public ActionResult Login(LoginViewModel viewModel) { GRINUser grinUser = null; ResultContainer resultContainer = new ResultContainer(); try { resultContainer = _securityService.Login(viewModel.UserName, viewModel.Password, out grinUser); if (resultContainer.ResultCode == LoginResult.SUCCESS.ToString()) { log.Info("USER LOGGED IN: " + grinUser.UserName); Session["AUTHENTICATED_USER"] = grinUser; } else { throw new AuthenticationException(resultContainer.ResultCode); } } catch (AuthenticationException aex) { log.Error(aex.Message); viewModel.Status = resultContainer.ResultCode; viewModel.ErrorMessage = resultContainer.ResultDescription; return(View("~/Views/Admin/Login.cshtml", viewModel)); } catch (Exception ex) { log.Error(ex.Message + ", " + ex.StackTrace); return(RedirectToAction("Login", "Admin", new { loginStatus = LoginStatusEnum.ERROR })); } return(RedirectToAction("Index", "Admin", new { loginStatus = LoginResult.SUCCESS.ToString(), Area = "" })); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { GRINUser authenticatedUser = filterContext.HttpContext.Session["AUTHENTICATED_USER"] as GRINUser; if (authenticatedUser == null) { filterContext.Result = new RedirectToRouteResult(new System.Web.Routing.RouteValueDictionary(new { controller = "Admin", action = "Login" })); } base.OnActionExecuting(filterContext); }
public GRINUser Find(string userName) { GRINUser grinUser = new GRINUser(); var users = _dataContext.usp_User_Search(userName).ToList(); if (users.Count() > 0) { var user = users.First(); grinUser = new GRINUser(); grinUser.ID = user.sys_user_id; grinUser.UserName = user.user_name; grinUser.Password = user.password; } return(grinUser); }
public ResultContainer Login(string userName, string password, out GRINUser user) { string hashedPassword = String.Empty; ResultContainer resultContainer = new ResultContainer(); bool passwordIsValid = false; UserRepository _repository = new UserRepository(); user = new GRINUser(); try { user = _repository.Find(userName); if (user.ID == 0) { resultContainer.ResultCode = LoginResult.USER_NOT_FOUND.ToString(); resultContainer.ResultDescription = String.Format("The user {0} does not exist.", userName); return(resultContainer); } hashedPassword = Crypto.HashText(password); passwordIsValid = (validateHashedPassword(password, user.Password) || validateHashedPassword(hashedPassword, user.Password)); if (passwordIsValid) { resultContainer.ResultCode = LoginResult.SUCCESS.ToString(); } else { resultContainer.ResultCode = LoginResult.INVALID_PASSWORD.ToString(); resultContainer.ResultDescription = "Your password is invalid."; return(resultContainer); } } catch (Exception aex) { resultContainer.ResultCode = aex.Message; resultContainer.ResultDescription = aex.StackTrace; } return(resultContainer); }