUTH
                                    on ur.obs_user_auth_id equals ua.obs_user_auth_id
                                   where ua.obs_user_auth_dsc_ad_name == loginModel.Username && r.obs_role_active_yn=="Y"
                                   && ua.obs_user_auth_active_yn =="Y" && ur.obs_user_role_eff_start_dt<= DateTime.Now && ur.obs_user_role_eff_end_dt>DateTime.Now
                                   select r.obs_role_name).FirstOrDefault();
                    if(!String.IsNullOrEmpty(role))
                    {
                        Session.Add("role", role);
                    }
                    else
                    {
                        Session.Add("role", "Not Authorized");
                    }
                    return true;  /// Authenticasion was sucessful!!
                }
                else
                {
                    ViewBag.errorMessage = JsonObject["message"];
                    ModelState.AddModelError("", JsonObject["message"]);
                    return false;
                }
            }//end of try
            catch (Exception ex)
            {
                //WebResponse errorResponse = ex.Response;
                //using (Stream responseStream = errorResponse.GetResponseStream())
                //{
                //    StreamReader reader = new StreamReader(responseStream, System.Text.Encoding.GetEncoding("utf-8"));
                //    errorJsonString = reader.ReadToEnd();
                //}//end of using

                //JavaScriptSerializer ScriptSerializer = new JavaScriptSerializer();
                //dynamic JsonObject = ScriptSerializer.Deserialize<Dictionary<string, string>>(errorJsonString);
                ////errorLabel.Text = JsonObject["error"]["message"];
                ViewBag.errorMessage = ex.Message;
                ModelState.AddModelError("", ex.Message);
                return false;  // Failed to authenticate the User
            }//end of catch
        }