protected void loginButton_Click(object sender, EventArgs e) { // Reset error labels usernameError.Visible = false; passwordError.Visible = false; loginError.Visible = false; // Check fields string username = usernameField.Text.Trim(); string password = passwordField.Text.Trim(); if (username == "") { usernameError.Visible = true; return; } else if (password == "") { passwordError.Visible = true; return; } // Encrypt password EncryptionLibrary.Encryption crypto = new EncryptionLibrary.Encryption(); string passwordEncrypted = crypto.encrypt(password); // Check credentials in staff XML database try { StaffService.StaffServiceClient staffAuth = new StaffService.StaffServiceClient(); if (!staffAuth.CheckCredential(username, passwordEncrypted)) { loginError.Visible = true; return; } // Authentication successful, store role information string role = staffAuth.GetUserType(username); Session["user_role"] = role; // Set cookie and redirect FormsAuthentication.RedirectFromLoginPage(username, false); } catch (Exception ex) { loginError.Text = "Error authenticating: " + ex.Message; } }
protected void addButton_Click(object sender, EventArgs e) { string username = usernameField.Text.Trim(); string password = passwordField.Text.Trim(); // Check fields if (username == "") { usernameStatus.Text = "Please enter a user name"; return; } else if (password == "") { fullUserStatus.Text = "Please enter a password"; return; } // Attempt to add user try { StaffService.StaffServiceClient staff = new StaffService.StaffServiceClient(); // Encrypt password EncryptionLibrary.Encryption crypto = new EncryptionLibrary.Encryption(); string passwordEncrypted = crypto.encrypt(password); // Add user if (staff.StoreCredential(username, passwordEncrypted, roleDropDown.SelectedItem.Value)) fullUserStatus.Text = "User " + username + " added"; else fullUserStatus.Text = "User " + username + " already exists"; staff.Close(); } catch (Exception ex) { fullUserStatus.Text = "Error adding user"; } }