private void loginButton_Click(object sender, EventArgs e)
{
bool authenticated = false;
if (FormsAuthentication.Authenticate(usernameTextBox.Text, passwordTextBox.Text))
{
authenticated = true;
}
BaseDb db = DbFactory.ConstructDatabase();
if (!authenticated)
{
try
{
authenticated = db.Authenticate(usernameTextBox.Text, passwordTextBox.Text);
}
catch (Exception ex)
{
ErrorMessage.Message = "Ошибка аутентификации: <br /<br />" + ex.Message + "<br />" + ex.Source;
authenticated = false;
}
}
if (authenticated)
{
string roles = db.GetRoles(usernameTextBox.Text).ToString("d");
// Create the authentication ticket and store the roles in the
// custom UserData property of the authentication ticket
FormsAuthenticationTicket authTicket = new
FormsAuthenticationTicket(
1, // version
usernameTextBox.Text, // user name
DateTime.Now, // creation
persistCheckBox.Checked ? DateTime.Now.AddYears(50) : DateTime.Now.AddMinutes(300), //TODO:получать timeout из конфига Expiration
persistCheckBox.Checked, // Persistent
roles); // User data
string encryptedTicket = FormsAuthentication.Encrypt(authTicket);
HttpCookie cook = new HttpCookie(FormsAuthentication.FormsCookieName, //+"Roles",
encryptedTicket);
if (persistCheckBox.Checked)
{
cook.Expires = authTicket.Expiration;
}
Response.Cookies.Add(cook);
Response.Redirect(FormsAuthentication.GetRedirectUrl(
usernameTextBox.Text,
persistCheckBox.Checked));
//FormsAuthentication.RedirectFromLoginPage(usernameTextBox.Text, persistCheckBox.Checked);
}
else
{
ErrorMessage.Message = "<b>Логин или пароль неверен</b>, пожалуйста, введите снова.<br/> Возможно, Вы не зарегистрированы - <a href=\"edituser.aspx\">сделайте это</a>";
}
db.Close();
}
private void oldpassValidator_ServerValidate(object source, ServerValidateEventArgs args)
{
if (oldpassTextBox.Text != "")
{
BaseDb db = DbFactory.ConstructDatabase();
args.IsValid = db.Authenticate(Page.User.Identity.Name, oldpassTextBox.Text);
db.Close();
}
}
